This Week's Sponsor:

Kolide

Ensures that if a device isn’t secure it can’t access your apps.  It’s Device Trust for Okta.

US Privacy Investigation Targeting Smartphone App Developers

Federal prosecutors in New Jersey are reportedly investigating whether various smartphone applications are illegally obtaining and transmitting data from users without their consent or knowledge. In the US it is a violation of federal computer fraud laws for companies to collect information about a user without notice or authorization.

The prosecutors are investigating whether various apps on smartphones such as the iPhone and various Android phones are not notifying users what data is being collected and why such data is required by the app. This data being collected ranges from a users location to the unique identification data for that device and even personal information. The Wall Street Journal tested 101 apps and discovered that 56 of those transmitted the unique identification number for the device without letting users know, 47 transmitted the phones location and 5 sent a users age, gender and other personal information. Worryingly 45 of the apps tested did not have any privacy policy either in the app or on their website.

Legal experts contacted by the Wall Street Journal say that the investigation is serious and significant because it could potentially lead to criminal charges being laid on several companies. Also interesting about this investigation is that previous federal probes on online companies for privacy violations have been few and far between.  Wall Street Journal says that they have been informed by a source that the investigation stretches all the way to the app stores run by Apple and Google who have been asked to provide to the investigation information about various apps and their developers.

The federal law in questions is the ‘Computer Fraud and Abuse Act’ that was legislated to enable prosecutors to more easily target hackers. In this investigation it could be used to claim that the developers of certain apps “hacked” into a users mobile phones to consolidate information from a user. Law professor at George Washington University, Orin Kerr, said “This is a big hammer if the government chooses to use it.” Legal experts said to the Wall Street Journal that such companies rarely end up getting charged with a criminal offence, often instead facing a civil case or companies offering promises and concessions to wiggle free from such investigation.

The popular online music service Pandora acknowledged that it faced a federal grand jury in relation to the investigation of “information-sharing practices by smartphone applications.” It claimed that they were not the target of the investigation but that similar subpoenas for investigations had been sent out on an “industry-wide basis.” Pandora, which transmits information about the users age, gender, location and unique identification number for the phone to advertising networks, is currently facing a civil class-action suite (along with Apple and other app developers) for transmitting such information without obtaining the users consent.

[Via The Wall Street Journal]

Join

Unlock More with Club MacStories

Founded in 2015, Club MacStories has delivered exclusive content every week for over six years.

In that time, members have enjoyed nearly 400 weekly and monthly newsletters packed with more of your favorite MacStories writing as well as Club-only podcasts, eBooks, discounts on apps, icons, and services. Join today, and you’ll get everything new that we publish every week, plus access to our entire archive of back issues and downloadable perks.

The Club expanded in 2021 with Club MacStories+ and Club Premier. Club MacStories+ members enjoy even more exclusive stories, a vibrant Discord community, a rotating roster of app discounts, and more. And, with Club Premier, you get everything we offer at every Club level plus an extended, ad-free version of our podcast AppStories that is delivered early each week in high-bitrate audio.

Choose the Club plan that’s right for you:

  • Club MacStories: Weekly and monthly newsletters via email and the web that are brimming with app collections, tips, automation workflows, longform writing, a Club-only podcast, periodic giveaways, and more;
  • Club MacStories+: Everything that Club MacStories offers, plus exclusive content like Federico’s Automation Academy and John’s Macintosh Desktop Experience, a powerful web app for searching and exploring over 6 years of content and creating custom RSS feeds of Club content, an active Discord community, and a rotating collection of discounts, and more;
  • Club Premier: Everything in from our other plans and AppStories+, an extended version of our flagship podcast that’s delivered early, ad-free, and in high-bitrate audio.

Former MacStories contributor.

graham@macstories.net