Privacy in Online Apps, mobile apps, securityPeople with smartphones balance the desire for privacy with the desire for access, often in return for giving up private data, such as location. While people often give this information freely, external sources can access this data through other means. According to a new report from Bitdefender, smartphone users should be aware of  what information can be released to third-party companies.

A Privacy Problem

Bogdan Botezatu, Vlad Bordianu and Tiberiu Axinte compiled the “Mobile Operating Wars: iOS vs. Android” report. 

The company tracked and analyzed various applications from both Google Play and iTunes and compared what kind of information these different apps could gather from a person’s phone. Analysts looked at 317,474 Android and 207,843 iOS apps over the last year.

The report highlights the following areas of concern: location tracking, a person’s contact list and personal information such as email addresses, phone IDs or phone numbers.

Location and a Contact List

Apps often use a person's location to help find opponents for games, but sometimes this information is given to companies for ad targeting. According to Clueful, 45.41% of iOS apps can track a person's location, while only 34.55% of Android applications have this ability.

The next area of concern is applications that can read a person’s contact list, which includes 7.69% of Android applications and 18.2% of iOS applications. An example of an iOS application that can do this is OLJ, a news alert app, while an Android app is Longman Contemporary English.

Personal Information isn't Personal

Tracking a person’s location and seeing who they have on their contact list isn't the only information that can be seen or leaked by some apps.

According to the report, 14.58% of Android apps can give away a device ID and 5.73% can disclose a person’s email address. Apple disabled the UDID API on iOS apps so they don't have ability to leak email addresses, but an app that can release a person’s ID is Ringtone Maker. Android devices that can do this include Logo Quiz Car Choices and Football Games-Soccer Juggle.

If keeping email addresses and phone IDs safe wasn't very concerning, apps can also release a person’s phone number to third party sources, helping these places create a better picture of who this person is, what they are interested in and what other apps they have installed. Clueful found that 8.82% of Android applications can leak this information -- this low percentage is due to many service providers blocking phone numbers from being released. There wasn't any reported information from iOS devices.

Security is Always an Issue

Even though most of this information is merely sent to companies for marketing purposes, more concerns are being raised. App users don't know how long this information is kept by marketers or the app developers, which in the wake of a security breach can be taken and used by an unauthorized source.

Another common security problem is information, such as a phone number, being taken by the app without permission. For example, there was a recent glitch in the Android Facebook app which sent a user's phone number to the Social Network as soon as the app was launched. While Facebook stated that they deleted these numbers immediately and was fixing this problem, users weren't notified of the leak. 

Also, when an app has access to a person's contact list this is done without the contact's permission which can lead more than just unwanted targeting, emails and messages from companies and apps they don't have any relationship with.

Misuse of the information in people's mobile phone address books could jeopardize their privacy and safety and reveal trade secrets related to their business or profession," wrote Larry Magid.

While most apps state what information they have access to either upon being installs or during runtime, not all do. Therefore smartphone users should more mindful of what applications they are downloading and what information they could be unintentionally making available to advertisers and other third-party sources.

Title image courtesy of Tischenko Irina (Shutterstock)