News

Apps can kick the door open to your personal information
Date: 25 Jul 2017 By: CRI Group

When you download an app and it asks to access your contacts, location, and other information, it seems harmless enough, right? Surely the app will only use your data for its stated purpose, and only when needed?

Not necessarily, according to a recent ScienceDaily article, "7 in 10 smartphone apps share your data with third-party services." As the article warns:

“More than 70 percent of smartphone apps are reporting personal data to third-party tracking companies like Google Analytics, the Facebook Graph API or Crashlytics. When people install a new Android or iOS app, it asks the user’s permission before accessing personal information. Generally speaking, this is positive. And some of the information these apps are collecting are necessary for them to work properly: A map app wouldn’t be nearly as useful if it couldn’t use GPS data to get a location.

But once an app has permission to collect that information, it can share your data with anyone the app’s developer wants to – letting third-party companies track where you are, how fast you’re moving and what you’re doing.”

The article also finds that the problem is not just limited to cell phones and tablets:

“Tracking users on their mobile devices is just part of a larger problem. More than half of the app-trackers we identified also track users through websites. Thanks to this technique, called “cross-device” tracking, these services can build a much more complete profile of your online persona.”

Another article, “Your Apps May Be Selling You Out” by Mondaq, sounds the alarm as well. The authors write that many of us likely aren’t aware the degree to which our information is shared with advertisers and other third-parties when we sign up for various apps. The principle is simple enough:

“If you have ever downloaded a ‘free’ app, you may have pondered how the app's creator can maintain a financially viable company by giving away its product. The answer soon becomes evident when an advertisement pops up, interrupting your interaction with the app. The less obvious answer may come to you when you uncomfortably wonder how the ad that just popped up somehow relates to the items you browsed on Amazon a few days ago. Coincidence? Probably not. This happens because, in addition to selling advertisements, app creators may also access and sell information collected from your phone to allow advertisers to customize the ads they send to your device.”

How can people reasonably expect to solve this dilemma, and protect their privacy? Short of changing laws, the answer is to be more vigilant in monitoring downloaded apps and our security settings. Follow this advice:

  • Don’t give apps permission to access your personable information. Most app stores require apps to gain permission before using your location, camera or using other information. If you deny the apps these permissions, your personal information should be safe from their grasps.
  • Check the permissions you have granted your existing apps. You may be letting them access personal information without even realizing it (even for apps you don’t use!).
  • Don’t sign up for apps on websites, especially ones you don’t know or trust. You have more protection when they are downloaded through a popular app store.
  • Delete apps that you don’t remember downloading or no longer need/use.
  • Consider adding security and privacy apps that scan your phone to help you find security risks. In other words, apps that police your other apps!

Unfortunately for those of us who frequently use mobile devices, the odds are stacked against us when it comes to controlling and protecting our personal information. The best we can do is be aware of the risk and try to minimize it as best as possible. And to support new laws and regulations that aim to protect consumers and their privacy in all aspects of our “online lives.”

It is important to remember that the same principles that apply to protecting yourself on mobile devices and elsewhere also apply to protecting your business. Just as you must vet your apps, websites and other content to make sure they come from trusted sources, it is also critical to thoroughly check third party partners and perform background checks on potential and existing employees to ensure that your organization doesn't face unseen risks from fraud and corruption.

CRI Group offers an entire suite of expert services focused on protecting your organization through proper pre-employment screening and background checks. These protections include:

Staying one step ahead of critical risk to your organization is part of being an effective business leader. Contact CRI Group today to get started on implementing a robust program that will serve you well for years to come.