However, security researchers have come to the realization that app developers are actually gaining more access to our phones and private information than we are aware of. An even bigger source of worry is the fact that more than 1000 apps have been found to access our information and use our data even after denying them permissions. Workout apps, menstrual tracking apps and some apps designed to help you manage your contacts, are a few that have been found to be sharing sensitive information from users to big companies.
Whenever your device sends data, the traffic (signals) are captured and saved. Researchers have tools that allow them to analyze these signals to tell how much information has been sent and where it is going. After critically analyzing these signals, they have found that many apps are sending data that goes beyond what people agree to under privacy policies and permissions requests. “In the end, you’re left with a policy that’s essentially meaningless because it doesn’t describe what’s accurately happening,” said Serge Egelman, director of usable security and privacy research at the International Computer Science Institute.
This research has revealed that sometimes, the data is just headed to advertisers, who think they can use it to sell you products. Phone location data can be a gold mine for advertisers, who tap it to figure out where people are at certain times. But it may also be going to government agencies that use technology to monitor and spy on people using data collected by apps that never disclosed what they were doing. For location dependent apps, even when a phone’s GPS services were turned off, loopholes that allowed data tracking, like collecting location information when a phone connected to a Wi-Fi network were found. A lot more can be said to prove that everyday our private information is being compromised.
WHAT YOU CAN DO
Beyond refusing to download ‘problem apps’, there isn’t much you can do to protect yourself from these trackers. But unless you know which apps to watch out for, this is also just a shot in the dark.
For now, Egelman who we mentioned earlier, has taken his lab’s research tool and turned it into a method that people can use to check for problem apps on their own devices. He however mentioned that it would be unreasonable to expect every single person to suddenly learn how to do network traffic analysis. “If it takes a team of researchers writing their own tools and inspecting network traffic to figure out what apps are doing exactly, certainly it’s not reasonable to expect the average consumer to do that,” Egelman said. He has offered his tools through a startup called AppCensus. This allows you to search apps and see what data is being sent, as well as where it’s being sent. The team is also working on an app that would warn you whenever identifying data is being sent to trackers. Other tools like CharlesProxy are available to download and intercept network traffic from your device. Learning how to use them, however, is more complex.