Dear iPhone Users: Your Apps are Spying on You
Recently, Palm came under fire when programmer Joey Hess discovered the Pre's smartphone OS was sending users' GPS locations back to Palm on a daily basis. Although this information was disclosed in the company's privacy policy, the majority of the phone's owners were unaware. The incident raised questions about consumer privacy and the extent to which both handset makers and developers were gathering data on mobile users.
If you think you aren't affected by these types of troubles because you don't own a Pre, think again. Multiple iPhone applications - yes, even the ones approved by Apple - are also busy tracking your personal data and "phoning home." Which applications? What data? As an end user, determining this information is difficult. But some iPhone developers have been digging into this issue and the results of their findings may surprise you.
Is Pinch Media Spyware? One Developer Says "Yes"
As far as we know right now, Apple itself is not performing any user tracking via its pre-installed applications. However that doesn't mean that you're not being tracked by someone, somewhere. There are a number of applications available now in the iTunes App Store which track your user data, including things like location, your iPhone's unique ID, the phone's model, whether it's "jailbroken," and possibly even your gender, birth month and year, and whether the application is Facebook-enabled.
Specifically, a mobile analytics company called Pinch Media is being singled out for being more intrusive than others when it comes to this sort of tracking. Mobile analytics firms like Pinch allow developers to insert code into their application for the purpose of tracking and analyzing how their users interact with applications. In general, this type of tracking is relatively harmless for the end user and helpful to the developer. It reveals stats like: how long did the user play the game or use the app? Do users access this feature more than that one? What time of day are users launching the app? And so on. The results of this type of tracking allow developers to make their apps more usable and help them redesign or tweak aspects of the apps that may not be working.
However, in Pinch Media's case, the user tracking goes a bit further according to one iPhone developer. He says applications using Pinch Media track the following information:
- iPhone's unique ID
- iPhone model
- OS version
- Application version (in this case, camera zoom 1.x)
- If the application is cracked/pirated
- If your iPhone is jailbroken
- Time & date you start the application
- Time & date you close the application
- Your current latitude & longitude
- Your gender (if Facebook enabled)
- Your birth month (if Facebook enabled)
- Your birth year (if Facebook enabled)
What's worse is that you're often never told that the app will be performing this level of detailed tracking and you're often never given the opportunity to opt-out. The data recorded is continuously tracked every time you use the application. This violation of user privacy is so egregious that the developer even goes so far as to call Pinch Media "iPhone spyware."
In addition, a recent post on the iPhone Dev Team blog, the site hosted by the developers who release the jailbreaking and unlocking applications for the iPhone, also calls out Pinch Media for tracking your location even when it's unnecessary to do so. In the example they cite, a tip calculator app was identified as tracking your geographical location through time and uploading that data to Pinch Media.
It's Not Pinch Media That's to Blame, It's Developers
However, in the comments of the blog post, one developer using Pinch Media analytics fights back, claiming that his applications do request permission before gathering statistics. He bristles at the suggestion that they should be called "spyware."
Pinch Media is also frustrated by these accusations. They argue that no location can be sent back without the user's explicit opt-in. Since you have to press a button that explicitly allows the application to access your location, how could this possibly be without the user's consent? The company also claims that the blog posts by this 0th3lo person are "full of factual inaccuracies" (although they didn't detail specifically which parts are inaccurate). They even hint that the blogger's motivations are less about exposing user privacy violations and more about retaliating against the company because Pinch Media recently launched tools which allow developers to identify pirated (aka stolen) applications. That would be something that this particular developer, an active member of the hackulo.us forums (a forum for pirated apps), would not be fond of.
The company assures us that their product complies with all major privacy laws, saying that no personally identifying information is stored and the user opts in through the Licensed Application EULA, which specifically permits the gathering of information and sending it to third parties. In fact, says a company spokesperson, the tracking done by their company is even less intrusive than web analytics, where information is gathered without anyone's consent or opt-in, pointing to ads on this very website as an example of that.
