Earlier this month, Google announced that it would kill off Google+ for the public following The Wall Street Journal’s report that the multi-million dollar company exposed the data of over 500,000 users.
While the data leak wasn’t the main catalyst for the app’s closure — talks about closure have been going on for years — it was, in some way, the final straw for the brand.
What’s more, all of this rides on the Facebook-Cambridge Analytica data scandal that took place earlier this year.
Which gets us thinking, what sort of information do we voluntarily (or unknowingly, to some extent), offer up for apps and data companies to use and analyse?
Here, we look at the ways that certain app permissions theoretically have the potential to do more than what they were originally intended to do.
Camera and Photos
It’s commonplace for social media apps like Instagram and Facebook to request for permission to use your camera and photos.
However, apps can actually learn a lot about you and where you’ve been through the EXIF data of your photos.
Often times, EXIF data exists to make it easier for you to retrieve photos from devices, but they can also store information like your location as well. This means that it is likely for apps to be able to track where you’ve been and what you’ve been taking photos of.
Besides knowing where you’ve been, apps also have the potential to figure out the routes you’ve taken between each photo spot as demonstrated by iOS developer Felix Krause.
In a tweet in 2017, Felix posted about how such location tracking can occur with a map:
— Felix Krause (@KrauseFx) September 27, 2017
We know it seems pretty harmless to let apps access your microphone but as findings from 2017’s IEEE European Symposium on Security and Privacy proves, your microphone can be a pretty powerful thing.
According to the report, at least 234 Android applications are built with ultrasonic listening technology which means that they’re able to listen in on certain sounds picked up by your microphone.
The report also reveals all the ways that your microphone could be used by apps to detect and learn your television viewing habits. For example, these apps are able to listen in on the sort of commercials you tune into. Ultimately, this information is useful for advertisers or marketers looking to understand a little more about their consumers to better craft their advertising messages.
Another permission that’s usually required by social media apps is access to your contacts. This usually happens when the app is trying to link you up with your friends who might be on the app as well. At the same time, this is probably the app’s way of getting you introduce it to friends who might not be on the app either.
However, as the Economic Times highlighted, plenty of information such as emails and housing addresses are often stored together with contacts which means data can easily be stolen and misused.
Phone and Text Messaging
Earlier this year, ZDNet reported that the Facebook on Android app had the capability to access your phone and text messaging metadata.
According to the report, Facebook could track who you were calling, when you were placing a call and log exactly how often you interact with a person. If you’re freaking out though, rest assured the app isn’t able to listen in on your conversations.
The same Economic Times story mentioned in the previous point also talks about how apps that require such permissions can potentially also access your contacts and send messages or place calls without your knowledge.
Storage permission allows for apps to write and read the data on your phone. It has to be said though that most apps would require a certain amount of access to your storage so this isn’t anything new. Theoretically speaking, the apps that are granted these permissions too, can access things like your photo gallery and other data featured in your storage.
What You Can Do:
Here are some things you can do prevent app hackers from potentially using your data:
Update Your Operating System
We know it can be really irritating and might even slow your phone down, but updating your operating systems could really safeguard your app data. Besides improving your phone’s functionality, operating system updates will also roll out bug fixes and improve security on your phone.
Delete Old Apps
Deleting old and outdated apps could save your phone from potentially getting hacked as old apps might have loopholes that could allow hackers to access your phone information.
Besides deleting these apps, make sure you’ve ceased all permissions granted to the apps to use any of your personal data as well.
Always Read The Security Configurations And Reviews Of Apps
If you’re planning on downloading a relatively new app, be sure to read up on the app’s reviews to see if the app has ever broken any privacy rules. You should also check for the permissions requested by an app each time you download it and think about whether you really want to give it access to some of the things it’s asking for. Doing so will help you understand how apps use your data and you can limit the sort of data you’d like to share as well.
What Developers Are Doing
Sometime in August, The Verge reported that Apple would crack down on app developers and revise their privacy policies; these rules will be implemented on 3 October. The new policies will detail all the ways an app uses a users data and how users can opt out of having their data used.
Android on the other hand has an extensive guide to privacy policies that app developers have to follow if they’re looking to create apps for the Google Play Store. Adding on to its security detail, Google’s newly released Pixel 3 has a new mobile security chip that protects user information and offers an added peace of mind.
Since these data breaches were reported, tech giants have been working doubly hard to assure consumers that their systems are safe and reliable.
Are You Safe?
Majority of the times, app developers aren’t out to steal your data but rather, create apps that work best for you. It’s worth noting though that consumers should pay attention to the permissions they’ve granted apps and go through their apps every once in a while, as supported by intelligence company, Skycure.