Do you ever get the feeling that your smartphone is spying on you?
Research by an assistant professor at the University of Calgary has highlighted big privacy concerns in the digital age.
According to Joel Reardon, that research has been going on for a few years, and began with work on improving permission systems used by smartphone applications.
“It was while we were doing the study and seeing the kinds of permissions that apps were making use of, we realized that there is a great deal of information that’s actually being collected, or touched or being accessed,” Reardon said.
Researchers analyzed data collected from several smartphones running thousands of apps to determine what kind of sensitive information was being accessed once the app was downloaded and in use on the phone.
According to Reardon, the type of information being accessed varies depending on the app, but in most cases, the location of the user, the user’s contacts, and online metadata were all sent to third party domains.
“It’s going to companies that are interested in having a behavioral database about every single person,” Reardon said.
“Your location data — the information that represents is enormous — if you have access to everyone’s location at all times throughout the day, you know a lot about that person and that is of course of great interest to advertisers.”
Reardon said the advertisers use the data to tailor their ads specifically to the user.
“There’s no evidence that it’s being used for a malicious purpose, but there’s no evidence that it’s not,” Reardon said. “I think that most people understand that it is happening, but there’s a sense of powerlessness that that’s just how it is, whether or not that’s what they want.”
Stringent privacy laws have been passed in the European Union aimed at curbing applications’ abilities to mine sensitive data from their users.
The General Data Protection Regulation (GDPR) was introduced to give control to individuals over their personal data, and where that data is transferred.
“I’m optimistic about legislation such as the GDPR to actually help enforce and have substantial teeth in terms of having an impact in companies behaviours,” Reardon said. “I’ve seen in the network traffic I’ve studied that a lot of apps take GDPR seriously.”
While Canada does have privacy laws in place, one cyber security expert doesn’t believe they will have an impact.
“Even if the laws are in place, if those apps are originating in countries that don’t subscribe to our laws and privacy policies, how good is that law going to be for us?” online safety and social media educator Paul Davis said.
However, there are steps people can take to prevent users’ data from being shared to third party companies.
Davis recommends using a VPN, which masks your IP address and hides your location when online.
Meanwhile, Reardon said users should delete apps from their phone that they don’t use, and look for open source apps, which have less data requirements.