Over 1k Android apps harvest your data even if denied permission – study
“If app developers can just circumvent the system, then asking consumers for permission is relatively meaningless,” said Serge Egelman, director of usable security and privacy research at UC Berkeley’s International Computer Science Institute, which produced the research.
The findings were presented at PrivacyCon, a conference hosted by the US Federal Trade Commission in late June.Also on rt.com 'Luxury good' or no privacy at all? Apple & Google duke it out over customers' data
The study’s sample contained some 88,000 apps from the Google Play store. Researchers then investigated their data transfer process after the user denied them permission to access data. They found that 1,325 of them used workarounds to circumvent the denial, in order to collect data from sources across the phone’s software.
One of the apps mentioned by name was Shutterfly, which is used for editing photos. The study found that it gathers GPS coordinates of where photos were taken and then sends the information to its own servers, regardless of whether users allowed or declined the app permission to access their location.
Some apps were found to have not violated privacy setting themselves, but rather utilized “piggybacking” to obtain data from other apps that the user did allow access to. Examples of this include Baidu's Hong Kong Disneyland app.
It’s not the first time that questions have been raised about tech giants’ commitment to protecting user privacy. Last year, AP reported that Google had been continuing to store user location data, even in cases where users had turned off the ‘Location History’ feature.
Egelman will be presenting more detailed information about the research findings at the Usenix Security conference in August, according to the online technology publication CNET.
Think your friends would be interested? Share this story!