When you install an app with a name like “Brightest Flashlight”, you do so because you want your Android to light up dark spaces. You don’t install the Brightest Flashlight app to allow strangers to track your each and every movement, am I right?
Well, prepare to be shocked, because a surprising number of Android apps are far more dangerous than they first appear. And to make matters worse, many of these apps come with completely harmless-sounding names, like “Brightest Flashlight”, “Shazam”, and yes, even “Angry Birds.”
Which apps are tracking you?
A team of researchers at Carnegie Mellon University decided to look at how apps treat your privacy. To do that, they examined the 100 most popular Android app downloads from the Google Play Store and took note of which type of data was collected from the user’s phone after downloading each app.
Of the 100 apps studied, 56 collected at least one of the following bits of data from users:
Sure, there were obvious apps like Google Maps collecting location information – which is something that most users don’t have a problem with. But why would a flashlight app need your GPS location and device ID? What is Angry Birds doing with your exact GPS location?
The 10 worst apps for security
The researchers ended up compiling a list of the ten worst-offending apps on the Android marketplace. These apps all violate user security in some inexplicable way, and include:
-Toss It game
-Talking Tom Virtual Pet
-Backgrounds HD Wallpapers
-Mouse Trap game
-Pandora Internet Radio
Every single one of those apps collects your device ID (the specific make and model # of your Android). And 6 out of those 10 apps also monitor your location. Frighteningly enough, the Backgrounds HD Wallpapers app and Pandora Internet Radio app also have the ability to look through your contact list.
Most users are unaware of these security problems
Another element of the Carnegie Mellon study involved asking users how they felt about apps collecting this data. Unsurprisingly, people were not impressed. In the study, 58% of respondents were unaware that apps which collected device IDs did so for marketing purposes and 55% said the same thing about GPS location data.
Another interesting tidbit of information from the study: 95% of respondents were “surprised” to find that a flashlight app collected location information. What were the remaining 5% of respondents thinking?
“Nah I can totally see why a flashlight app developer would want to know my specific location on the planet.”
Why do Android apps do this?
What are “marketing purposes?” Well, app developers give away free apps and then try to make money through advertising to their users. Developers want to make sure as many people click on their advertisements as possible, so they deliver ads that are incredibly specific to the wants and needs of the user.
The Brightest Flashlight app, for example, might notice you live in Los Angeles and are using a Samsung Galaxy S3 tablet. It could start advertising local deals around your city (corresponding to your exact GPS location within the city of Los Angeles), or it could deliver ads that other GS3 users tend to click on.
Some users are terrified by this, while others recognize it as an essential part of the free app marketplace. If developers didn’t make money from apps, they wouldn’t be able to give them away for free, which means we wouldn’t have as many good apps on the marketplace.
Did you know that the Brightest Flashlight app collected your GPS location? How does that make you feel? Drop us a line in the comments below!