Try to remember the last time you read privacy settings before installing an app, or signing up to a network, a website… and you can’t, right? Well, who does that anyway? Who even has time to read pages and pages of Terms and Conditions AKA the paper that nobody reads? Well, we should.
Whether free or paid, and regardless of the platform, there is no difference, the apps equally spy on us.
An online app risk management company, Appthority, released a new study providing information on potential security risks and threats after analysing the top 400 free and paid iOS and Android apps, and the problem is? Data sharing, as we could suspect. What is at stake? Loss of privacy and security breaches, as we could also suspect. The study, however, reported that paid iOS apps collect more data and share more information with third-party apps than Android apps, though, free apps from both platforms are the most risky. This is what they have found out:
Apps that track user location:
- 82 percent of the top Android free apps and 49 percent of the top Android paid apps
- 50 percent of the top iOS free apps and 24 percent of the top iOS paid apps
Apps that access user address books:
- 30 percent of the top Android free apps and 14 percent of the top Android paid apps
- 26 percent of the top iOS free apps and 8 percent of the top iOS paid apps
Apps that access IMEI/UDIDs:
- 88 percent of the top Android free apps and 65 percent of the top Android paid apps
- 57 percent of the top iOS free apps and 28 percent of the top iOS paid apps
Apps that share user data with social networking sites:
- 73% of the top Android free apps and 43% of the top Android paid apps
- 61% of the top iOS free apps and 53% of the top iOS paid apps
Apps that share user and app data with 3rd party crash reporting:
- 56% of the top Android free apps and 29% of the top Android paid apps
- 48% of the top iOS free apps and 44% of the top iOS paid apps
When it comes to other paid apps, more information is below:
It is obvious why app tracking is valuable, as well as accessing a user’s address book and sharing with social networking sites. When it comes to accessing IMEIs and UDIDs, the concern is even greater; with a unique device identifier, developers can track and watch user behaviour across multiple apps (even if they are using different usernames and passwords) and use those data for third-party advertising and analytics. Apple’s rule of prohibiting developers from using UDIDs to track users is only applied on devices that are running the latest version of iOS. Google also has the rule, and for what?
Still, even though this study doesn’t bring anything new to the table when it comes to general spying, security risks and privacy breaching, the question is: why are we still willing to share our information so easily? Moreover, is there such a thing as a free app today?
Turning Limit Ad Tracking on iOS devices will not spare you from being tracked, but apps are not allowed to do that, supposedly, otherwise they are at risk of being out of the Apple store. Google and Apple agree that this breach of privacy is not acceptable, but it doesn’t seem every developer respects the rules and guidelines. The developers who do can also be targets of hackers’ attacks if not careful enough about the data they have.
And, who are the developers according to the study?
Are you still not sure how much information you share? We use social media to log in into other websites all the time, and if you wish to know more about the data you share, try Social Profile Navigator, a new tool created by Janrain. Once you choose a network or a website, you will be presented with a nodal map of the data you share, and try not to stay shocked, long (certainly delete the app after using it).
If you are sceptic, let me just summarize what Facebook gives: everything. Twitter and Google+ are exposing less data (surprised? I was).
A person’s whole life is on a phone today. The wisest thing would be to create a new username and password next time you log in. And to start reading Terms and Conditions. If you do not protect your data, no service will.