Does it bother you that some apps running on your iPhone (or Android phone), that know all your contact information and perhaps even your current location, could be spying on you? The Wall Street Journal says:
An examination of 101 popular smartphone "apps"—games and other software applications for iPhone and Android phones—showed that 56 transmitted the phone's unique device ID to other companies without users' awareness or consent. Forty-seven apps transmitted the phone's location in some way. Five sent age, gender and other personal details to outsiders.
It seems like we've been talking about this since Apple added a GPS and the App Store to the iPhone 3G and iOS 3 back in 2008 and everyone from tiny, unknown developers to giants like Google began taking advantage of the features -- in both senses of the word.
Sometimes it can be beneficial -- Google's web search, Gmail, and mobile AdMob adds try to give us ads that better reflect our interests so they're less likely to annoy us and, of course, we're more likely to click on them. Apple's now in that game as well with iAds. But what about those tiny, unknown developers using their free or cheap apps to extract your information?
Apps sharing the most information included TextPlus 4, a popular iPhone app for text messaging. It sent the phone's unique ID number to eight ad companies and the phone's zip code, along with the user's age and gender, to two of them.
Pandora is also cited as an app that transmits lots of demographic information. Apple claims they police the apps and make sure they fall within proper guidelines but the WSJ believes some, like Pumpkin Carver, can skirt the rules, and many of the developers claim they anonymize data before aggregating it and transmitting it on to advertising networks.
While permission is required to share location, no permission is required to share your iPhone (or iPad or iPod touch) UDID -- the unique identifier, effectively a fingerprint or "super cookie* that can be used to correlate and track all your activities. Angry Birds, according to the WSJ, sends both UDID and location data back to its publisher (who says they don't use it to advertise and don't share it with anyone else).
The entire article is fascinating reading especially for those concerned with privacy in the mobile information age. Personally I trust Apple and Google but I'm not sure I trust every little developer who has the same access to my data or who uses Apple's and Google's networks and systems.
What about you, any alarm bells ringing?
[Wall Street Journal, thanks Dominick!]