Do you know how much information your smartphone is giving away to app makers and advertisers?
Lots of people have “no idea,” according to a computer scientist at Carnegie Mellon University, who recently studied how people responded to discovering how much of their data was being shared.
But the truth is it’s very hard to know exactly what data is being accessed, how often, and when – and that makes it far less likely that users will take steps to preserve their privacy.
According to the study, apps are constantly collecting our data and sharing it with third parties, with some apps sharing location data thousands of times per week.
“I felt like I’m being followed by my own phone. It was scary,” one study participant said after learning that their personal information was tracked 4182 times in just two weeks.
In the study, a group of two dozen Android users were given the opportunity to see which apps were accessing their data, and how often, and had the opportunity to change their device settings upon receiving a privacy “nudge.”
One of the “nudges” looked like the screenshots below, which revealed that the user’s location data had been shared 5398 times by 10 apps in just 14 days.
Location data is useful information, so that apps can do what users want them to do, like get directions or find out what the weather will be the next day.
But do apps like Groupon, which serves up deals from businesses near your location, really need to know your exact location 1600 times in two weeks?
When people in the study found out how often their data was shared, most of them (58%) took steps to better protect their privacy by changing app settings.
The study participants were given an app that used a feature on their Androids called App Ops, which gave them the ability to change app permissions to restrict the types of data their apps could access such as location data.
Unfortunately for users of Android 4.4 and above, App Ops – which briefly appeared in Android 4.3 – is no longer available.
And without the ability to change app permissions on a granular level, users are left with little choice – you can either use the app or not.
People’s attitudes towards their online privacy are increasingly suspicious of governments and businesses that scoop up vast quantities of data, as recent surveys like one conducted by the Pew Research Center have found.
What’s somewhat baffling is how few people actually change their behaviors to reflect those attitudes.
In the Pew survey, 57% of Americans said they thought NSA surveillance of Americans was “unacceptable,” but only about a third of people who had heard of the NSA’s activities took any steps to improve their privacy.
Partly it’s because people just don’t know how – 54% of the people surveyed by Pew said it would be “somewhat” or “very difficult” to find tools and strategies to be more private online and on their phones.
Norman Sadeh, a lead researcher of the Carnegie Mellon study, said even permission managers like App Ops aren’t enough to change people’s behaviors:
App permission managers are better than nothing, but by themselves they aren't sufficient. Privacy nudges can play an important role in increasing awareness and in motivating people to review and adjust their privacy settings.
Sadeh suggested that we may need “personalized privacy assistants” to gauge what permissions we want for certain types of apps, and let us know when we should change settings.
For users that aren’t savvy enough to “root” or modify their devices to manage their own settings, that might be a long way off – app and device makers would need to buck the wishes of advertisers who want to suck up all our data.
There are ways you can preserve your privacy right now – why not start with our “three-step privacy plan diet” and check out our 10 tips for securing your smartphone?
For Android users, you can also download the Sophos Free Anti-Virus and Security app from Google Play. It comes with a privacy advisor to help you make informed choices about what apps you use.
Image of cyber eye courtesy of Shutterstock.