WSJ reports smartphone apps can (and do) track user data
The Wall Street Journal has come forward with a lengthy article about Android and iOS applications, and how they transmit your data to advertisement companies. They assembled a selection of 101 smartphone apps (50 Android apps, 50 iOS apps, and the WSJ's iPhone app -- they haven't seen fit to release an Android version just yet) and found that 56 of them transmit unique identifying data from your smartphone. More specifically -- apps are transmitting the unique device ID, age, location, gender, time spent using the app and other possibly personal identifying data. Yes, it's wallpaper-gate all over again. Let's dissect this a bit, after the break. [WSJ.com]
While Google says app makers bear all the responsibility of how their applications handle the data, they do provide all permissions the application requests access to. We've all seen that when we install apps, but let's be honest, most of us click right past. We shouldn't, but we do. So what happens to all this data that gets sent out?
Mobclix, which handles data for more than 15,000 apps over 25 different ad networks, describes it a bit. Basically, they take your device ID, scramble it so it's no longer humanly readable but can be used in a database, then match it against your location and get Neilsen demographic and spending habits data for your area. With this data, they claim to be able to place you in one of 150 "segments" -- categories like "soccer moms," or "die-hard gamers." This lets the ad company know what ads are likely to interest you. Mobclix does say that the categories are broad enough so that you can't be personally identified, and this is about "tracking people better."
Scary stuff? Maybe. But it's pretty familiar, as it's been happening on the Internet for years. Websites use tracking cookies to do the exact same thing, because there's money to be made in it. As a matter of fact, the Wall Street Journal shouldn't be throwing too many stones in this glass house. Michael Learmonth at Advertising Age found that the WSJ installs on average of 60 tracking files (which the WSJ does admit is true, and classifies their site as a "medium" risk) that followed users to sites like car dealerships, Players club, YouTube, SyFy, and more. And one of the Web's (and smartphone apps) biggest offenders, MySpace, is owned by the WSJ's parent company NewsCorp.
So what does all this really tell us? For one, old media will do and say anything to scare people into pulling back from the "digital age," and are some of the biggest online offenders as well. That and you're never alone on the Internet, which we all should know by now. Pay attention to what an app does, ask yourself why an app needs your gender or age, and use some common sense. It's not the end of the world if Paper Toss knows you drive a Toyota, no matter what people like Rupert Murdoch want you to believe.
Get the Android Central Newsletter
Instant access to breaking news, the hottest reviews, great deals and helpful tips.
Jerry is an amateur woodworker and struggling shade tree mechanic. There's nothing he can't take apart, but many things he can't reassemble. You'll find him writing and speaking his loud opinion on Android Central and occasionally on Twitter.
1. reputable web sites usually have privacy policies, but apps almost never have privacy policies
2. some of the user tracking violates the official policies of Apple and Google
3. the apps make little or no attempt to notify users about what is being tracked and also give the user no control over the tracking
4. some of the tracking is anonymized and some is not and there is no way for the user to tell exactly where their information is going Bottom line is that while the existing apps may not be especially evil, there is little to stop evil apps from really taking advantage of this mess. And even a simple error can cause a lot of private information to get leaked.
2. If you read the source article, you'll see this is a bigger "issue" in iOS than it is in Android, with some apps even slipping through Apples strict policies and sharing data that Apple does not allow to be shared. Walled garden only works when the man at the gate does his job.
I am going to start watching more closely.
I lot of this happens with cookies. True, you can clear them after the fact, when it's too late, or turn them off. But if you do, most sites won't work properly.
But cookies don't have my phone number or location, or access to my contacts. In fact, we call things that go after contacts viruses, so as I think about it, I'll be removing most apps that have contacts listed.
Devs, I'd pay you more money directly for a non-sharing version, CAN YOU HEAR ME NOW? ADS
How many of you are on .Facebook, twitter and the likes. How many play things like Mafia wars or even online games through the PS3 or other things. You know how they track you with ezpass and if you pay with a credit card for a MTA metro card. You have no idea how many bad guys we catch like that.
So now just add your apps to the list and one day you might see my black helo over your car.......or house.
For the most part the WSJ article is a load of c&ap!!