If it seems as though the app you deleted last week is suddenly popping up everywhere, it may not be mere coincidence. Companies that cater to app makers have found ways to game both iOS and Android, enabling them to figure out which users have uninstalled a given piece of software lately—and making it easy to pelt the departed with ads aimed at winning them back.
Adjust, AppsFlyer, MoEngage, Localytics, and CleverTap are among the companies that offer uninstall trackers, usually as part of a broader set of developer tools. Their customers include T-Mobile US, Spotify Technology, and Yelp. (And Bloomberg Businessweek parent Bloomberg LP, which uses Localytics.) Critics say they're a fresh reason to reassess online privacy rights and limit what companies can do with user data. "Most tech companies are not giving people nuanced privacy choices, if they give them choices at all," says Jeremy Gillula, tech policy director at the Electronic Frontier Foundation, a privacy advocate.
Some providers say these tracking tools are meant to measure user reaction to app updates and other changes. Jude McColgan, chief executive officer of Boston's Localytics, says he hasn't seen clients use the technology to target former users with ads.
[...] Uninstall tracking exploits a core element of Apple Inc.'s and Google's mobile operating systems: push notifications. Developers have always been able to use so-called silent push notifications to ping installed apps at regular intervals without alerting the user—to refresh an inbox or social media feed while the app is running in the background, for example. But if the app doesn't ping the developer back, the app is logged as uninstalled, and the uninstall tracking tools add those changes to the file associated with the given mobile device's unique advertising ID, details that make it easy to identify just who's holding the phone and advertise the app to them wherever they go.
Related Stories
While GPS tracking can follow your smartphone around a store with a precision of around 5 meters, tracking the phone's bluetooth device allows following its location to within a few centimeters. This relies on tracking built into phone "apps" but there are no easy ways to determine which ones are the culprits.
Most people aren’t aware they are being watched with beacons, but the “beacosystem” tracks millions of people every day. Beacons are placed at airports, malls, subways, buses, taxis, sporting arenas, gyms, hotels, hospitals, music festivals, cinemas and museums, and even on billboards.
In order to track you or trigger an action like a coupon or message to your phone, companies need you to install an app on your phone that will recognize the beacon in the store. Retailers (like Target and Walmart) that use Bluetooth beacons typically build tracking into their own apps. But retailers want to make sure most of their customers can be tracked — not just the ones that download their own particular app.
So a hidden industry of third-party location-marketing firms has proliferated in response. These companies take their beacon tracking code and bundle it into a toolkit developers can use.
[Updated 20190618_020843 UTC to restore links in first quoted paragraph. --martyb]
Earlier on SN:
Now Apps Can Track You Even After You Uninstall Them (2018)
(Score: 3, Informative) by MichaelDavidCrawford on Thursday October 25 2018, @07:31AM (1 child)
This is for web analytics [pixelbegone.org].
I avoid mobile apps if I can use websites instead - reading the news off the paper's website rather than using their app. That's because mobile analytics are far, far more invasive, for example phoning home to report every button you tap. While it's possible to use javascript to make web analytics similarly invasive, I don't think it's actually done yet.
Yes I Have No Bananas. [gofundme.com]
(Score: 1, Interesting) by Anonymous Coward on Thursday October 25 2018, @07:34PM
> I don't think it's actually done yet.
It is - including full selenium installs for the laziest do-ers - but it's not as common as on cellphones, right now.
(Score: 3, Informative) by MichaelDavidCrawford on Thursday October 25 2018, @07:34AM (1 child)
Chlorine Dioxide room deodorant. My friend is very protective of his privacy and so doesn't have an ID, so he can't get a bank account.
So I buy him a can of room shocker off of amazon, and for the next month I was bombarded by ads for the stuff - everywhere.
I expect you've had similar experiences.
I don't object to advertising, only to tracking, which is why I only block hosts that serve tracking pixels. I've added some more hosts, and will add to them sometime soon:
http://www.pixelbegone.org/ [pixelbegone.org]
Yes I Have No Bananas. [gofundme.com]
(Score: 1, Touché) by Anonymous Coward on Thursday October 25 2018, @05:43PM
So you block tracking pixels, but not ads, then buy something and get tracked everywhere seeing ads for the thing you bought ...
It would seem blocking the tracking pixels alone is not sufficient.
(Score: 2, Informative) by Anonymous Coward on Thursday October 25 2018, @07:56AM (3 children)
Putting aside the tools that root level users have access to, there are options for standard Android users. The most powerful, and therefore most inconvenient to use, is NetGuard [f-droid.org]. NetGuard acts as a locally hosted VPN that allows you to grant and block network access to any application on the phone/device. It also provides hosts-file style blocking. Similarly, DNS66 [f-droid.org] and Blokada [f-droid.org] redirect DNS requests to a provider of your choosing and also provide hosts-file/adblock block lists. The biggest problems with these options is that they cannot be used simultaneously with a traditional VPN provider, though some VPN "apps" offer similar features.
(Score: 3, Informative) by Farkus888 on Thursday October 25 2018, @08:33AM
AdGuard also does local vpn filtering. It has worked well for me.
(Score: 1, Informative) by Anonymous Coward on Thursday October 25 2018, @11:11AM
It is amazing how many requests get blocked by Blokada with a few lists running. I reset my counter about a month ago, and since then Blokada has blocked 43,000 requests. I use my phone infrequently too.
(Score: 2) by bob_super on Friday October 26 2018, @01:03AM
No-Root firewall seems to be working a lot. I don't know whether it gets everything, but it's already blocking a lot of accesses.
Same VPN concept, but doesn't use a list, just blocks everything until you manually enable each.
(Score: 1, Interesting) by Anonymous Coward on Thursday October 25 2018, @11:20AM (1 child)
I reset my advertising ID several times a week. I'm sure that someone, somewhere, has an array of all of my previous IDs ... because that's what these parasites do.
(Score: 2) by Hyperturtle on Thursday October 25 2018, @01:08PM
Aren't modern OSes great? That these advertiser IDs are built right in (or rather, generated per unique user and synced/associated as needed) is truly a marvel of convenience for the busy person. now my preferences can be ignored by everyone!
It used to be I had to be uniquely disappointed per device I used, but now I know I can get ads for something I already bought across all of my devices--including a new one I just bought after researching about it prior to buying it! How meta is it to get ads for itself on itself about itself, but not searched about itself... on itself? Hopefully not by itself. AI would be going to far if it was recommending me to buy what it wants when I already had it since it itself was telling me to buy more of it. Maybe it's lonely? I guess that NFC stuff is sort of sexy in a way, so I can understand why it wants to pair up full duplex style.
(Score: 3, Informative) by realDonaldTrump on Thursday October 25 2018, @02:00PM
The New York Times has a new Fake Story that now the Russians and Chinese (glad they finally added China) are listening to all of my calls on cellphones. Except that I rarely use a cellphone, & when I do it’s government authorized. I like Hard Lines. Just more made up Fake News!
(Score: 2, Interesting) by Anonymous Coward on Thursday October 25 2018, @02:43PM (1 child)
F-Droid
Do not install anything from the standard application repository (Google Play or Apple AppStore); instead, head over to f-droid.org and find an equivalent application there.
It's not a guarantee that this type of crap won't be in there but there is a much higher probability thereof.
(Score: 3, Informative) by Reziac on Friday October 26 2018, @02:21AM
Linkee:
https://f-droid.org/ [f-droid.org]
And there is no Alkibiades to come back and save us from ourselves.