Android apps spy on users: 8 tips to boost privacy

Have no fear regarding news Android apps are spying on you. Here are tips to keep nosy app developers out of your business.

Worried your Android apps are spying on you? You should be, according to a recent study that found several popular Android Apps regularly share your location and critical phone data such as your phone number with advertisers and others. Researchers from Intel Labs, Penn State, and Duke University randomly selected 30 out of 358 popular apps from the Android Market for this study. The computer scientists were able to track each application's behavior using a special monitoring program called TaintDroid developed by the researchers.

Here's a breakdown of the researcher's findings:

-15 popular Android apps sent location information to advertisers without requiring user consent

-9 apps transmitted a user's International Mobile Equipment Identity number, a unique device identifier

-7 out of those 9 apps did not mention IMEI collection in their End User License Agreements including one unnamed popular social networking app and one unnamed location-based search application

-2 applications transmitted a user's phone number and ICC-ID--a SIM card's serial number--both of which are unique identifiers

The researchers did not name which specific apps were behaving irregularly. You can read the entire paper about Android app security here (PDF) and you can find out more about TaintDroid here.

While those findings may sound scary, the good news is I've got 7 tips for you to keep prying eyes off your Android smartphone or your iPhone.

Android Users: Check Your Permissions

You can find a list of what your apps are doing by visiting the Android Market via your mobile device. Go to menu>downloads to see a list of the apps you've downloaded. Then select the app you want to check up on and go to menu>security. This will give you a list of all the information on your device that your application can access. This won't tell you what those apps are doing with that information, but at least you can get rid of any applications that want access to information you're not comfortable sharing with it.

Note that some of Android's sharing and permissions information is a little hard to understand. Many apps, for example, say they have "full Internet access," but the Market doesn't explain what that means. Android's developer documentation isn't much help either, but it appears "full Internet access" means an app has unfettered access to send and receive data.

iPhone Users: Check Your Location

If you're an iPhone user, you don't have the same wide array of permissions you can access through your phone. You can, however, check to see which of your apps are using location information. On your phone navigate to Settings>General>Location Services. This will show you a list of all the apps on your phone that use location information, and ones that have accessed your location in the past 24 hours are marked with an arrow. You can also deny any application access to your location information from this list.

Check Those Comments

Google relies on community policing to keep the Android Market safe, so make sure you take advantage of each application's comments section. Look for complaints about how an app functions or problems with your specific device. Also, make sure you read a little deeper than just the first few comments at the top.

IPhone users are unlikely to find complaints about malware or other dirty deeds in the comments. Nevertheless, comments are still an important source to find out what others think about the quality of a particular app.

Just as important as checking comments is to share your own thoughts about apps you've used. If you've been scammed by a peculiar app, make sure you share your horror story with others.

Developer's Website

Developers of fishy applications will (more often than not) have fishy Websites for their apps. It's a simple rule of thumb, and it can often save you time and heartache. Watch out for Websites that are poorly constructed, haven't been updated in a while or don't contain any valid contact information.

Apple recently pulled apps built by Vietnam-based iPhone developer Thuat Nguyen for "violating the developer Program License Agreement, including fraudulent purchase patterns." Nguyen reportedly bilked iPhone users out of hundreds of dollars. Users could've saved themselves a lot of trouble if they'd merely checked Nguyen's Website, which redirected to a parked domain called A clear red flag.

Read Those Updates

Whenever an application wants to update be sure to check what the changes are to see if it's asking for anything new. IPhone users can do this by tapping on the apps that have updates available in the iPhone's onboard App Store application. Android users should read over the new permissions list that appears before you install the update to make sure it isn't asking for new permissions you don't want it to have.

Keep an Eye on TaintDroid

Right now TaintDroid is a monitoring tool that requires you to modify your firmware to work. It is not an installable application right now, so TaintDroid is not ready for everyday users. However, the creators of TaintDroid plan to turn the program into an open source project. In a few months, maybe some enterprising developer will be able to create a usable TaintDroid application.

Keep an Eye on Amazon

Rumor has it that Amazon is working on its own curated Android app market similar to Apple's App Store. Details are unclear about which devices will be able to use the market. But it's worth keeping an eye on as Amazon may be able to effectively neutralize many, but not all, bad actors before they reach the online retailer's rumored Android market.

Still A Small Risk

Remember that while these tips will help maintain your privacy and security you take an inherent leap of faith with every app you download. The hope is that developers won't abuse your trust, and that safeguards such as community policing (Android) and quality control monitoring (iPhone) will keep out rogue developers.

But there's always a small chance you could end up using an app that violates your privacy or has some rogue functionality built-in.

The good news is that tools such as TaintDroid and Lookout Mobile Security's App Genome project are working to expose applications that are behaving badly.

TaintDroid Demo

Connect with Ian Paul ( @ianpaul ) and Today@PCWorld on Twitter for the latest tech news and analysis.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags securityDuke Universityintelprivacy

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ian Paul

PC World (US online)
Show Comments

Most Popular Reviews

Latest News Articles


PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?