The privacy crisis Apple and Google need to fix—now

The tech giant records people’s locations worldwide. Now, investigators are using it to find suspects and witnesses near crimes, running the risk of snaring the innocent.

Objectives To investigate whether and how user data are shared by top rated medicines related mobile applications (apps) and to characterise privacy risks to app users, both clinicians and consumers.

Design Traffic, content, and network analysis.

Setting Top rated medicines related apps for the Android mobile platform available in the Medical store category of Google Play in the United Kingdom, United States, Canada, and Australia.

Participants 24 of 821 apps identified by an app store crawling program. Included apps pertained to medicines information, dispensing, administration, prescribing, or use, and were interactive.

Interventions Laboratory based traffic analysis of each app downloaded onto a smartphone, simulating real world use with four dummy scripts. The app’s baseline traffic related to 28 different types of user data was observed. To identify privacy leaks, one source of user data was modified and deviations in the resulting traffic observed.

Main outcome measures Identities and characterisation of entities directly receiving user data from sampled apps. Secondary content analysis of company websites and privacy policies identified data recipients’ main activities; network analysis characterised their data sharing relations.

Results 19/24 (79%) of sampled apps shared user data. 55 unique entities, owned by 46 parent companies, received or processed app user data, including developers and parent companies (first parties) and service providers (third parties). 18 (33%) provided infrastructure related services such as cloud services. 37 (67%) provided services related to the collection and analysis of user data, including analytics or advertising, suggesting heightened privacy risks. Network analysis revealed that first and third parties received a median of 3 (interquartile range 1-6, range 1-24) unique transmissions of user data. Third parties advertised the ability to share user data with 216 “fourth parties”; within this network (n=237), entities had access to a median of 3 (interquartile range 1-11, range 1-140) unique transmissions of user data. Several companies occupied central positions within the network with the ability to aggregate and re-identify user data.

Conclusions Sharing of user data is routine, yet far from transparent. Clinicians should be conscious of privacy risks in their own use of apps and, when recommending apps, explain the potential for loss of privacy as part of informed consent. Privacy regulation should emphasise the accountabilities of those who control and process user data. Developers should disclose all data sharing practices and allow users to choose precisely what data are shared and with whom.

Eiere av Nokia 7 Plus kan i flere måneder ha fått sendt sensitive opplysninger til en server i Kina. Datatilsynet i Finland vurderer gransking etter NRKs avsløring.

Many major companies, like Air Canada, Hollister and Expedia, are recording every tap and swipe you make on their iPhone apps. In most cases you won’t even realize it. And they don’t need to ask for permission. You can assume that most apps are collecting data on you. Some even monetize…

A new start-up company called eelo wants to provide you with an alternative version of Android. What makes this different than the version of the mobile OS that you are familiar with is that this version is de-Google-ized. The goal is to allow users to have more privacy than they currently do with the Google Play Services version of the open source OS...

Nick Winke, a photographer in the Pacific northwest, was perusing internet forums when he came across a complaint that alarmed him: On certain Samsung Electronics Co. smartphones, users aren’t allowed to delete the Facebook app.

In a lawsuit on Thursday, the city attorney said tracking was used not just for local forecasts but also for commercial purposes like targeted marketing.

Jennifer Valentino-DeVries, an investigative reporter for The Times, explains how reporters discovered some of the information mobile apps collect.

Smartphone apps track a staggering amount of data about our whereabouts every day. That data has become a hot commodity.

Dozens of companies use smartphone locations to help advertisers and even hedge funds. They say it’s anonymous, but the data shows how personal it is.

An idle Android smartphone sends user data back to Google servers nearly ten times more frequently as an Apple device sends data back to Apple servers.

Do you know what personal details your phone is sharing about you when you're not looking? We decided to try to find out for sure.

THREAD: I'm looking at a Huawei P20 from China, let see what can I found