TAMPA (FOX 13) - Personal devices are getting more personal, but that doesn’t always mean your information is private.
Your smart phone knows what you buy, where you live and where you’ve been, what you’ve searched for, even health conditions. Some app developers have the ability to determine who you’re calling, when you’re calling them, and what you do on other apps.
Knowing your habits goes to their bottom line.
"We all like the fact that our phones have become really powerful,” said privacy expert Jules Polonetsky, who heads up Future of Privacy Forum, a think tank in Washington D.C. “But when we're surprised about some of the things that can happen behind our back, we're likely to be shocked."
Depending on the app, the permissions you agree to in exchange for downloading and using the app can be very permissive.
"We're all familiar with the experience of downloading an app and then agreeing: 'Sure, you can have my location because, I don't know, you asked for it?'" Polonetsky said. "Powerful technology is being used to glean any bit of information that can help those advertisers decide how to reach you, how to track you, and how to target you better."
Data can be collected and resold to third parties that specialize in creating big dossiers of information about individuals. While many app developers say the information is not personally identifiable, some companies can re-identify the data to an individual by using the device’s unique ID and other accounts on the phone.
"If you think about what Facebook or Twitter know about you, and then they correlate it with real-time data about what apps you're using, phone calls you're making, you can see that they can paint a pretty detailed picture," said Michelle De Mooy, a consumer privacy expert at the non-profit Center for Democracy and Technology.
"There are some apps that can turn on your microphone, listen to what you're saying, look at your texts,” she said. “This is a huge violation of what people expect."
In 2013, the Federal Trade Commission sued the developer of the “Brightest Flashlight Free” app for allegedly collecting 50 million users’ location data and unique IDs without telling them that information could be shared with third parties. The company escaped without paying a single fine after saying they’d delete the data already collected and make sure customers agreed to it in the future.
It’s not hard for app developers to get users to agree – even if it’s not always clear what an app is planning to do with all that information.
It can get personal, quickly. "Especially when you have a lot of health information coming onto phones and apps," De Mooy continued.
Last year, the FTC tested a dozen free health and fitness apps and discovered user information went to 76 different third parties -- everything from medical information and exercise routes to email addresses and unique device identifiers.
Consumers are slowly gaining more control.
Apple and Android both have options to reset your advertising ID:
- In Android, go to Google Settings under apps. Under ads, click on “Reset advertising ID.”
- On an iPhone, go to settings, then privacy. Scroll down to click on “Advertising,” which will give you the option to reset the ID.
Users of Android’s new operating system can now choose which parts of the phone an app can access, though some apps won’t function the way they’re supposed to without them.
Apple has given users similar options for a while, by prompting users for permission to allow an app to track location or access a camera, for instance.
Experts recommend scrolling through your device and app settings and opting out of anything you don’t want collected.
"If you have a bunch of apps, a bunch of games, know that a lot of times games, in particular, are taking information they don't need to function," De Mooy said.
FOX 13 News App
Joseph Fisher with Verve, FOX 13’s news app developer, explained why the app asks for access to certain parts of Android phones.
Location and Precise Location – “We use this for the weather portion of the app. It uses the user’s location to give them a relevant forecast. It’s also used for location-based advertising.”
Modify or Delete USB Storage, Read USB Storage – “Both of these are used for internal diagnostics that we perform when building and testing the application.”
Find accounts on the device – “We use this to send push notifications.”
Read Google service configuration – “Used for weather.”
Full network access – “This is what allows the app to connect to the Internet.”
View WiFi connections – “Used to determine if the user is on Wifi or a Cellular network.”
Access Bluetooth Settings – “These are used for beacon advertising (not a feature used on the FOX 13 app).”
Run at Startup – “Crucial to doing location-based advertising.”