Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

The End of Mobile Privacy

DZone's Guide to

The End of Mobile Privacy

Is mobile privacy dead? Companies are tracking and monitoring your online activities, and even sharing that data. See why Chris Lamb thinks it needs to stop.

· Mobile Zone
Free Resource

Download this comprehensive Mobile Testing Reference Guide to help prioritize which mobile devices and OSs to test against, brought to you in partnership with Sauce Labs.

Mobile privacy doesn't seem to exist anymore. Over the past week, we've seen multiple releases describing how companies are tracking what you do online, through invasive user monitoring, data collection, and later dissemination, and now via user tracking software inserted into applications we've all come to use and depend on.

This is a big deal, and it needs to stop.

In both of these cases, trackers have been sending personal information to third parties. In the first case, that personal information could include, say, your credit card number, name and address, and CCV code. In the second, the tracking is usually either advertising based (where they connect the identity of your device to you) or crash based (where they send detailed crash logs to a third party for collection and analysis). Advertising-based tracking links you to your device and your device to a location, and it will do it in real-time. This kind of tracking will then attempt to use that information to further refine your profile so subscribers can send you content that you're interested in so you'll pay for something, either via clicks or via purchases. Crash-based tracking will pull a wide range of information from your device, including but not limited to memory contents, phone metadata, the identity of your cell provider, and other apps that may have been running, and send that to a third party service for later analysis.

Both of these cases are commercially defendable too. Web tracking services provide detailed session replay data (including text entry, mouse clicks, and cursor trajectories) so subscribers can improve the user experience of their sites. Likewise, mobile app developers are just trying to provide information on what you're interested in so they don't frustrate you by showing you stuff you don't care about. And they're trying to improve the quality of their apps. None of those motivations are problematic. But the devil's in the details, as is so frequently the case.

App developers and website operators need to stop exploiting us for what are really miniscule revenue gains. I don't have any issue with crash information being shared, when I want to share it, and when I trust it's secured. I don't today. I also don't like having my location tracked, at all times, but multiple different vendors and apps. If anybody was able to get ahold of this information, and I don't expect it's all that difficult considering how many vendors likely have it, they'd be able to identify my travel patterns down to the minute. And if they get access to real-time information from my phone, even better for them (though not so much for me). I don't practice any Jason Bourne-like counter surveillance in my day to day life, and I don't want to start. And I don't want to give up my phone either, but it's becoming more and more like a tracking and surveillance device, where I'm the one being tracked and surveilled.

App developers and website operators need to agree to stop doing this, and set some professional standards for themselves. If they don't, governments will start, and nobody wants that.

Analysts agree that a mix of emulators/simulators and real devices are necessary to optimize your mobile app testing - learn more in this white paper, brought to you in partnership with Sauce Labs.

Topics:
privacy ,mobile ,mobile security

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}