Many Apps Are Ignoring Apple’s Policy, Still Collecting Privacy Information

Researchers at UC San Diego have found that many apps collect the iPhone unique identifier (UDID) – despite Apple’s privacy policy. The company has been rejecting apps that collect user UDIDs since May 1, but it appears that at least a third of apps have been shown to do just that.

Starting May 1, the App Store will no longer accept new apps or app updates that access UDIDs. Please update your apps and servers to associate users with the Vendor or Advertising identifiers introduced in iOS 6.

The researchers actually used an app to collect some privacy data – ProtectMYPivacy. The app monitors access from other apps and notifies users who can also choose to block access. On average 40% of apps from users with ProtectMyPrivacy are collecting UDIDs from their devices. According to mobile security expert, Jeremy Linden, apps are choosing to collecting this information because the technology allows them to. However, that all changes this fall because iOS7 eliminates UDID access.

By using the ProtectMyPrivacy app, you’ll be partaking in UC San Diego’s app research, but it’s anonymously encrypted:

Note that providing your data is voluntary and you can decide whether or not you want to contribute your data inside the app. As academic researchers, we are interested in which apps access private information, studying the privacy decisions of users and the effectiveness of our recommendation engine. We reserve the right to publish the results of this study in academic research conferences. Please note, we take your privacy very seriously and therefor all data is anonymous, is transmitted securely over SSL and stored securely.


Recommended articles