1 / 18

Topic: Security / Privacy

Topic: Security / Privacy. “Your Apps Are Watching You”. Source: The Wall Street Journal Online. Presented By: Corey Campbell. Article Overview. Among our devices, smartphones know us best. Time for an investigation. The Wall Street Journal conducts an investigation:

josette-roux
Télécharger la présentation

Topic: Security / Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Topic: Security / Privacy “Your Apps Are Watching You” Source: The Wall Street Journal Online Presented By: Corey Campbell

  2. Article Overview Among our devices, smartphones know us best. Time for an investigation. • The Wall Street Journal conducts an investigation: • App analysis – iPhone & Android • Consumer protection • Ad networks

  3. Introducing…Your Data Key categories being looked at:

  4. Introducing…Your Data The ones that are watching your data:

  5. What The Investigation Dealt With Examined 101 popular smartphone apps for iPhone & Android • Results included: • 56 apps transmitted phone’s unique device ID to other companies without user awareness or consent • 47 apps gave away the phone’s location • 5 apps sent age, gender, and other personal details outside of the app Intrusive behavior of online-tracking companies to append data to your profile

  6. How Did The iPhone Do? iPhone sent off more data than Android phones (within 101 app test) An app that shard the most data: TextPlus 4 – iPhone text messaging app • sent iPhone’s UDID to 8 ad companies • phone’s zip code, user’s age & gender to 2 ad companies

  7. Apple & Android Apps Pandora – popular music app • sent age, gender, location, and phone identifiers to different ad networks Paper Toss – game of tossing paper into trash can • sent phone’s ID number to at least 5 ad • companies

  8. Some Comments Michael Becker of Mobile Marketing Association – “In the world of mobile, there is no anonymity” Device is always on and with us Apple supports a review of app before being offered publicly Apple & Android protect users from revealing data through permissions Tom Neumayr – Apple spokesman “We have created strong privacy protections for our customers, especially regarding location-based data. Privacy and trust are vitally important.

  9. Getting Around The Rules Pumpkin Maker – pumpkin-carving game • gave away phone’s location to an ad network without asking permission • Apple declined to talk about this violation

  10. What Are The App Makers Saying? • TextPlus 4 & Pandora: • Data passed is not linked to an individual • Personal details (such as age, gender) are volunteered by users • Pumpkin Maker: • Unaware of Apple’s guidelines to seek user approval before sending data • Paper Toss: • Did not want to comment

  11. Consumer Protection • Privacy Policies: • 45 of the 101 apps did not provide a privacy policy • Apple & Google don’t require them

  12. WSJ Designs A System • System intercepts and records data • Decodes data stream • Covered 50 iPhone apps & 50 Android apps

  13. The Jury Is In • The most widely shared item was the phone’s identifier, or UDID for the iPhone. • ID is set by phone makers, carriers, or OS makers • Difficult to delete or hide

  14. Why, Oh Why? • Meghan O’Holleran – Traffic Marketplace • Track everything by phone ID • Apps downloaded • Usage frequency • Time spent on app • Areas used in app • Data is combined, not linked to an individual

  15. No Standards In Mobile • Apple sees UDID as “personally identifiable information” • Can be combined with info from App Store and iTunes In contrast, Google and most app makers don’t consider device IDs to be identifying information.

  16. Ad Networks • An expanding industry • Mobclix – an ad exchange • Matches more than 25 ad networks with approximately 15,000 apps needing advertising • Takes phone IDs, encodes them, and assigns them to interest categories based on users’ usage factors. • Does a “best guess” of where person lives to mix location data from Nielsen Co. • Powerful system, but categories are still broad enough not to identify people.

  17. An Example: Mobclix Inner-workings • Within a quarter-second, Mobclix can place a user in one of 150 segments it offers to advertisers • Segment types: “green enthusiasts”, “soccer moms” • “die hard gamers” segment: • 15 – 25 year old males • more than 20 apps on phone • use an app for more than 20 minutes at a time

  18. The Ad Networks Have My Info • Claim data is anonymous and brings more relevant advertising • Google received most data overall in the tests by WSJ, but says it does not mix data from its ad units: AdMob, AdSense, Analytics, and DoubleClick • AdMob gives advertisers access to phone users by locations, device type, and demographics (gender, age group) • Apple has its iAd network – only for iPhone • Apple uses App Store and iTunes info to target ads.

More Related