Roger Fingas
Despite Apple's strict controls on privacy, a number of iOS apps are not only tracking precise location information on anonymized users but sharing it with third-party businesses — sometimes dozens of them, a report revealed on Monday.
A particular problem was WeatherBug, which was found to be sharing exact latitude and longitude to 40 companies, the New York Times said. In its broader investigation the paper tested 20 iOS and Android apps, the majority of which had already been tagged by researchers and industry sources as potentially sharing location data. 17, including WeatherBug, were found to be sharing users' precise locations to about 70 businesses in all.
Apple requires data passed to advertisers and app developers be anonymized — stripped of names and other identifiers — in order to protect individuals. But, entities that collect location data can potentially infer who someone is based on context. The Times gave the example of a layperson who cooperated in the investigation, math teacher Lisa Magrin, the only subject who travels from her home to her middle school by one particular route each day.
Advertisers and researchers may not care about being that granular, but are often eager to know what communities, services, and products people are interested in. Developers in turn may be willing to sell that data as an alternative to putting pricetags on their apps.
Another implicated app was theScore, which was discovered sharing data to 16 advertising and location firms. The Times noted that like some of the other investigated apps theScore's developer was misleading, telling users only that granting location permissions would "recommend local teams and players that are relevant to you."
Similarly The Weather Channel, the most popular weather title on the App Store, tells people that sharing location information is meant for personalized forecasts. For a time however that data was also being analyzed for hedge funds by the IBM subsidiary that owns the app, the Weather Company.
The analysis was being done as part of a pilot program that has since ended. Until the Times talked to IBM though, the app's privacy policy didn't mention that the Weather Company might share aggregated location data for commercial purposes.
Today's report is likely to spur action by Apple, which — except in China — has made privacy a tentpole of user privacy, even getting into conflicts with the U.S. and Indian governments. CEO Tim Cook has suggested that U.S. privacy legislation is "inevitable," and lauded the European Union's General Data Protection Regulation.
William Gallagher
Sponsored Content
Malcolm Owen
Mike Wuerthele and Malcolm Owen
Andrew Orr
Wesley Hilliard
34 Comments
Apple should suspend these apps from the App Store indefinitely!
So did these folks "apps" violate the terms of service. If yes, tell us which ones. Give us a list. If they didn't violate the terms of service, then is it an issue?
I have an app, Robinhood, that apprears to track my data with no way to turn it off in location services. When I travel and return home, when I swipe up on the app to close it, it will say “Welcome Home” on the bottom of the phone screen. Reported it to Apple but the behavior continues and there is nothing in location services that lets me turn it off.
Why on earth isn't there a simple on/off control for Location Services in the Control Center just like wi-fi, cellular, & bluetooth communications? Pet peeve.