2014-07-13

Privacy theft via "free" apps

I'm a privacy advocate.  And so I get very tired of the myriad of companies that try to make a buck by selling my "profile" to the highest bidder.

Many (but not all) of the "free" apps available for your smartphone are simple privacy sieves.  Their primary purpose is to provide you with a little bit of value in exchange for a huge amount of your private data.

My case in point are 3rd party smartphone email and GPS apps.  There are hundreds available, almost all for free.  They provide a little bit of value, such as "a new way to use gestures to archive your email".  But these free 3rd party apps often take all kinds of data about you, such as:

  • All of your email
  • Your basic information (your name, home address, phone number, etc)
  • Your location at all times, via your phone's GPS capability
  • Your calendar
  • Your entire address book

Of course, the companies state that they can do this in their "privacy policy".

And within that policy they promise that they will anonymize your data as they sell it to their partners.

Truly anonymizing data is nearly impossible.  As seen in the Netflix case, it is quite simple for a high school student to take large data sets to de-anonymize the data.  That's a very scary proposition, particularly given that there are thousands of large data sets available for purchase through many suppliers.

These app developers let you know that your data may be held off-shore, in a foreign country.  Now I'm a big fan of foreign countries, so why should this matter?  And why would they want to hold the data in a far-off land?  After all, American data centers are less expensive than data centers anywhere else in the world.

The short answer to this question is that by holding your personal data outside of the country, app developers hold the data in a place where you have limited (or no) legal standing, and where the laws of this country simply do not apply.   They are simply kidnaping your data and bringing it overseas where to a place where you cannot win.

Finally, these privacy policies clearly state that they can be changed at any time, without your consent or knowledge.  So if they decide to sell your private data outright, they may change their policy and do so immediately.

What we need is a blog.  A blog that covers those apps with that guarantee to protect the privacy of their users in perpetuity. Let me know when you find apps that do protect privacy.

No comments:


Share