Apps take advantage of iOS feature to share user data

Apps take advantage of iOS feature to share user data

We often follow cases of apps that take advantage of iOS breaches to store or share user data with other companies, including situations where this information theft is very explicit. However, when one of the features of Ma's own system contributes to this, it is another story.

That's exactly what the The Washington Post discovered during a privacy experiment involving the iPhone. More precisely, testing has revealed that when iOS's “Background Update” option is enabled, some apps use it to regularly send data to tracking companies.

To find out how apps installed on the iPhone react when this option is enabled, the newspaper joined Disconnect privacy company and used the Privacy Pro app to see what these software were doing in a veiled way.

Although at this point in the championship it is not surprising that there are apps that share users' personal information, which draws attention, in this case, the frequency with which these software did; In the case of the experiment in question, these apps could have sent up to 1.5GB of information over a month.

In a single week, I found over 5,400 crawlers, mostly in apps, not including Yelp's incessant traffic. According to the privacy company Disconnect, which helped test my iPhone, these unwanted trackers would have released 1.5 gigabytes of data over a month. That's half of an entire basic AT&T mobile data plan.

Among the apps that have been caught sending background data are OneDrive, Mint, Nike Run Club, Spotify, Weather Channel, Yelp, Citizen and, you see, even The Washington Post!

In the case of the Citizen app, sharing data from iPhones violated their privacy policy and was therefore removed; In parallel, the Yelp app was coming up with new data every five minutes, which the company said was a mistake.

While user privacy should always come first, the use of trackers serves different purposes, some of them positive. In this sense, there are apps that analyze user behavior to reduce advertising campaigns, prevent fraud or even perform a fundamental function of a particular service (Uber, for example, uses the device's location to send a car to the user).

Therefore, not all bad data collection. Still, developers should not store or share this information with other companies. On the other hand, some trackers steal specific information from users (such as email or phone number) without telling them how long this data is stored or with whom it is shared.

The report of Washington post He also points out that there is no way to know which apps make use of trackers and when this data is sent from the iPhone. In this regard, the newspaper questioned Apple about the creation of a possible feature that would allow the user to check which apps are using trackers and for what purpose, but the company provided a “standard” answer:

At Apple, we do a lot to help users keep their data private. Apple hardware and software are designed to provide advanced security and privacy at all levels of the system. For the data and services that applications create on their own, our App Store guidelines require developers to have clearly described privacy policies and to request users to collect data before doing so. When we discover that apps have not followed our guidelines in these terms, we make apps change their practices or prevent them from being in the store.

Update on 2 Plan

For those concerned with sending background data, you can disable the feature in General Settings 2-Plan UpdateBy selecting the “Inactive” option, this may also help to preserve the battery of your device as the device is not constantly sending data to the servers of these apps.

via 9to5Mac