/ Technology

Taking control of the personal data on your mobile phone

22
Smartphone and eye
Profile photo of Anette Høyrup Anette Høyrup Danish Consumer Council
Comments 22

When you download an app onto your smartphone, do you know what personal data you’re handing over? Anette Høyrup of the Danish Consumer Council has been putting apps to the test.

We’ve all experienced it: yet another popular app has found its way onto our smartphone and with a few clicks it’s installed. It may be a fun game, Facebook Messenger or a health app that reminds you to do your daily exercise.

Whatever the type, apps often ask for access to your location, calendar, contact information, microphone and private text messages. In short, you have to consent to give over some of your phone’s data to use any app. The question is; how much data are you really handing over?

Data harvesting technology

I work as an expert on digital matters at the Danish Consumer Council, and a while ago we tested the policies of 35 apps. We’ve also developed our own app, so we could see with our own eyes how app developers can transfer your personal data to the company’s computer. It’s pretty wild to see your private text messages being copied to a company computer just like that!

Apple or Android?

How you control the data you share with apps depends on your phone. On iPhones, you can go to the phone’s settings and under ‘anonymity’ you can withdraw data from each app.

On Android phones you’ll see a list of the permissions each app requires before you download them, allowing you to accept or decline. The latest version of Android (Marshmallow, 6.0) gives you greater control, allowing you to retrospectively grant or deny permission for each app, similar to on iPhones. However, only a few phones come with this new version, or have so far been updated with it.

Difference between physical and digital world

In the real world, where you stand face-to-face with a salesperson in a shop, you’d be very surprised if you were asked to provide information as a condition of being allowed to buy a pair of pants or a loaf of bread. We decided to see how people would react to this with a hidden camera, so check it out for yourself:

There’s no such thing as a free lunch

It could be argued that your private data is a reasonable payment in return for a free app, compared to a loaf of bread you have to pay for. It can allow the company to use your data for targeted advertising and is therefore of value to them. Other times the data is required for the app to work. For example, WhatsApp asks for access to your photos so that you can send and receive photos in the app.

Your data can also provide added functionality. In this case it’s good to be on your guard. Facebook Messenger can ask for access to your private text messages, reportedly to let you text all your phone and Facebook contacts in one place. If you’re not comfortable with handing Facebook Messenger this data, then make sure not to accept it.

Of course, we’re most concerned about the times that apps ask for personal data they don’t necessarily need. Why should a torch app need your GPS location, for example?

The right to privacy

Although privacy legislation hasn’t kept up with digital developments, there are still rules which say that data collection must be objective and necessary. And these rules also apply to US companies.

Moreover, technology that protects consumers’ privacy as a default is a new important principle included in the upcoming modernisation of the EU Data Protection Act.

But what do you think? Do you think that we often have provide too much personal data to use apps? Or do you think our data is just the price we have to pay for living in a digital world? Would you prefer to pay for apps rather than hand over your personal data to get apps for free?

This is a guest contribution by Anette Høyrup of Forbrugerrådet Tænk, the Danish Consumer Council. All opinions are Anette’s own, not necessarily those of Which?

Comments
22
Member
dieseltaylor says:
5 January 2016

A very important subject and Which? should be much more on the front-foot regarding these matters. Reviewing smartphones suggests to me that Which? also needs to highlight downsides in a user-friendly way and this may be by referencing a site that does follow apps and reports on the scandals.

On that basis consumers may be suitably wary and choosy on app adding. A warning board for App happy? : )

I think Which?

4
 |     Reply    Report
Share   
Member
duncan lucas says:
5 January 2016

I have been trying hard to find a website / app that doesnt harvest your data the list is enormous ,and even if they dont most are easily hackable especially ones from social networks . I also take it it doesnt apply to the 14 years our “protective services ” have been harvesting all your data on mobile phone. In any case if you use the Internet be it from mobile or computer your data is going to be collected whether you like it or not . This includes your photo , on computer alone Google has the fame (infamy ) of being the number uno of trackers , I have at present 37 trackers from them alone on one blocker ( there are 10,000 of others ) you have to make up your mind -use the Internet ?? then dont be surprised if others use your data for their own ends . Its so bad now that even visiting a website without clicking on anything can download a virus . I would not like the public to think ,if they say no to tracking that covers them ,that would be a grave injustice in information to the public. I am not talking here of solely used website ID tracking(for access to a website ) but info gathering ones that follow you ,the web is full of them ,many hidden from view . I am not being alarmist but if you want to talk on a subject realistically and really help the public they must know the truth.

6
 |     Reply    Report
Share   
Member
dieseltaylor says:
5 January 2016

How very apt. Reported in the Guardian today are the exploits of Facebook who have “form” for manipulating the news through their app in an experiment.

