Smartphone privacy: Applications that sell your information


By Joshua Ostrer

With more and more students using smartphones and the many applications installed on them, the question becomes: how safe is information on your phone? The answer: not very safe at all. Every smartphone is given a unique serial number, essentially irremovable by the owner; for the Apple iPhone, that serial number is called the Unique Device Identifier (UDID).

In a study conducted by the Assistant Direct of Information Security and Networking at Bucknell University, Eric Smith found that 68 percent of applications send out UDIDs of application users, 18 percent encrypted their communications to hide what type of information was being shared and only 14 percent of applications appeared “clean.” The study also “confirmed that some applications are able to link the UDID to real-world identity.” In a separate study by the Wall Street Journal which examined 101 popular smartphone applications for iPhone and Android operating systems, 56 were found to be transmitting the device’s unique serial number without the user’s consent, 47 transmitted the phone’s location and five sent age, gender and other personal information.  Additionally, 45 of the tested applications did not even provide any form of privacy policy for the user.

“The great thing about mobile is you can’t clear a UDID like you can a cookie,” said Meghan O’Holleran of Traffic Marketplace, an internet ad network. “We watch what apps you download, how frequently you use them, how much time you spend on them, how deep into the app you go.” The question then becomes: where is your personal information going? That depends on the application. For example, Pandora, the popular music streaming application, collects your age, gender, location and phone identification and then sells it to the followin companies: Apple/Quattro, Google/Doubleclick, Medialets, Facebook,Google/AdSense, Google/Analytics,Weeklyplus and Yahoo.

Many applications, from Angry Birds to the Bible App sell personal information to ad corporations and other companies. Even companies like Google have recently come under fire for bypassing user privacy settings, allowing for complete monitoring of any user’s browser history through tricking Safari’s Web-Browsing software. AVG, the antivirus company, also recently came under fire when it released an “anti-virus” application that was unable to actually do full virus scans and instead collected user’s phone ID, their network operator, email address and GPS location, which was then sent to AVG’s servers.

With the smartphone’s increasing role in our daily lives, it’s important to be aware of the ease by which it can abuse your privacy.


Leave a Reply