Mobile Apps the Latest in Data Breach

By Katie Kindelan Comment

Releasing your personal data without your permission? Sorry smartphone users, it looks like there is an app for that. A new report from The Wall Street Journal shows the most popular smartphone apps for both iOS and Android devices share at least some of your personal data without your permission, including gender, location and age.

After examining 101 popular mobile applications for both Android and Apple’s iOS platform, the Wall Street Journal claims over half transmitted a phone’s unique identifier to third parties without users’ permission, and 47 of the apps sent the phone’s location to third parties in some way. Five apps went further, sending users’ gender, age, and other personal data to third parties.

“The findings reveal the intrusive effort by online-tracking companies to gather personal data about people in order to flesh out detailed dossiers on them,” the Wall Street Journal reported.

The results come on the heels of a privacy breach for Google in which researchers found two-thirds of Android apps were using owners’ data in ambiguous ways, including 50 percent that were sending owners’ data to third-party advertisers without requiring user consent.

That study came just ahead of a later report that put the iPhone ahead of the Android in insecurity, finding that 68 percent of the most popular free iPhone apps send data that can be used to identify users and transmit private information to third parties.

In bad news for Apple and its users, the Journal’s study aligned with the latter report, finding, “Among the apps tested, the iPhone apps transmitted more data than the apps on phones using Google Inc.’s Android operating system.”

The Journal’s study of 101 mobile applications found the “leakiest” apps include Pandora, Grind, Paper Toss and TextPlus 4, which sent age, gender, zip codes and user IDs to multiple ad networks.

The most commonly submitted information, usually sent back to either the app maker or, more ominously for users, sold to an ad marketing company, is the phone’s unique user ID number, which can give companies valuable information on what an owner does with his or her phone.

Neither Apple nor Google have yet to respond to the report, even though both companies have consistently claimed that user privacy is a top concern for their platforms.

Almost immediately, opinions varied on what the breach really means for smartphone users, with some experts arguing the case was “overblown,” as user IDs and location don’t do much more than deliver the type of targeted advertising that actually benefits users.

Apple claims it has over 300,000 apps in the App Store, while Android Marketplace hit 100,000 in October.

The Wall Street Journal assembled an interactive graphic that details which apps, out of the 101 put to the test, collect and redistribute data, and which companies receive said data.

But, unfortunately for users, now that you know this information, there isn’t much that can be done. As of now, unlike on your computer, there’s no way to block or detect much of the tracking technology used by apps on mobile devices.

According to follow up reporting from the Journal, “the most important thing a user can do is pay attention to the information each app is requesting.” Click here for more on exactly what settings to look for in your apps.