Is This Really an Issue?
At the end of the day, is this sort of tracking all that invasive? Well, tracking a unique identifier such as the iPhone's UUID is not exactly comparable to the type of tracking you see on the web today. It's not anonymous data - it's an exact ID that's unique to each physical device that Apple manufactures. And Pinch Media is not the only analytics company to track this information. Also, when tracking your location data on the iPhone (0th3lo says Pinch Media calculates this to 8 decimal points), that can be far more exact and accurate than any sort of geographically-based IP address look-up on the web. Instead of getting a general location, location data on a GPS-enabled mobile can identify your precise latitude and longitude.
But should you be concerned? Perhaps. Although Apple requires that applications ask if they can use your location upon launch, there aren't necessarily requirements for app developers to disclose what data they're tracking beyond location data, how often it's tracked, and what they're doing with that data when it's received. They also don't require that developers ask for your consent before this sort of detailed monitoring takes place.
Still, not all applications using analytics on the back-end are to be feared. For the most part, the data being recorded is anonymous and helps the developers make better apps. The problem is that, as of today, there's no way to know which apps are the safe ones.
Update: Pinch Media has posted a clarification about what they do here.
Want more? Thanks to @0th3lo, here's an ongoing list of applications that "phone home" and what data is being tracked. Some apps on this list are: AroundMe, Aussie Rules LIVE, Camera Zoom, Discover, Flick Fishing, iiQuota, Mummy's Revenge, Police Scanner, Stickwars, The Moron Test, TouchGrind, Touch KO, TwiterFon, FaceFighter, Grunts, SmackTalk, Postman, vDrummer, Wobble, iFarty, iAppUSA, and Lonely Planet Guide.
Share
Facebook
Comments
Subscribe to comments for this post OR Subscribe to comments for all ReadWriteWeb posts
I never understood the reason folks want a limited, restrictive phone.
Posted by: y0himba
|
August 17, 2009 7:04 AM
As soon as you switch your phone on the phone company etc can find where you are anyways as they know what cell tower you are connected to so GPS co-ordinates don't really matter.
Of course the extra info like:
Your gender (if Facebook enabled)
Your birth month (if Facebook enabled)
Your birth year (if Facebook enabled)
would not be available.
iPhone users (unlike Pre owners) signed a long term contract with the (ns)AT&T, and any thought of privacy should be suspect in that environment.
It's the modern dilemma. As long as someone can make money off of tracking your habits, this will be an issue. We can only hope that we are trading that privacy for a better user experience and quality of life.
People who are worried about this sort of thing need to relax. This guy definitely sounds like he is just upset because Pinch can identify all of his cracked apps.
Is there a way to disable internet access to apps (selectively or collectively)?
Sorry, I disagree that we give up our right to privacy the minute we PAY for a phone and commit to a two year contract from our carriers. If these carriers and or app developers want our private info then let them pay for the phone and the two year contract. Any individual would be arrested if we tracked someone without their knowledge. The fact that info is in the privacy policy is not an excuse for the carriers since they know that people don't read these things and if they do they don't always understand the implications.
Courtney did you know you are being tracked by this website right now? It happens everywhere, it is not worth being concerned about.
@Question: It's pretty technical and hackery, but it's possible. The iPhone-home blog explains how: http://i-phone-home.blogspot.com/2008/01/compiled-application-list.html
Pinch Media's response is disingenuous at best. If a location-aware app asks to use my current location, I can consent. But it didn't ask if it could send that data to a third party for tracking/marketing/analysis purposes.
Posted by: mbklein.wordpress.com
|
August 17, 2009 9:55 AM
This isn't really all that surprising, is it? Maybe the gender and birthday (pulling from FB). But it's a smart phone, and iot's data rich. And we know that datamining and profile data is hugely popular and powerful and valuable. So - where's the surprise here? I'm not disagreeing that it should give us pause to think about what we share. But reading this really shouldn't be a surprise to anyone.
