If you thought that using an iPhone or iPad helps you safeguard your personal data and shields you from data miners lurking around in the various app stores, you’re sadly mistaken.
Apple has always said that it puts user security and privacy first!
But when The Wall Street Journal looked into 70 of the most popular iOS apps, it found out that 11 of them were sharing sensitive user data related to their health, location and much more with a company, accused and criticised several times in the past for not taking its users’ privacy seriously, in a covert manner.
Yes, you have guessed it right, it’s Facebook.
Surprisingly enough, such data breaches have now been reported when iOS app users were not even logged in or have any Facebook account.
Et Tu, Apple?
In the aftermath of Cambridge Analytica scandal wherein, Facebook was accused of passing on personal data of 87 million users without their consent, there has been an increased public awareness about the need to prevent the occurrence of such breaches.
Apart from calls for more stringent data privacy laws in various countries, users themselves are becoming increasingly vigilant.
Facebook is already in the thick of controversy for various data breaches. It recently had to pull out the Onavo app using which it had lured in teens to get almost unlimited access to their phones for a paltry $20 per month. But widespread public criticism has done little to dampen Facebook’s efforts directed towards sucking up as much data from any possible source.
Besides Onavo, there are various other apps sharing details about users with Facebook servers every second!
So far, most of the times such reported incidents have been related to Android. Considering the strict Apple’s policy in regards to app development and usage, this is one of those few incidents which have put Apple users’ data privacy on risk.
What’s surprising is that most of the iOS apps that are leaking users data to Facebook are related to Health & Fitness and Real estate.
Let’s talk about a very simple period tracking iOS app Flo Period. Garbed as a health app, users would probably not mind sharing a little with this one without knowing that it goes on to inform Facebook when users are menstruating or trying to get pregnant.
Then there is this heart rate monitoring app which shares users’ heart rates with the social site. The Realtor app shares the listing information checked up by users with Facebook.
These apps use Facebook’s analytics tool called App Events to track user activity and then share it with the social site, thus enabling it to serve highly targeted ads.
“Sharing information across apps on your iPhone or Android device is how mobile advertising works and is industry standard practice,” Facebook said in a statement to CNBC.
It is now fairly common place for tech companies to vacuum out user data. They come up with the most ingenious tricks, games, apps, quizzes, etc. all aimed at harvesting user data.
App developers save this information regarding places frequented by various app users, their holidaying schedules, names of their cell phone operators, location history, heart rates, ovulation history, body weight, blood pressure readings, BMI, et al in their databases and then sell it out to third parties.
Sharing this data with third parties at a later stage too amounts to data breach!
“I believe people should be able to use any app they wish on their phone without fear that granting access to sensitive data may mean that this data will be quietly sent off to some entity who they do not know and do not have any desire to do business with,” as pointed out earlier by Will Strafach, a renowned security researcher.
Most of us already know that many apps send information like when users sign in to their app and what they do inside with the social giant but the revelation that this information can be shared with third parties without even being connected to Facebook on any platform whatsoever comes as the next level shock!
The sad thing is that iOS does not make it mandatory for apps to disclose who all they will be sharing the collected data with.
“When we hear of any developer violating these strict privacy terms and guidelines, we quickly investigate and, if necessary, take immediate action,” an Apple spokesperson told The Wall Street Journal when questioned regarding the same.
At present, users do have the option to block out certain information like contacts and location, etc, from app developers but there isn’t room enough for turning off sharing of more sensitive data like health, fitness, real estate deals, etc.
On the social front too, users have the option to turn off Facebook’s targeted advertising but there is little they can do to prevent apps from sharing their data with the social site!
Given that 6 out of the 11 apps found to be guilty of data sharing by The Wall Street Journal are health and fitness related, users must exercise due caution before they proceed to press the DOWNLOAD button impulsively.
Apple too needs to be more specific regarding data collection and sharing to prevent any such intrusive data (mis) handling in future.