Technology These popular apps are sharing personal data with dozens of companies, study says
Pre-installed apps on low-end Android phones are full of security holes
In what has become an annual reckoning, security research company Kryptowire recently published its 2019 report on the state of manufacturer-installed software and firmware for Android devices and, to no one's surprise, they found more than 140 bugs which could be exploited for malicious purposes. The DHS-funded report uncovered 146 apps, which come pre-installed on inexpensive Android handsets, would pull shenanigans like eavesdropping through the microphone, unilaterally changing their permissions or surreptitiously transmitting data back to the manufacturer without ever notifying the user.
Ten popular apps -- including Tinder, and -- are sharing people's personal information with dozens of digital marketing and ad tech companies without explicitly letting users know, according to a new study. The only way for many users to protect their information, the report says, is for them to have never installed the apps at all.
The study, released Tuesday by the Norwegian Consumer Council (Forbrukerradet), found that the apps, which also included Clue and My Days, were collectively sharing user data with at least 135 advertising-related companies. The shared data included GPS locations and IP addresses, as well as personal details about gender, sexuality and political views, according to the study.
Instagram, Oculus and WhatsApp are missing from Facebook's privacy booth at CES
The social network doesn't address privacy tools for other apps it owns.The space, which Facebook calls a privacy booth, includes a large screen that displays the revamped privacy checkup it unveiled at the Consumer Electronics Show on Monday. The checkup guides users through privacy and security settings on the social network.
Match Group, which owns Tinder and OkCupid, said it uses third-party companies to assist with "technical operations and providing our overall services."
"We only share the specific information deemed necessary to operate our platform, in line with the applicable laws including GDPR and CCPA, said a Match Group spokesperson on Monday, referring to the European Union's General Data Protection Regulation and the California Consumer Privacy Act. "All Match Group products obtain from these vendors strict contractual commitments that ensure confidentiality, security of users' personal information and strictly prohibit commercialization of this data."
Grindr said to share users' locations, sex preferences
Apps fed advertisers data that included info about "personalities, predispositions and secret desires," study found.The popular matchmaking apps collected and processed large amounts of highly sensitive information pertaining to individuals' sexuality, drug use, political views and more to help advertisers send consumers more targeted ads, the Norwegian Consumer Council said in a report entitled "Out of control: How consumers are exploited by the online advertising industry.
The other apps citeddidn't immediately respond to requests for comment.
"Every day, millions of Americans share their most intimate personal details on these apps, upload personal photos, track their periods and reveal their sexual and religious identities," Burcu Kilic, of Public Citizen, said. "But these apps and online services spy on people, collect vast amounts of personal data and share it with third parties without people's knowledge."
Public Citizen, along with the American Civil Liberties Union of California and nine other advocacy groups, has called on the US Federal Trade Commission, Congress and the attorneys general of three states to investigate the app companies' data-sharing practices.
The study also said the apps didn't clearly inform users that data would be shared with third-party ad companies. Though some of the data-sharing is described in the apps' privacy policies, the descriptions are long, complex and unlikely to be read by consumers, according to the study. The majority of the apps also didn't offer options or settings to prevent or reduce the sharing of data with third-party companies. The NCC said this leaves most people with one option if they don't want their data shared: Don't install the apps at all.
The NCC tweeted that it'll file complaints against six companies based on its findings.
A popular analytics platform secretly scraped user data via VPN apps .
Popular analytics platform Sensor Tower has been secretly harvesting data from millions of people with Android and iOS ad-blocking and VPN apps, according to an investigation by BuzzFeed News. It's not clear that the apps -- which include Free and Unlimited VPN, Luna VPN and Adblock Focus -- were owned by Sensor Tower, nor were their users made aware that by using them they were exposing their data to potential risk. As BuzzFeed reports, users installing one of these apps were prompted to install a root certificate –Apple and Google restrict root certificate privileges due to the security risk to users.
Facebook Continued Sharing User Data After They Promised Not To
A new investigation has revealed that Facebook continued to share the personal data of users even after they promised they would stop doing it. This has gone ...
Android apps sharing data with Facebook without users' consent: Report
Hotspot Shield security analyst Robert Siciliano on a cyber attack that hit major newspapers and a report that some popular Android apps send data to Facebook ...