This is really a great post!
This seems to give great ideas which makes the people the idea of having a spy while they are not aware on this,just by the built in application of the iphone.
Web Hosting Reviews
I don't think that this is a big deal although in the future or maybe near future, this can pose a serious issue.
This is a pretty irresponsible post - specifically how Pinch Media is singled out.
Take a look at the source code of this very blog and you'll find numerous external javascript files: Google Analytics, AddThis, Statcounter, Federated Media Tracking, Hakia Ads, and CrazyEgg. Every single one of these tracks just as much, without the users consent, as any analytics provider for mobile phones.
Why do you embed these third party services in to RRW? - Because they provide you with data that helps you provide better content, and a better experience. Why do I not have a problem with you collecting this data? - Because I want good, data-driven, and informative content.
Another reason it is a little unfair to pin this on Pinch is that developers also have to turn the location reporting on in the analytics code. I use Pinch in my apps, and most have location reporting turned off. The ones that have it on are the free ones where the location data is used to enhance the ads that (in theory at least) support the app being free. Even when the developer has enabled location reporting, the user will be asked if they're OK with it.
Pinch, and the other analytics companies, provide a mechanism for reporting location, but both the app developer and the end user have to agree to that.
If they do, then the developer does get some useful information about where their app is being used. That can result in, for example, new translations being added.
Oh, and Craig, since my AT&T contract includes my SSN, and they have a complete history of all my calls, and probably all the IP addresses I access through their data network, I'm pretty sure AT&T can get a lot more information than anything I put in Facebook if they wanted to.
As the developer of StickWars, I am unhappy with the style and tone of this article. It lists my application underneath an dastardly-looking list of personally identifying information that I in no way collect or have access to, and the article makes no attempt to bring up the extremely valid technical reasons behind collecting the small pieces of information I use Pinch Media for.
These include OS version and device type, which any developer will tell you can tell you very valuable information about your customer base. I was going to build StickWars 1.7 only for OS 3.0 or above to allow for my in-app purchases, until I checked my analytic data and realized that a large percentage of players are still running OS 2.2. Knowing that, I took the time to allow my OS 3.0 features gracefully degrade so the update can still run on OS 2.2.
I'm surprised to see the entire counter argument to why developers collect this data in a single sentence at the end, rather than explained a little more in depth.
If you want to have a serious discussion of why I choose to collect these few non-identifying bits of information, email me or visit my site to get in contact with me. I'd be happy to sit down and spend some time going over these obviously delicate issues.
I'm an iPhone developer and use the phone unique ID to allow users submit game scores with one click. However this IS totally anonymous, even more so than knowing your phone number or email address. It's like a cookie. I can't call it, do a reverse look up or use it to track you outside my application.
Yes there are security issues with excessive data gathering and the casual handing over of information but this article does not address any of these. It's just scaremongering.
I find this all all extremely hypocritical from a site which suggests I sign in to comment using my Twitter or Facebook usernames and passwords - with NO guarantee you are not going to pillage my personal accounts. Can we be sure this information is not retained on your server? (Don't worry, I created a movable type password with a one time email address.)
This is the worst kind of Spyware ala they should be prosecuted spyware! Thank god I avoided Herr Jobs platform altogether and I am routinely getting confirmation in the news on the wisdom of that choice. NO tech is worth adopting a draconian system.
Maybe worth a additional read:
"Is Big Brother listening in on many iPhone Apps" http://www.eidac.de/?p=109
A blogpost I wrote some month ago about the spyware issue on the iPhone. In the comments section there also is an offical statement by the Pinch Media CEO/founder.
This is a scaremongering article. Much of it is factually inaccurate. As a developer, I have no access to any personally identifying information from Pinch Media.
I could not find out via PM, your dob, your name, the serial number of your device, your IP address or anything else without your explicit consent.
Regarding location, personally I don't use it, but you can opt in however
it requires SPECIFIC OPT IN FROM YOU too. Location information opt-in is enforced by iPhone OS, not PM or the developer, i.e. developers can't get your location information
without your explicit consent.
