By: Earnest Jones | 11-22-2017 | News
Photo credit:

You’re The Product: Smartphone Apps Are Legally Selling Personal Data Without Your Consent

There’s an old axiom that’s popular amongst privacy advocates: “If you’re not paying, you’re the product.” Your age, interests, purchasing habits, frequented locations, health, and social map are all valuable pieces of information that comprise a digital shadow, which can be packaged, bundled, and sold to the highest bidder.

It’s very inconvenient for one to try figuring out what data an app is collecting before they download. However, many apps engage in irresponsible practices that are worth understanding. Having known how to spot them, you can decide which apps are worth the potential invasion of privacy, and which should be banished from your devices forever.

Take for instance a flashlight app, it’s basically meant to do one simple thing: turn on the LED flash of mobile phones. However, many end up having access to a lot of unnecessary data and phone functions, including users’ calendars, location, and camera.

You ought to be wary of the cartoon game that wants to access your personal photos or the weather app that requires access to your microphone. Uber, for instance, requires access to your location data even when you are not using it unless you turn off location data entirely on your phone.

Information collected by apps is frequently shared with and sold to third parties. This is usually disclosed in the privacy policy if the app actually has one. A 2016 Future of Privacy Forum study showed that at least 24 percent of top apps still do not have a privacy policy.

Although there is a wealth of literature about how terms of service agreements and privacy policies are not often read, they are still critical features as they spell out company commitments and are legally enforceable.

Google has plans underway to eliminate apps that handle personal or sensitive data from Google Play Store if they don’t have privacy policies. SafeGraph was effectively able to look at and analyze 10 million individual mobile phone users and track every one of their locations over the course of Thanksgiving Day 2016. It’s funny how they got 10 million smartphone users to consent to a data-collection firm tracking all their moves.

But the truth is that they didn’t have to do so. This is because of SafeGraph partners with a wide variety of app makers—and leaves the issues of data collection notification and user privacy to the third-party partners.

According to SafeGraph’s privacy policy: “We obtain information from trusted third-party data partners such as mobile application developers, through APIs and other delivery methods. The data collection and use is governed by the privacy policy and legal terms of the data collector and the website using the data; it is not governed by SafeGraph.” In other words, SafeGraph is partnering with apps—they could be weather apps, games, wallpapers, anything—and leaving the disclosure up to the app maker.

App makers only disclose what they’re tracking if they feel like it. In 2013, the U.S. Commerce Department unrolled a purely voluntary, not legally enforceable “privacy code of conduct” for app makers.

It’s unfortunate that we’re accepting the idea that any app maker can track us without our knowledge and consent. We are also accepting the idea that businesses can take our personal data whenever they want and resell it when it suits them—again, without ever telling us.

Uninstalling the apps on our phones isn’t going to keep you out of any of these databases. At this point, what we can do is start looking at consequences.


Share this article
Thoughts on the above story? Comment below!
0 comment/s
What do you think about this article?
Comment *

Recent News

Popular Stories