AccuWeather, a popular climate and forecast app for iOS, has been caught sharing the private location information of its users with revealmobile .com, a data monetization company.
Will Strafach, writing on Medium:
The AccuWeather application for iOS requests location access under the premise of providing users localized severe weather alerts, critical updates, and faster launch time. Granting access to location information will also cause the application to send the following bits of information off to "revealmobile.com":
- Your precise GPS coordinates, including current speed and altitude.
- The name and "BSSID" of the Wi-Fi router you are currently connected to, which can be used for geolocation through various online services.
- Whether your device has bluetooth turned on or off.
During a testing period of 36 hours, specifically while the AccuWeather application was not in the foreground, my test iPhone (located on a desk in an office building) sent the above information to RevealMobile a total of 16 times, occuring roughly once every few hours.
Read the whole thing, then decide what will happen first: you deleting AccuWeather or Apple dropping the hammer on them.
Update: Accuweather issues non-response response
I don't even want to quote from what Accuweather posted as a non-response response. It dodges the issues with a classic "we did nothing wrong and if we did we didn't know!" non-defense defense. Shame.
John Gruber has thoroughly torn it apart on Daring Fireball if you want to dive deeper.
And if you didn't delete it before, you'll probably want to now.
Reader comments
AccuWeather, caught harvesting user data, issues non-response
Did someone from WeatherBug infiltrate Accuweather?!
Isn't Accuweather that Santorum-crony company that backed some sort of legislation (was around a decade ago, iirc) that aimed to prevent the US National Weather Agency from sharing forecasts with the general public? If that's them, then this news isn't all that surprising.
Glad I use Dark Sky.
By the way, that researcher's Medium page has some interesting stuff. It's worth a look around.
I deleted it immediately. No second chances. There are more than half a dozen weather apps on my phone. But not because they are selling info. Because they tried to hide it. That indicates to me something is fishy. I have a "deal" with Yahoo Weather and Google weather. While it may be controversial they are transparent before hand.
They are transparent, as far as you know (which is what they want you to know)
Well that's annoying! I like it for the radar. It doesn't give me forecasts so useless for that. Anyone know of another good app for radar?
Going to try The Weather Channel app.
One would think Apple would be looking for stuff like this when they review apps. Guess not.
The real question is not why is an app monetizing user data, but why is Apple allowing such SDKs in their walled garden?
Apps are allowed to send information back to servers, as this might be necessary for the functioning of the app. What you want is Apple to look through every server request to make sure the information being sent doesn't invade privacy, and that might be a difficult task
Oh, snap! Where have ya'll been? I mean, Android users cannot be the only ones who know that free apps are not actually free. Of course free apps are monetizing from your data. revealmobile uses data to target ads for Accuweather, which I do believe is allowed by Apple.
I use the NWS app, myself.