Are your favorite Android apps secretly recording your conversations and your daily activity? There's good news and bad news, according to an extensive new study.
Since the rise of smart speakers and several high profile cases of them unexpectedly recording their owners, there's been rising concern about smartphones also recording conversations--especially since our phones are typically with us everywhere, and so pose greater risks.
A new study conducted by researchers at Northeastern University in Boston, Massachusetts, found no evidence of apps surreptitiously turning on the microphone and recording conversations. But, it did discover apps recording your screen and sharing that information with third-party companies without your knowledge or permission. The study tested 17,260 apps from Google Play and other Android app stores across 10 different Android phones.
SEE: Android security and privacy starter kit (a Download.com guide)
Many mobile apps can tap into the camera, microphone, and other sensors on our smartphones to track and record our activities. Such information is not only captured by the developers but is shared with advertisers and other third parties. As such, fears have arisen that our privacy is being violated as we don't know when our activities are being tracked or with whom such data is being shared.
"Our study reveals several alarming privacy risks in the Android app ecosystem, including apps that overprovision their media permissions and apps that share image and video data with other parties in unexpected ways, without user knowledge or consent," researchers Elleen Pan, Jingjing Ren, Martina Lindorfer, Christo Wilson, and David Choffnes said in the study.
"We also identify a previously unreported privacy risk that arises from third-party libraries that record and upload screenshots and videos of the screen without informing the user and without requiring any permissions."
Appsee CEO and co-founder Zahi Boussiba told Download.com, "Appsee's Terms of Service clearly state that our customers must disclose the use of a 3rd party technology, and our terms forbid customers from tracking any personal data with Appsee.
"The research tested dozens of apps that use Appsee, and only one of them (GoPuff) did not disclose this fact to their users, and it appears that GoPuff were capturing zipcode information with Appsee. In the same way app developers can send sensitive information to any 3rd party, Appsee cannot control the data we receive from our clients. In this case it appears that Appsee's technology was misused by the customer and that our Terms of Service were violated. Once this issue was brought to our attention we've immediately disabled tracking capabilities for the mentioned app and purged all the relevant data from our servers."
A Google spokesperson sent the following statement to Download.com: "We always appreciate the research community's hard work to help improve online privacy and security practices. After reviewing the researchers' findings, we determined that a part of AppSee's services may put some developers at risk of violating Play policy. We're working closely with them to help ensure developers appropriately communicate the SDK's functionality with their apps' end-users."
In terms of the audio capture issue, the Northeastern researchers couldn't conclusively say that the apps they analyzed were not capable of activating the microphone and secretly recording you, only that the study found no evidence of this happening. The tests were conducted in a controlled environment using automated programs that couldn't actually sign into the apps. In the real world, the results could differ.
FOLLOW Download.com on Twitter for all the latest app news.
- A study found that some Android apps were recording screen activity and sharing that data with third parties without the user's permission or knowledge.
- Conducted in a controlled environment, the study didn't find evidence of apps turning on the microphone and secretly recording users. But results may differ in the real world.
- Keep your files and messages private with these encryption apps (Download.com)
- The 7 best antivirus for Android to keep your phone secure (Download.com)
- Stay private and protected with the best Firefox security extensions (Download.com)
- Google's Gmail controversy is everything people hate about Silicon Valley (CNET)
- Phone apps aren't secretly listening to your calls: But what they do is still 'alarming' (ZDNet)
- Worried about Gmail snooping? Here's Google's advice on keeping your account secure (TechRepublic)