What I can find out is general aggregated information. How many uses have used my app
on a particular day. How often it has crashed. How much time users spend on a particular level. Non of this identifies a user. This helps me improve the app for user experience.
What information does this website http://www.readwriteweb.com track? They know your IP, your browser, your name, i.e. more personally identifying information than
I know about my app via PM.
What's really happening here is that the jail breaking community don't want developers to know how big the problem is. Most (but not all) jail broken phones are used to
steal software from developers. I.E. someone would rather steal from someone else than spend 0.99c.
This article is spying on me.
Dear ReadWriteWeb readers, your website is spying on you ! Your (IP) address and other interesting details are being sent to Google, statcounter, and other third parties for spying purposes.
Hopefully this spying will increase the chances of supplying an interesting link to click on and get you off of this site.
This is just sensationalizing what should be a non-issue ... in order to pump up your own website traffic, right? The author certainly must realize that browser cookies can and do track at least as much data as Pinch does. Just by hitting this page more data was collected on me using Javascript trackers than iPhone developers will ever see using Pinch.
That's a bit hypocritical, isn't it?
The iPhone Dev Team must be running scared to get RWW to do their bidding.
Shameful, RWW, just shameful.
Thank you for sharing, I thought.
Replica breitling
Replica tag heuer
fake Watches
cheap watches
Replica Watch
Replica Omega
Replica Seiko
Replica Watches
fake Watch
Replica Cartier
Replica Rolex
Replica Panerai
Richard Mille
I did an interview with Greg Yardley from Pinch Media this past Monday. His company is one of the ones that provide analytics (some call spyware) for iPhone apps. You can listen to his side of the story and what he had to say to some of our questions at http://www.theappshow.com/2009-08-18-the-app-show-episode-36-are-your-iphone-apps-phoning-home/
Hello ReadWriteWeb,
Well so many comments, but first I must say the article is well rounded, thought out and presented. It seems that perhaps a couple of the casual commentators did not take time to actually read up a little on the issue. But hey thats the Internet :)
"People who are worried about this sort of thing need to relax. This guy definitely sounds like he is just upset because Pinch can identify all of his cracked apps." - Absolutely not, the legitimacy of the applications has nothing to do with the issue, this affects paid & free applications for all users.
"Courtney did you know you are being tracked by this website right now? It happens everywhere, it is not worth being concerned about." - There is a substantial difference to what a browser can report compared to an application running inside a smart-phone. There is an entire discussion on this at the blog if you are concerned.
"This is a scaremongering article. Much of it is factually inaccurate. As a developer, I have no access to any personally identifying information from Pinch Media." - As mentioned to one developer, the issue is not really what the developers who use pinchmedia have access too. But what pinchmedia themselves have access too.
Finally, I would like to make a couple of points of my own.
- Without consent, it is spyware
- UUID is far too unique and cannot be compared against tracking through a web browser. Pinchmedia have visibility across all Pinchmedia applications & tracking is consistent regardless of your location or connection, it is not anonymous tracking
- GeoIP on the web is only roughly accurate, at best sometimes it can get your rough city or suburb. Pinchmedia reports your location to 8 decimal places, do they need to know what side of the bed you sleep on?
- Pinchmedia runs at the application layer, the same layer that a web-browser runs already Pinchmedia stats involve information which has nothing to do with user metrics or usage, expect this to continue to be increasingly invasive
It is not just pinchmedia, there are many analytics providers. Some applications use custom metrics, Apologies for the long post I do hope someone finds some value here.
Kind Regards
0th3lo ~ http://i-phone-home.blogspot.com/
شات سعودي
فيديو
منتديات سعودية
شات سعودي صوتي
شات صوتي سعودي
قصص
دليل شاتات
مركز تحميل
دردردشة صوتية
شات صوتي
شات كتابي
شات
Isn't it rather simple to find out the home and work address a user, e.g. through Google Maps, once I have his exact location history (long./lat.)? I'd just look for those two locations which the iPhone reports most of the time.
