Everyone and their grandmother uses apps these days. Whether it’s for work, convenience, or pure entertainment, they’re pretty much an integral part of our daily lives. So much so, in fact, that many consumers may not even consider (or care) what kind of impact app use can have on their data privacy. It’s very possible that your favorite apps sharing your data without your realizing.
With that question in mind, Incogni, a data privacy company powered by Surfshark, recently conducted a study on the privacy and security practices of the top 500 paid and 500 free apps on the Google Play Store.
For avid app users, the findings may be very interesting, if not alarming:
- 55.2% of apps share your data with third parties.
- Free and popular apps share more than 6 times the amount of data that paid and less popular apps share.
- Shopping apps share the most data.
- Social media apps collect the most data.
The internet runs on data. So suffice it to say that your personal information is valuable. It’s used for marketing, providing improved services, and learning, among other things. So it’s no wonder there’s a $250B+ data trade industry thriving on this resource.
If you ask the average internet user, you’ll find that they are vaguely aware that their data is collected and used by companies. However, many consumers don’t find that fact too concerning.
The truth is companies like data brokers and tech giants profit off users’ personal data while exposing them to considerable risks. The proliferation of your personal information increases your risk of falling victim to data breaches, scams, identity theft, and even physical violence.
Despite data privacy laws and regulations like the CCPA and GDPR, information concerning your home address, contact details, household members, and lifestyle is readily available online for anyone to see. Even more sensitive data like SSNs, login credentials, location history, and financial information can be found online by those who seek it.
The apps Included in Incogni’s study collect and share a ton of alarming information, including:
- Names (4.77%),
- Email addresses (6.77%),
- Home addresses (3.85%).
- Approximate location history (13.4%)
- Precise location (3.85%)
- Photos (3.23%)
- Videos (1.69%)
- Files and docs (1.54%)
- In-app messages (1.85%)
- SMS or MMS (0.46%)
- Race and ethnicity (0.15%)
- Religious and political beliefs (0.15%)
- Sexual orientation (0.62%)
A lot more apps share your personal information than you might think. 55.2% of the top 1,000 apps on the Google Play Store, to be exact.
Here are the kinds of apps you should be the most wary of downloading:
- Shopping apps, which share an average of 5.72 data points
- Free apps, which share 7 times more data than paid apps
- Popular apps, which share 6.15 times more data than less popular apps
Interestingly, the apps that share very few data points are sometimes among those that collect the most. Social media apps, followed closely by business apps, collect the most data but declare sharing very little.
The apps guilty of collecting the most data are:
- Facebook Lite
- Messenger Lite
These apps know just about everything there is to know about you, from demographic information, location, activities, and financial data to personal messages, browsing history, photos, videos, and more.
Are you likely to go to that Coldplay concert next week? They have a very good guess. Is your wife mad at you for spending way too much on a gaming headset? They probably know that, too.
But what’s even more alarming is what they do with that information. They claim they don’t share it but the truth lies in the fine print: according to Google, sharing is the transfer of user data to any third party. This doesn’t include any transfer made to a service provider, for legal reasons, or of anonymous data.
However, it’s actually frighteningly easy to correctly re-identify 99.98% of anonymous data. So whatever data these apps “transfer” and neglect to mention in the Google Play Store data safety section can very well be identified and used against you.
With the state of data privacy being what it is in the world, the responsibility for protecting your privacy and security mostly stops with you. And while Google certainly took steps in the right direction by launching its new data safety section in July, 2022, we still have our reservations. But we’ll let you judge for yourself.
Here are the facts:
- 4.9% of apps admit to not encrypting your personal data in transit (including both shared and transferred data).
- More than half of the apps have not declared that they encrypt data in transit (meaning many of them likely don’t).
- 86.9% of apps are not committed to following the Play Families Policy.
- 99.2% of apps have not gone through an independent security review.
- 10% of apps admit that they will not delete your personal data.
- 61% of apps provide no way for you to request data removal.
As long as you use apps, there’s no way to protect your data 100%. But you can make it very difficult for them to exploit your personal information.
- Don’t download apps you don’t need.
- Check the privacy settings before you download any app.
- Check the data safety section before you download any app.
- Enter fake data wherever you can.
- Ask apps to delete your data before deleting an app you no longer need.