SnoopWall’s report focuses on Android, but it addresses similar apps on Apple’s iOS and Microsoft’s Windows Phone platforms, noting that these too have privacy issues that users should know about.
“The companies developing the apps must be as transparent and simplistic as possible about what data they collect, how they use it and who has access to it, whilst the public must take the time to question why their free app wants access to this information.”
There needs to be far more awareness about how to protect your device and the data on it. “Few of us would expect an app to be able to access our contacts lists, text messages or location data, yet so many of them do just that.
“It is completely unsurprising that the public find themselves exposed to fraud and data theft when the apps they download are so far removed from privacy by design,” said Emma Carr, director of Big Brother Watch. Privacy advocates are disturbed by the level of access companies have to people’s phones. Brightest Flashlight has been installed more than 50m times according to the Google Play store’s stats. Goldenshores agreed to clearly display information on what its apps were doing so it is “sufficiently noticeable” to the average user, though it does little more than what other developers do on Google Play.Īre users bothered by the privacy implications of these kinds of apps? Seemingly not, judging by their popularity. “The failure to disclose, or adequately disclose, these facts, in light of the representation made, was, and is, a deceptive practice,” the FTC wrote.
The FTC noted in a complaint that the Goldenshores privacy policy did not “disclose or adequately disclose to consumers that the Brightest Flashlight App transmits or allows the transmission of device data, including precise geolocation along with persistent device identifiers, to third parties, including advertising networks”.
Goldenshores Technologies, the creator of Brightest Flashlight Free, was taken to task by the Federal Trade Commission in the US last year.
It’s the latest reminder that if you’re not paying for an app, its business model may well involve selling your data.Īction has been taken against the developers of such software in the past. However, developers are often asking for far greater power over a user’s device, in order to collect data and sell it on to marketers and ad networks. There are two convenient ways to view permissions, either by sorting apps by permissions or by viewing each app individually.The report suggests that torch apps should only require a limited set of permissions to run – for example, around use of a device’s camera, in order to use its flash to provide light. SMS - read, receive, and send MMS and SMS messages.Īn app will always ask you to confirm its permissions the first time you run it, but you can always go back and readjust your preferences at a later date by digging through your phone’s settings menu.Physical activity - access your physical activity logs, such as step count and exercise info.Required for making calls and VoIP, voicemail, call redirect, and editing call logs. Phone - access your phone number and network info.Nearby devices - whether an app can find, connect to, and determine the position of other nearby devices.Microphone - used for recording audio, including for video.Location - access your location using GPS for high accuracy, and cellular data and Wi-Fi for approximate accuracy.Files and media - access to your files, media, photos, and basically anything else stored on your phone’s memory.