A vast amount of personal information is being stored and sent to tracking agencies and advertisers - on a daily basis - when mobile users download certain Android apps.
This is according to a recent study, as well as local experts, who point out downloading apps (especially free Android apps) puts potentially millions of users' personal information in jeopardy - the main implication being an invasion of privacy.
Android users comprise almost 30% of the total mobile population in Africa, according to Opera Mediaworks, while take-up of the devices - which include a variety of low-cost smartphones - is on a steady rise in SA.
According to MD of World Wide Worx Arthur Goldstuck, there are likely to be well over 23.6 million smartphone users in SA by the end of 2015, closing in on almost half the total population.
A recent study by French graduate school and research centre Eurecom into free Android apps, found a huge amount of information about users is passed on to advertisers and tracking agencies on an ongoing basis. "There are over 1.2 million applications on the Google Play Store today, with a large number of competing applications for any given use or function," note researchers.
Researchers tested a group of 2 000 apps from the Play Store, and found they connect to 250 000 different URLs from 2 000 top-level domains. About 10% of the sample group was quite aggressive in its tracking activity, connecting to about 500 different URLs - with some of them of dubious origin.
Operations manager of Wolfpack Information Risk, Manuel Corregedor, corroborates the international study, saying the type of tracking and advertising identified by Eurecom is taking place on a daily basis when users visit Web sites: "[So] it's not surprising that this very same practice - as with others such as malware - continues to port over from traditional to mobile platforms."
And the number of users whose information is compromised on a daily basis is far from small, says Corregedor. "Taking into consideration that people will mostly likely take an app that is free over a paid-for app, the percentage is [bound to be] very high - especially if you factor in the top categories identified in the report (one of which is games)."
The Eurecom team is now working on an app that people can use on their Android devices to determine whether any of their apps connect them to tracking sites.
In the meantime, says MD of Legal Edge Consulting David Taylor, users should do what they would do to protect themselves in a new city: "Know what you are doing, pay attention to who you are interacting with, do your research, and most importantly, know your rights."
Invasion impact
The main impact of this public proliferation of private information, says Corregedor, is to the privacy of the user. "These companies are collecting vast amounts of information on users so they can create profiles on them and use those profiles to better advertise to that user."
For example, a company can track all the sites a user visits and identify the user has been visiting sites that sell baby products; the company then starts to target the user with baby advertisements through the mobile applications and via e-mail, he points out. "The same scenario could occur if you have been browsing adult sites, gambling sites, family planning sites, etc."
Corregedor says, while this type of profiling could be seen as a good thing by some users, who appreciate receiving relevant adverts instead of getting generic pitches, the main issue is that users are not aware of the fact that their information is being collected.
"Additionally, they don't know how the collected information is being used and with whom it is being shared."
Taylor says data collected on users will ultimately chip away at their personal data sovereignty. He adds another immediate impact is the data costs users pay to have information constantly sent back and forth. "The speed and effectiveness of your device may be affected. Connecting to those Web sites takes its toll on your device and operating system - think bloatware."
Users also expose themselves to security breaches, and if a phone is used for work purposes, users put themselves, colleagues and their company at risk.
Share