Several iOS apps have been found guilty of sharing the location data of users with third parties without their knowledge or consent, once again highlighting how little control people have over their personal data on the Internet.
Apple’s privacy intrusion
The discovery was made by Sudo Security’s Guardian mobile team. Almost 24 different iOS apps were found to be sending the data of users to 12 different companies that reportedly dealt with location data monetization. However, since the 24 apps were discovered only through a random sampling by the team, the possibility that there are several more such apps leaking their user’s data is very high.
“In order to gain initial access to precise data from the mobile device’s GPS sensors, the apps usually present a plausible justification relevant to the app in the Location Services permission dialogue, often with little or no mention of the fact that location data will be shared with third-party entities for purposes unrelated to app operation,” Silicon Republic quotes the Guardian team that conducted the study.
In addition to GPS information, other data that was being shared by the apps included the identifier for advertising (IDFA); cellular network name; information about accelerometer; the status of the battery, including battery charge percentage; cellular network MCC/MNC; and the timestamps that revealed the departure and arrival to a location.
Some of the apps that were involved in sharing user data include NOAA Weather Radar, which provides weather information; ASKfm, which is a teen-focused Q&A app; Perfect365, which is an augmented reality beauty app; and Homes.com, which promises to help users find homes near them. Most of these apps have millions of users.
“I believe people should be able to use any app they wish on their phone without fear that granting access to sensitive data may mean that this data will be quietly sent off to some entity who they do not know and do not have any desire to do business with,” Tech Crunch quotes one of the researchers from the study.
The Google controversy
Apple is just one of the many companies involved in the controversy of misusing user’s location data. Google was recently accused of storing their user’s location data against their express wishes. In fact, a man from San Diego has already filed a lawsuit against the company in this regard.
“Google represented that a user ‘can turn off Location History at any time. With Location History off, the places you go are no longer stored.’ This simply was not true,” Independent quotes the complaint.
The location data of millions of people was apparently collected and stored by Google even though the users had disabled sharing their location history. After the news of Google’s immoral activity broke out, the company quietly changed the wording on its help page to state that the user’s location data may still be stored by the company even if they turn off the location history.
Such blatant misuse of user data by big tech companies has been met with strong protests from internet rights activists who argue for strict punishments for the culprits. And until the governments and courts decide to tighten the law and punish the companies for misusing customer data, online citizens will always be at risk of being sold off to the highest bidder.