Jump to content


Photo

Smartphone apps are sending your data to China


  • Please log in to reply
No replies to this topic

#1 Terryala

Terryala

    Board Grand Dad

  • General Admin
  • 17,910 posts

Posted 09 March 2012 - 05:29 PM

Smartphone apps are sending your data to China

QUOTE
by Lachlan Urquhart on March 9, 2012

Filed Under: Law & order, Privacy, Social networks

Smartphone apps can access some pretty personal and intimate information. This ranges from phone numbers and email addresses to GPS coordinates, to name a few.

It would be reasonable to assume that data collected is limited to assisting an app with its functionality. However, this doesn't always seem to be the case.

A report in the UK's The Sunday Times, "In a flash your details are on a server in Israel", sheds some light on data transfer practices in 70 basic smartphone apps.

These run-of-the mill applications were chosen because the Sunday Times felt they sought more information than was functionally necessary.

Using "MiddleMan" software, they were able to monitor app data transfers and made some rather disconcerting discoveries.

The results showed that of the 70 apps, "twenty-one transmitted the phone number, six sent out email addresses, six shared the exact co-ordinates of the phone and more than half passed on the handset's ID number."

While the permissions for data collection may be buried somewhere in the privacy policy, we all know that most users don't actually read these non-negotiable, lengthy, and difficult-to-understand contracts.

The excessive and unnecessary data collection is only part of this story. Perhaps more worryingly, the investigation highlights that the terms and conditions of the tested apps do not disclose the names of the data recipients, leaving users clueless about the final destination of their data.

The Sunday Times claimed that personal information was being sent outside the EU data protection fortress to companies and servers in China, India, Israel and America.

Specifically, 15 of the apps, including a puppy wallpaper app "Cute Dog", sent the phone number to an LA-based nternet advertiser.

In another example, a flashlight app sent the user's email address and phone number to a server in Delhi, India.

When EU data travels outside the European Economic Area borders, it is said to travel to "third countries." This can post new risks to the subject's privacy, and the data enters a minefield of complex legal regulation.

One such regulatory divide is found in Article 25 of the Data Protection Directive (DPD). It demands that the European Commission determine when "third countries" are providing DP standards equivalent to the EU's DPD.

If the country meets the standards, it is added to a list of approved countries. Currently, this list is very short, notably including Argentina, Australia, Canada and the Faeroe Islands. This means that free flow of data can occur between the EU and these jurisdictions.


Continued

http://nakedsecurity...-data-to-china/


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users