Recent media reports show that smartphone applications are regularly breaching the privacy of their users, sharing personal data widely without the knowledge or permission of their users. The mobile communications industry is relatively young. And when it comes to sharing user data with third parties, currently there are no standard industry practices and no consistent way customer data is handled. An entirely new business sector now exists to assemble data gleaned from cell phone users into customer profiles. And whether we know it or not, most of us are part of their stock in trade. As our reliance on smartphones and the games and applications we download onto them continues to grow, this is an issue that merits our attention.
Why the Concern?
Few devices contain more pertinent information about their owners than smartphones: data that includes their unique ID reference number; phone numbers they have stored; their age and sex; and their location. This demographic information is a valuable commodity to online tracking companies that sell it to third parties (usually advertising/marketing companies) to target potential customers. To cite a common example, some popular music applications send out user data to a variety of online tracking companies. The information that these apps share could be geographical data used by online marketers to target you with offers from local businesses; or it might include specifics that provide the third party with your name and demographic group (age, ethnicity, gender, etc. etc.). Tracking a phone’s location enables online tracking and ad exchange companies to “guess” where a user lives and match that information with spending and demographic data from other sources. The company is then able to offer marketing companies a likely prospect for their goods/services.
Snooping Comes With the Service
On your desktop computer, you have the option of blocking or deleting intrusive browser cookies that monitor your website use. You can’t do that on your phone – the unique ID on each phone is put there by the makers, carriers or companies that operate the systems and cannot be removed. This UDID can never be changed or turned off. It is a permanent “cookie” that gives online tracking networks the chance to snoop and gather personal data 24/7.
It is disturbing to note that many users have no idea their phone is broadcasting personal information because the apps they use don’t tell them. If you use Yelp or iWant (or other popular GPS-reliant apps), you know these apps ask to use your current location in order to provide the maps or merchant listings you have requested. Unfortunately, not all apps do this; nor do they let you know that your location and other data are being shared with unknown third parties. When it comes down to it, some of the biggest offenders are the ones we use most frequently – such as text messaging and music download applications.
It’s no stretch to see how such practices infringe on customers’ basic privacy (and their expectations of privacy). As well as the troublesome “Big Brother” aspect, consumers are worried that personal data could fall into the hands of third parties with harmful intentions.
Major players in the mobile communications industry such as Apple and Google say they protect their customers by requiring apps to obtain permission upfront from users. Practical experience suggests that some app vendors bend the rules. Some claim, in defense, that the data they transmit is anonymous to the outside companies and cannot be linked to any one person’s name.
The trend toward more aggressive Internet marketing tactics is plain to see. What remains to be seen, however, is how the industry will balance consumer privacy concerns with their desire for profits as the race to turn personal data into cold cash intensifies.