The beauty of modern applications is their convenience. Intuitive user-interfaces make navigation and functionality as easy as possible. With data aggregation and user history, the app knows how it's being used, and can sometimes predict your preferences. Some of the most common examples of this are Netflix, Pandora and Spotify. The result is software that really seems to know its users. But at what point does it know its users too well?
It's safe to say that we're living in the world of application omniscience. And while the user experience of modern software is better than it ever has been, data security and privacy issues may be some of the unfortunate fallout.
One of the most recent examples of the security and privacy of data aggregated by applications came out of the Uber camp. According to a Trend Micro post from earlier this year, the ride-sharing application has run into several problems in the past few years despite its wild success. In November 2014, the company came under fire for tracking users' whereabouts without their permission. To make matters worse, the company was caught red-handed using this ability to essentially spy on people.
The incident occurred when the top-level New York executive for Uber told a BuzzFeed news reporter that he had been tracking her whereabouts as she was en route to meet with him for an interview. The tool he used to do this, incidentally, is called the "God View." Needless to say, tracking the journalist's location without her permission in this manner was a clear violation of privacy.
In 2014, Uber also admitted that it had been the victim of a data breach. In early 2015, it was revealed that the names and license plate numbers of as may as 50,000 drivers across the country has been exposed. The company faced a $20,000 fine as a result, both for failing to report the incident to the parties involved and the Attorney General, and in response to its poor privacy practices.
Developers may know what music you like
Uber is a good case in point when it comes to data privacy concerns because of how substantial the company's user base has become. However, they're hardly the only firm that knows more about their customers than they should. One recent example is Music Tracker. The application tracks all changes and updates to a music library on an iOS device, and is ideal for use with Apple Music. This is mainly because content stored via Apple Music is regularly deleted or updated as a result of licensing issues.
While Music Tracker may seem relatively niche and fairly innocuous, developer Ben Dodson explained in a blog post that he and other developers have access to iOS users' music libraries. This means is that advertisers can use your music library to learn more about you. Dodson filed a bug report with Apple; however, as of Feb. 23, he noted that the issue had not been adequately addressed.
How to protect your privacy
The more application developers know about customers, the better they can tailor software to meet their end users' needs. Of course, this also means that more of a user's information can be used for advertising purposed, and in the event of a breach, can be stolen by hackers. Furthermore, this exchange of private information should be voluntary, and more importantly, conscious. Trend Micro notes that many free applications have ad libraries, and that by agreeing to the terms, whether or not they realize it, users are essentially granting the developers access to certain data. Without actually reading the terms and blindly accepting, they won't necessarily know exactly how much data, or which data.
To become a more well-informed application user, Trend Micro encourages people to more aware of privacy conditions for simply hitting "accept." This can be somewhat difficult considering these conditions are buried in a sea of esoteric verbiage. However, there are other options, such as PrivacyGrade.com. As the name suggests, the website gives a privacy grade to applications. At the very least, users can be more conscious consumers.
And finally, as applications continue to get smarter for the sake of strong UX, cyber security solutions that incorporate privacy scanners can help create much-needed parameters for third-party access to personal data.