If you have a smartphone then you are familiar with getting new apps for it. Every time you install a new game or app you are asked for permissions. Do you read about the ‘access details’ the new app or game is getting from you? Do you know what kind of personal information can it have access to?
Reading the privacy policies of apps you install in your smartphone is vital; just a few users actually read it or put attention to it. Some apps policies could even include having permission to store your phone’s number, your email address, your GPS information, etc.
The Sunday Times, an UK’s newspaper made a report regarding the personal information that is shared through the application, the name of the report is “In a flash your details are on a server in Israel”, they reviewed around 70 smartphone applications.
The software they used is called MiddleMan; they monitored the data transfers of the applications and discovered unsettling things about them. The results were that, “twenty-one transmitted the phone number; six sent out email addresses, six shared the exact co-ordinates of the phone and more than half passed on the handset’s ID number.”
The data collection is only a part of the report. The Sunday Times said that the personal information is being sent outside the European’s Union data protection barriers, to servers and companies in Israel, India, China and America.
Fifteen of the apps sent the phone number to an LA internet advertiser. One of the apps sent the phone number and the email address to Delhi, India.
When data goes outside the barriers of the European Economic Area borders, it goes to a “third country” the privacy of the users and their information goes into a different and complicated legal regulation.
In the Data Protection Directive (DPD) there’s a legal regulation in article 25 regarding that the European Commission determines that the “third countries” provide Data Protection standards that are equivalent to the European Union’s Data Protection Directive. There are standards that they must comply, and if a country complies then is added with a list of approved countries, it includes Australia, Canada, Argentina, among others. Then the data can flow freely between the European Union and these jurisdictions.
US also made the cut with its US-EU Safe Harbor Agreement.
The EU-DP standards also include that the data is encrypted when is sent to “third countries”.
Next time you install an app in your smartphone be sure to read what information is going to have access to.