We typically associate iPhones with privacy, but a new study has found that a large number of iOS apps are secretly sending sensitive information to data monetization firms. Most are collecting precise location histories from tens of millions of handsets via a packaged tracking code which constantly runs in the background to track GPS coordinates.
According to the team behind GuardianApp, these popular apps trick users by presenting them with a privacy request that’s relevant to the app. For example, a real estate app called Homes asks for location info in order to find nearby houses. However, what’s not disclosed is that this data is sent to a third-party firm called AreaMetrics every time the app is opened.
Guilty App Names
All these data monetization firms apparently collect information like Bluetooth LE Beacon Data, GPS Longitude and Latitude, Wi-Fi SSID (Network Name), and BSSID (Network MAC Address). Some even keep an eye on an iPhone’s Accelerometer, Advertising Identifier, Cellular Network Name, Timestamps for departure/arrival to a location, and Battery Charge Percentage and Status.
The study has so far collected the names of 124 apps which contain code from location tracking companies and 12 known location data monetization firms. The former includes applications like C25K 5K Trainer, Coupon Sherpa, GasBuddy, Mobiletag, Moco, My Aurora Forecast, MyRadar NOAA Weather Radar, PayByPhone Parking, Perfect365, and Photobucket.
It would also be a good idea to switch off Bluetooth when it’s not being used and choosing a generic name for the SSID of a home Wi-Fi router. You can see the complete list of apps and data monetization firms here. The page also includes the hostnames for the latter, in case you want to directly block these connections.