Given that and the fact the the unique serial number is already transmitted silently, why is this not personally identifiable, i.e. spying?
Yes, web sites are able to track your IP, use Google analytics, and so forth. But there are two big differences between that and Pinchmdeia.
1. In a PC-based browser, you can view source or use plugins to see what metrics are embedded in a site. It is not easy, but if you want to find out what is going on, you can. There is no way to do this on an iphone (unless you jailbreak or make use of external equipment.)
2. In a PC-based browser, you have ways to stop it, even if there is not an opt-out. Many analytics are disabled simply by installing no-script or disabling javascript, and they can also be blocked by firewall software, editing the hosts file, etc. You cannot do this on an iPhone, unless you jailbreak it.
As phones become more smarter the key will be the user awareness of the information that is being collected from the phone and user trust. I believe that the Google Android's disclosure model mitigates the user awareness issues - while installing a specific application it clearly provides the user information that a specific application will access from the phone and requires the user explicit authorization for application to install on the device.
User not only should have the option to opt-out, but also should have the full control on the collected data, and it should be up to the user whether he or she wants to share the personal information with the service provider to get the personalized service.
I think it all boils down to the trust between the service provider and the consumer. Google has built the world's largest Cell ID database using the location data that it collected through its Google Maps for Mobile application without any user backlash validates that trust is vital for user acceptance of such services.
I read the clarification from Pinch Media and I understand that they are defending any personal data usage if Pinch Media is been used in an iPhone app.
My question now is, how does Pinch Media makes money? All their services seems to be free of charge. What is their business model?
This pales in comparison to the Facebook apps. One company that has an(more?) app on there even named itself Hidden Pixel. If that's not clear, a hidden pixel is used to track when a page is downloaded or a spam email is opened.
today I find some ipone cellphones at Cell Phones.
But the price is much lower than I saw at the Chains.I think first it is circumforaneous.However,the cellphone-china is a legal website,and I have bought mobile phone at this website,what's more,the phone is working Perfectly. Can I continue to purchase products at this company?
Replica Handbags
Replica Handbags
If this is the case, now Apple has to answer its iPhone users for keeping them unaware of Pinch Media App which tracks the user details. Even if the data be like a cookie, the tracking mechanism should have an option to allow users to be aware of it.
Wow Sarah - you have created quite a storm with this article. Congratulation on a well thought out and articulated post :)
In fact, it is one of those rare posts I come across that gets me thinking and motivates a post from myself - http://www.advanced-web-metrics.com/blog/2009/08/18/your-mobile-apps-are-spying-on-you/
Certainly cookie tracking is not as invasive as mobile apps. However the growth of Shared Objects (Flash cookies) potentially is.
I would be interested in your comments
Best regards, Brian
* There is a difference between an app USING location information and REPORTING location information
* According to Pinch Media, they check to see if you paid for the app. The only way to do that is to use PII such as your machine ID.
* Here is an example of a developer reporting on the type of information Pinch Media delivers to them. Interesting reading:
http://www.macrumors.com/2009/11/28/apple-starts-field-testing-next-generation-iphone-31/
While I don't dispute the utility of the service for developers, it is still a breach of privacy for the user as I don't want anyone knowing anything about me or the device that I own.
Re: Apple Store and Iphone. I think we have a spyware pandemia. Starting with government, ending with developers. Internet privacy intrusion is a standard. Using Facebook for privacy penetration is a standard. Mobile phone privacy intrusion starts to be common too. Recently, I bought software from ModMyiFone, Home Contacts. Try to enter the contact when not connected to internet. Impossible. Every time you use this program it connects to developer (or who knows whom) when on WiFi. Buyer is not informed about all this and there is no any button to switch it off. I think Apple Store policy is wrong, Apple is not actively spying on Iphone users but allows others to do so. It should be forbidden.