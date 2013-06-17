from the commoditizing-your-complement dept.
Our mobile phones can reveal a lot about ourselves: where we live and work; who our family, friends and acquaintances are; how (and even what) we communicate with them; and our personal habits. With all the information stored on them, it isn't surprising that mobile device users take steps to protect their privacy, like using PINs or passcodes to unlock their phones.
The research that we and our colleagues are doing identifies and explores a significant threat that most people miss: More than 70 percent of smartphone apps are reporting personal data to third-party tracking companies like Google Analytics, the Facebook Graph API or Crashlytics.
When people install a new Android or iOS app, it asks the user's permission before accessing personal information. Generally speaking, this is positive. And some of the information these apps are collecting are necessary for them to work properly: A map app wouldn't be nearly as useful if it couldn't use GPS data to get a location.
But once an app has permission to collect that information, it can share your data with anyone the app's developer wants to – letting third-party companies track where you are, how fast you're moving and what you're doing.
An app doesn't just collect data to use on the phone itself. Mapping apps, for example, send your location to a server run by the app's developer to calculate directions from where you are to a desired destination.
The app can send data elsewhere, too. As with websites, many mobile apps are written by combining various functions, precoded by other developers and companies, in what are called third-party libraries. These libraries help developers track user engagement, connect with social media and earn money by displaying ads and other features, without having to write them from scratch.
However, in addition to their valuable help, most libraries also collect sensitive data and send it to their online servers – or to another company altogether. Successful library authors may be able to develop detailed digital profiles of users. For example, a person might give one app permission to know their location, and another app access to their contacts. These are initially separate permissions, one to each app. But if both apps used the same third-party library and shared different pieces of information, the library's developer could link the pieces together.
Users would never know, because apps aren't required to tell users what software libraries they use. And only very few apps make public their policies on user privacy; if they do, it's usually in long legal documents a regular person won't read, much less understand.
Corporate Surveillance in Everyday Life
Cracked Labs has just released a report on Corporate Surveillance in Everyday Life:
Report: How thousands of companies monitor, analyze, and influence the lives of billions. Who are the main players in today's digital tracking? What can they infer from our purchases, phone calls, web searches, and Facebook likes? How do online platforms, tech companies, and data brokers collect, trade, and make use of personal data?
In recent years, a wide range of companies has started to monitor, track and follow people in virtually every aspect of their lives. The behaviors, movements, social relationships, interests, weaknesses and most private moments of billions are now constantly recorded, evaluated and analyzed in real-time. The exploitation of personal information has become a multi-billion industry. Yet only the tip of the iceberg of today's pervasive digital tracking is visible; much of it occurs in the background and remains opaque to most of us.
This report by Cracked Labs examines the actual practices and inner workings of this personal data industry. Based on years of research and a previous 2016 report, the investigation shines light on the hidden data flows between companies. It maps the structure and scope of today's digital tracking and profiling ecosystems and explores relevant technologies, platforms and devices, as well as key recent developments.
While the full report is available as PDF download, this web publication presents a ten part overview.
The online paper has 10 sections on everything from "Analyzing People" through "Towards a society of pervasive digital social control?"
In short, these companies are relying on information asymmetry — they know what they are getting and what they plan on doing with data about you, while you are left to your limited imagination as to what they might be planning.
(Score: 2) by c0lo on Tuesday June 13, @09:17AM (1 child)
I'm using only the other three, no data sharing.
(Score: 2) by WizardFusion on Tuesday June 13, @10:10AM
Which is why I root and install a firewall. Yes, I know the firewall could be leaking, but that is the risk I have to take.
(Score: 2) by Arik on Tuesday June 13, @10:21AM
What the article is describing is no a website, it's an app. Microsoft, Google, and the like are ever so happy that the mainstream cannot distinguish between the two and thus cannot even formulate effective resistance against their hegemony.
"Users would never know, because apps aren't required to tell users what software libraries they use. And only very few apps make public their policies on user privacy; if they do, it's usually in long legal documents a regular person won't read, much less understand."
That's what you get for buying into a system built around binaries rather than source distribution.
Friends dont let friend enable ecmascript.
