Is your smartphone listening to your conversations? As we reported earlier, third-party apps may be taking advantage of voice triggers or wake words that our smartphones are waiting for all the time.
And it looks like voice tracking for marketing purposes is all fair game since the privacy policies and end-user agreements you agreed to and current laws actually allow it.
There are definitely privacy issues regarding these practices but it turns out third-party apps may not be listening to you after all. The truth may be even worse than what was previously thought.
Is that app watching you?
New evidence from researchers at Northeastern University in Boston suggests that although your smartphone is not listening to you without your permission, it’s actually worse – your smartphone may be secretly watching you!
Their study analyzed 17,260 popular Android apps, including a number of Facebook-owned apps, and of these apps, 9,000 had permissions to access a smartphone’s camera and microphone.
According to their findings, there is no conclusive evidence that apps are secretly activating a phone’s mic and are sending the recordings out without permission.
However, they found evidence of something more alarming.
The researchers discovered that some of these apps can record videos and capture screenshots of your activity then send this information to third parties! Some apps will even capture personal information including ZIP codes and postal codes.
GoPuff records you without permission
The food delivery service GoPuff’s app, in particular, was singled out as guilty of capturing screen recordings and sending the data to a mobile data analytics company called Appsee.
How popular is the GoPuff app? Well, it has been downloaded more than 100,000 times from the official Google Play app store.
After the researchers contacted GoPuff about its app’s troubling behavior, the company reportedly updated its terms of service and added that “Appsee might receive PII (Personally Identifiable Information).”
GoPuff also added that “as an added precaution,” they have “pulled Appsee SDK from the latest Android and iOS builds” of their app.
Appsee throws GoPuff under the bus
For its part, however, Appsee is putting the blame squarely on GoPuff.
Appsee’s CEO Zahi Boussiba told Gizmodo that his company’s terms of service dictate that their customers “must disclose the use of a 3rd party technology” and forbids them from “tracking any personal data with Appsee.”
Boussiba then said that it appears that GoPuff violated their terms of service and misused their technology.
“Once this issue was brought to our attention we’ve immediately disabled tracking capabilities for the mentioned app and purged all recordings data from our servers,” Boussiba told Gizmodo.
Google Play’s response
Now, the big question is this – how did this privacy violation make it through the Google Play Store anyway?
Google Play’s policy clearly states that app developers must be transparent in how user data is handled by “disclosing the collection, use, and sharing of the data.”
If shady practices like this can make it through the Play Store’s vetting system and apps can actually record your phone screen without your knowledge, how safe really is your data from hackers and malicious apps that may be taking advantage of this loophole and slip a fast one on everyone?
How to control your apps’ permissions
This is why checking for your app permissions regularly is a good security practice.
Not only will it give you more privacy control and stop apps from potentially from spying and abusing your trust, it can also weed out apps that are constantly running in the background, which can, in turn, improve your gadget’s battery life.
Fortunately, checking app permissions is not that hard. Here’s how you control your apps’ permissions both in Android and iOS.