The next time you allow an application to access your data from your Facebook profile or phone contacts check the permissions it requires carefully, especially if you are on Apple Inc. (NASDAQ:AAPL) made iPhone or iPad. Nowadays companies have access to almost all your personal information and they can use it to build up a profile about you in ways that you might find hard to believe. Almost 70% of free mobile apps (Android and iOS combined) track your location, while 31% gain access to your address book. However, the associated risk mounts up if you are on Android platform as 77% of free Android apps reportedly track your location against 62% of free iOS apps. Even your contact lists are no longer private with 27% of free Android apps and 35% free iOS apps are trying to gain access to your contacts. Many app developers use third-party code while building their apps not knowing that this information could be leaked because of failure to check security assessments or code review.
While you play games like angry birds on your phone, it’s worth knowing the game also collects data from you and identifies your location so they can target you with ads. The games creators Rovio warns users not to use its services if they do not wish to be the target of ads directed at them. Even simple searches on google for products you are hoping to buy could lead to a flood of advertisements based on your location and history of purchases.
Here are some facts you should know before installing any new free application:
- Free apps are 70% more likely to track your location than paid apps which are 44% likely.
- 31% more likely to access your address book while 22% of paid apps do.
- 53% likely to share your details with ad networks and analytics companies but only 26% of paid apps do such activities.
In the report, released by Appthority, it may come as a surprise to know that the 91% of iOS apps exhibits more risky behaviour while the percentage is relatively lower with Android apps (83%).
From these figures it seems clear that apps collect information for reasons that could bring more indirect benefits to app developers.
The potential for misuse remains particularly high where making calls, access to device camera, and reading text messages is concerned. An application that initiates a phone call can be used to spy on conversations, whereas another application can obtain pictures and photos of areas where the device is present. Sending sms can be a way of getting sensitive information from your mobile.
However while some developers ask for these permissions, they are not clearly communicated to the user how these functions would serve their intended purpose. A game like racing or cards may ask for camera access to allow the users to take screenshots of the game to use as background. A financial services app asks for your phone number to contact local financial services. These are legitimate and sound reasons for asking permissions but miscommunication between consumer and developer could see these permissions being used in possibly unethical and illegal ways.
Apple rules clearly state that apps in the apple store that collect user information without prior intimation are violating its guidelines. No such rules exist on the Google Play store which is an open market with over 950,000 apps, although Google ask developers to clearly explain their permissions.
Here are some examples of apps that have collected data in the recent past without permissions
- Path, a mobile social network uploaded address books to its servers without user’s knowledge.
- Color, a mobile application was found to have to access to microphones without permission.
- Twitters Find friend application can store address books for as long as 18 months
The real danger perhaps is that even though developers specify permissions clearly, how this data is managed and controlled is at their discretion. The chance that this information could be hacked or stolen and sold online is a threat that developers are now waking up to. Several developers have updated their apps to ensure their data remains encrypted. Before new laws are passed to protect user’s privacy developers are already enclosing more permission in their apps and alerting users.
Google has tools that on Android that forces developers to notify people of what data they are trying to access. Only if permission is given the developers can access their data.
In conclusion the standard and rules for smartphones are still being debated fiercely and the user must make smart choices when it comes to knowing what data the app wants to access. Recklessly installing apps without knowing how they might use your information is asking for trouble till stronger regulations and laws are made.