Rogues Gallery: Privacy-Unfriendly App Features That Should Be Scrapped
Uber is a company with few friends. Whether it is taxi drivers taking to the streets to protest against anti-competitive behavior, or transport authorities revoking its license to operate over concerns about employment practices, the minicab app business is public enemy number one on many fronts.
Then there is Uber’s track record on privacy and data protection. It makes for quite a charge sheet. First it was the ‘God view’ which gave practically every Uber employee unfettered access to customer data collected by the app, allowing them to track riders at will. Then it was the Unroll.me scandal when it was found Uber had bought private data on customers of a key rival, Lyft, mined from an email subscription service.
For many privacy campaigners, the straw which broke the camel’s back was Uber’s decision to change its location settings so it could collect location data even when customers were not using the app to call a cab. This included tracking your movements after your ride had finished. Amidst the public backlash, Uber reversed the changes in August.
This is a prime example of app developers introducing features which trample all over users’ privacy for their own commercial benefits. But Uber is far from alone in doing this. Right now, millions of people are using hugely popular apps which help companies track their movements, read what they are doing on their smartphones and even listen into their device microphones.
Here are five of the worst anti-privacy app features which should follow Uber’s location tracking into the dustbin.
Facebook access to your microphone
In 2014, Facebook announced it was launching an ‘identify TV and music” feature for smartphone users. The feature uses your microphone to pick up audio from music you are listening to or TV shows you are watching and, if it finds a match, make samples available for you to include in status updates. An easy way to tell the world what you’re watching on TV, then.
The feature has been mired in controversy ever since. The immediate accusation was that Facebook could be using the feature to snoop on and record your conversations, which the company strenuously denied. Then, in 2016, Professor Kelli Burns of the University of South Florida claimed she had spotted a pattern between conversations she was having and adverts appearing on her Facebook feed. The implication was that Facebook was picking up on audio cues to send targeted ads to users.
Facebook’s problem is that it has been less than clear about the extent of its access to a device microphone. At first, it claimed its identify TV and music feature was opt-in only. But later pronouncements have been much less clear, suggesting it is a default feature users had to switch off. The obvious question being, why does Facebook need default access to a device microphone?
Snapchat’s ‘Snap Map’ auto location
From Instagram to Google apps, so-called ‘geo-tagging’ of photos is all the rage. Pairing photos with location services is seen as the next big thing in user-generated content on social media. If you are at an event or visit a particular place and take a photo of it, geo-tagging will add your picture to public collections associated with that place, often associated with a map.
The only problem is, no one has thought through the privacy issues this raises. Especially not Snapchat.
Launched earlier this year, Snap Map is an opt-in add-on for Snapchat users, allowing them to create a map of the places they take snaps. Snapchat has always allowed users to create a timeline of the things they get up to through the photos they take and share. Snap Map adds the location of each snap to the story.
The problem is that Snap Map broadcasts a user’s location publicly – not just when they choose to use the feature, but every time they open the app. Even if you have Snapchat open in the background, Snap Map broadcasts your location to everyone in your contacts list. And the location tracking is extremely accurate.
The main concern this raises is that it could encourage predatory behavior, especially considering Snapchat’s young user demographic. If your teen is using Snap Map, it is pretty certain that everyone on their contacts list can see where they live, where they go to school, where they hang out with friends. Can you be certain that everyone on their contacts list is a person you want to have that kind of information?
Google+ app integration
Google has a long history of forcing app integrations on users in ways which are far from respectful of their privacy. It all started way back with Google’s now defunct social networking platform, Buzz. For reasons best known to Google, it linked Buzz directly with Gmail, so all of your email contacts immediately became followers on Buzz.
Cue various tales Gmail contacts seeing things on Buzz that were not meant for their eyes, including the story of one woman whose abusive ex-husband – still an email contact – found out she was in a new relationship.
The search giant didn’t learn its lesson with the follow up to Buzz, Google+. Again integrating it with Gmail, the result this time was that Google+ users could send emails without an email address, using name only. The problem is that Google+, as a social network, makes profiles public, so you could start getting emails from anyone. It more or less enables spam.
Part of the issue is the way Google forces these features on users. Google+ integration with Gmail is an opt-out feature, so many people don’t know about it until they start getting strange emails from people they do not have in their contacts lists. Google is also very aggressive in the way it tries to get people to sign up for Google+. For example, you have to have a Google+ account to leave comments on YouTube.
People should be able to choose the apps they use and how they link to one another, especially when forced integration compromises their privacy.
Google location history
Google account users – which includes anyone with an Android smartphone – have two types of location settings to contend with. Location Sharing is the opt-in service which allows users to choose to share their location with other people, for example when geo-tagging photos.
Location History is an altogether different beast. These are the settings which allow Google to send you location-based push notifications such as traffic updates and weather reports. They are strictly opt out, i.e. they are switched on by default until you do something about them.
The problem is, those settings mean that Google is always tracking your location. As soon as you log into a Google account on a device, it tracks and stores your location history automatically. Even if you switch Google services off, your device is still sending location data to Google.
Most people don’t realise this is. It has some worrying consequences. If you lose your phone, Location History is what can help you find it again. But equally, if it is stolen, the places the thief goes will still be logged against your name. In a worst case scenario, you could end up being implicated at the scene of a crime you were never at.
More immediate concerns are raised by the fact that Location History links with Google Maps to create a ‘private map’ of your movements. Yes – from your phone, you can map your movements in precise detail throughout the day, over and over again. Who has access to this? Where is it stored, and how safe is it?
Getting traffic updates is all well and good. But the extent of the location data gathered by Google, and the fact that it is a default service buried deep in your device settings, is way over the top.
Uber iPhone Screen Recording
We couldn’t finish anywhere else really, could we? To add to Uber’s lengthy charge sheet of privacy violations, earlier this year a group of security researchers claimed they had found evidence that Uber’s iOS app was capable of taking screenshots from user’s iPhones.
The claim was that Apple had given Uber permission to track user activity on Apple Watch in order to manage memory more effectively. But the code required to do this could also be used for much more worrying things, like recording what was going on an iPhone screen.
Moreover, researchers claimed that the feature they found ran in the background even when the Uber app wasn’t being used, meaning it gave the company access to whatever a person was doing on their iPhone at any time.
Uber has said that the feature will be removed, but nothing has been confirmed yet. What should worry consumers is that Apple, a company which beats its chest about defending privacy, gave a company like Uber permission to use such an invasive tool in the first place.
Image credit: Josh Hallett