Monday, June 22, 2015

Mobile Apps Snoop On Your Location Way More Than You Think!

Lots of people have "no idea," that their location is being tracked!

A Carnegie Mellon University computer scientist recently studied how much the average mobile app user really knows about the rampant sharing of personal data. The study also looked at the impact this knowledge would have on behavior - in other words, how many people would chose to change app settings on their smartphones after learning how much data that app is collecting?

Twenty-four Android users were shown which apps were accessing their data and how often. One user, for instance, found his location data had been shared 5,398 times by 10 apps within 14 days. Just one of these apps, Groupon, checked in on the user's whereabouts 1,600 times over that 2-week window.

Fifty-eight percent of the study participants took action, specifically changing their app settings, upon learning of this rampant sharing of personal details. The other 40 percent, likely representative of the rest of the world, did nothing. That's probably because apps don't often allow users to pick and choose the data they are willing to share. 

As John Zorabedian wrote on Sophos' Naked Security, "...without the ability to change app permissions on a granular level, users are left with little choice - you can either use the app or not."

The next time you are tempted to download an app, pay careful attention to the permissions screen. Are you willing... really... to share the information they want with potentially hundreds or thousands of others, to use as they want? Is the reward that app promises worth the risk?

Monday, April 27, 2015

A "Gentle Reminder" for everyone to be extra vigilant with their Privacy!

Many of us actually turn a blind eye to the fact our private information is being, as this Australian reporter puts it, furiously scooped up by corporations, governments and others.

Why? Because we see it as a harmless tradeoff for whatever convenience or bit of entertainment we get in return. However, as this video details, more consumers are becoming aware of exactly what that tradeoff entails. And they're coming to it through social experiments like the one conducted in Australia. A reporter arranged for baristas to behave like an online app. After taking the java order, the baristas asked their customers to give them details like their home addresses or their last four text messages. The coffee buyers were super uncomfortable.

As we see in the video, the sharing of private information is no longer viewed as a harmless tradeoff when put in the faces of consumers. It's viewed with skepticism and dismay, just as some may argue, it always should be. The other day, a friend told me the fast-food restaurant chain app she downloaded asked for access to her camera and all the photos and videos stored on it!

The takeaway? Pay closer attention to the information your new apps are asking to access. If something throws up a red flag, investigate. Or simply don't install the app.

Wednesday, January 14, 2015

Three Fast 'Data Privacy Day' Tips

In advance of the annual international Privacy Data Day, please share these three action tips to protect the privacy of consumers and businesses:

  • Nothing is truly free, including mobile apps. Be aware of the personal information you give mobile app providers. Many free apps sell your information to a wide range of companies, some of which may have malicious intents. Studies have shown most apps do not have many, or even any, security controls built in. Check privacygrade.org to see if the app you want respects your privacy and has security built in.
     
  • Be cautious with new "smart" devices. A wide range of new and unique gadgets -- from socks to smart cars -- connects you directly to other entities (and even to the Internet) to automatically share information about your activities, location and personal characteristics. Before using such devices, make sure you know which data they are collecting, how it will be used and with whom it will be shared.
     
  • Only share personal information with trusted sources. Be extra careful not to share sensitive personal information, such as social security numbers, credit card numbers and driver's license numbers. Don't do business with an entity that does not have a posted privacy notice.