This is one that has just come to light:
” Facebook’s habit of experimenting on its customers has again led to anger, following allegations that it deliberately broke its app for a small number of users to see what they would do.
In a report from tech journal The Information, Facebook is accused of selectively crashing its Android app, for long periods of time, in an effort to discover the threshold at which users just give up and go away. But the lure of Facebook proved too strong: “The company wasn’t able to reach the threshold,” the site says, with someone familiar with the experiment adding that “people never stopped coming back”.
Even if the app was broken for hours on end, people simply used the mobile web version of the site, rather than not use Facebook.”
Article: Facebook accused of deliberately breaking some of its Android apps

1
 |     Reply    Report
Share   
Member
DeeKay says:
5 January 2016

Hi all, Duncan I am curious and have been for some time
Is it possible that SKY harvest and use your preferences to direct adverts toward your habits
On the nights wifey works I visit a cousin nearby, maybe more like a brother as I was near brought up with them
They obviously do/view things different to us.
For some reason I feel I see adverts I dont see at home
We have a complete package of Satellite, phone and broadband from SKY for about a year now
I know that the box has and does use the wifi for many things as the symbol comes up when your wanting a view at something you missed but I’m beginning to think that they more about me than I do.
Could they have a few or several different series of add’s for differing types of viewers/web users

0
 |     Reply    Report
Share   
Hide replies ∧
Member
duncan lucas says:
6 January 2016

Hello Dee-Well Dee -diesel has put it basically down Sky are getting praise from all quarters of the advertising industry and from many supermarkets / BB,s for its “innovative ” personal targeting of you +family as all the data that tracks you and produces the ads is held digitally on your sky box . I am trying to find a way of “interrogating” a Sky box ,as in Windows/Linux /etc ,if I find a way I will post it. I dont use Sky but Free-sat+ continental satellites ,Germany having a more pro public (free) view of films and sport that is up to date (with government help )

0
 |     Reply    Report
Share   
Member
dieseltaylor says:
6 January 2016

Cisco says
” Sky made substantial commitments, both commercially and in terms of resources, to develop a first-of-its-kind Targeted Advertising solution that would transform the TV advertising industry. Working with innovators across the company’s TV, advertising, and analytics arms, as well as external partners including Cisco and BARB, in January 2014 Sky officially launched the service that was the culmination of this multiyear effort: Sky AdSmart.
Sky AdSmart is not a single algorithm, application, or technology. It is an end-to-end digital delivery chain for personalized advertising, spanning the entire broadcast system including transmission technologies, STB software and hardware, data collection, and reporting, all designed to operate on one-way satellite systems. The solution includes:
● State-of-the-art back-end system that controls scheduling of AdSmart ads, taking into account business rules and regulatory restrictions governing ad placements
● Sophisticated ad-targeting engine that classifies viewers according to 90 combinable audience attributes
● Transparent, frame-accurate ad insertion that can imperceptibly swap targeted ads into linear programs
● First-of-its-kind viewing measurement capability that can measure advertising exposure across 500,000 subscribers, encompassing 40 million viewing events a day (for example, every time a viewer changes channels, pauses, rewinds, etc.)
● Mechanisms to download Sky AdSmart software and advertisements to millions of Sky+ HD STBs without disruption to viewers, converting deployed hardware to dynamic ad servers without the need to replace customer hardware
● Aggregation of third-party demographic data with Sky IQ, Sky’s data analysis division”

And remember you are paying Sky for the adverts : )

4
 |     Reply    Report
Share   
Member
alfa says:
6 January 2016

When going from Which? front page to this page, why do I have the following in my cache:
http : // ….
partner.googleadservices.com…..
s3.amazonaws.com…….
tpc.googlesyndication.com…….
wca-assets-which-prod-euwest1.s3.amazonaws.com…….
google-analytics.com……..
googletagmanager.com……….
i-ytimg.com……..
securepubads.g.doubleclick.net…….
static.doubleclick.net/instream/ad_status.js

And I did clear my cache before going from one Which? page to the next.

0
 |     Reply    Report
Share   
Hide replies ∧
Member
Patrick Steen says:
6 January 2016

Hello Alfa, all the Amazon URLs relate to our server. We use Amazon Web Servers, based in the EU, to keep the website up for you to access. The Google Analytics is how we track the traffic to the website, which pages are visited and where the traffic has come from. The DoubleClick reference relates to the panels you sometimes see on the right-hand side, showing our nuisance call reporting tool for example. This system allows us to show useful content relevant to the page you’re on. It doesn’t track you or collect information about it, just shows you the right promo on the right page and let’s us know how many people are clicking on them. The i-ytmig.com isn’t to do with us, but it’s when we embed YouTube videos to watch. I hope that explains what those are.

The cache is a bit different to cookies, but if you’re interested to read about our cookie policy, you can here: http://www.which.co.uk/privacy-policy/cookie-policy/

1
 |     Reply