Centre for Internet & Society
Apps can give personal information to strangers

Illustration: Amith Bandre

We love our apps. A study done last year, found that app usage in India has grown 131 per cent. But apps are notorious for accessing personal data and we’re obligingly careless with our privacy. Inadvertently, users give away third-parties access to their phone calls and right to operate cameras on their mobiles.

Apps can give personal information to strangers

Illustration: Amith Bandre

The article by Mebin John was published in the New Indian Express on August 8, 2016. Sunil Abraham was quoted.

Therefore, they can listen in to conversations and click photos as and when it pleases them.

“The detailed privacy policy of most of these apps run into pages and people rarely read through them,” says Sunil Abraham, Executive Director of The Centre for Internet and Society. “The policy is also loaded with tech jargon, which is lost on the general public.”

A study, done in June this year by Norton, reveals that one in two Indians have permitted access to their contacts and mobile data in exchange for free applications. Forty per cent have allowed access to their camera and browsing history, and 50 per cent given permission to send promotional text/emails.

A mobile application developer in Bengaluru, who wishes to remain anonymous, says, “App developers collect personal information of individuals and make a massive database. They then sell this data base to marketing agencies.” A database of 5 crore people pays `5,000 and this is sold over and over again.

Many application developers claim that they make large databases with the help of applications. “I have a database with email IDs of 2.5 lakh people,” says another app developer of the data he mined from one app.

Chief Technology Officer at T.I.G.E.R Innovations and Publicize Bengaluru, Geo Joy, says: “It is true that we can track an individual’s personal conversations and activities using mobile applications. I’ve heard that many applications scoop details from phone conversations for marketing purposes.”

“If you are not paying for anything, then you are the product,” Abraham puts it succinctly.

According to him, with access to your conversations or GPS, a third party could monitor your activities. It can get more specifid: with data from GPS, accelerometer and gyroscope, a developer can read your driving pattern.

Laws here are easy on developers too. Elonnai Hickok, a researcher from CIS, says, “Apart from Section 43A of the Information Technology Act, we don't have any strict laws or enforcement agencies to monitor these applications that breach the privacy of an individual.”

In India, since we don’t have a statutory body to monitor applications and their privacy violations, experts suggest individuals exercise caution.

CTO Joy suggests upgrading your operating systems. “Latest versions of all operating systems will warn you when an external medium tries to track your information,” he says. “So people who use the older versions should switch to the latest one or upgrade the software.

CE picks five permissions and how they could be misused.

Filed under: