Smartphone apps track Android users with 'clandestine surveillance software'

28 Nov, 2017 14:41 / Updated 7 years ago

Smartphone apps such as Tinder and Snapchat are being used to secretly monitor the activities of Android phone users, according to new research.

The joint study from Yale Privacy Lab, an initiative linked to Yale Law School, and French non-profit research group Exodus Privacy, looked into 25 trackers found hidden in popular Google Play apps such as Uber, Tinder, Skype, Twitter, Spotify and Snapchat. The samples were taken from a total of 44 suspected smartphone trackers identified by Exodus Privacy.

READ MORE: Imagine! An ‘alternative internet’ not ‘completely in the hands of Facebook & Google’

The apps Tinder, Spotify, Uber and Amazon Echo in particular were identified as using Crashlytics, a Google-owned service designed to monitor app crash reports but which was later found to be providing firms with insights into users’ activities.

“Publication of this information is in the public interest, as it reveals clandestine surveillance software that is unknown to Android users at the time of app installation,” Privacy Lab said in a blog posted to its website. “These trackers vary in their features and purpose, but are primarily utilized for targeted advertising, behavioral analytics, and location tracking.”

Exodus says more than 75 percent of the apps analyzed contained signatures of trackers – and the group fears that apps classed as “clean” simply contain trackers they have not learned to identify yet.The groups are now calling for “increased transparency” over the number of trackers found in Google Play apps.

“The Exodus platform identifies trackers via signatures, like an anti-virus or spyware scanner, and thus can only detect trackers previously identified by researchers at the time of the scan,” the Privacy Lab statement read.

READ MORE: Disable location access? Google collects data from Android users anyway – report

Earlier this month, Quartz revealed that Google has been gathering location data on Android phone users for the past 11 months. The report said that devices with cellular data or WiFi connection broadcast their “Cell ID codes” to Google via cellular towers regardless of whether Location Services were turned on or a SIM card had been inserted.

Currently, there are more than 200,000 mobile phone towers in the US, each with a maximum receiving range of 22 miles (14km), according to Statistic Brain.