WSJ: iPhone and Android apps can breach your privacy

“Few devices know more personal details about people than the smartphones in their pockets: phone numbers, current location, often the owner’s real name—even a unique ID number that can never be changed or turned off,” Scott Thurm and Yukari Iwatani Kane report for The Wall Street Journal.

“These phones don’t keep secrets. They are sharing this personal data widely and regularly, a Wall Street Journal investigation has found,” Thurm and Kane report. “An examination of 101 popular smartphone “apps”—games and other software applications for iPhone and Android phones—showed that 56 transmitted the phone’s unique device ID to other companies without users’ awareness or consent. Forty-seven apps transmitted the phone’s location in some way. Five sent age, gender and other personal details to outsiders.”

Thurm and Kane report, “Apps sharing the most information included TextPlus 4, a popular iPhone app for text messaging. It sent the phone’s unique ID number to eight ad companies and the phone’s zip code, along with the user’s age and gender, to two of them. Both the Android and iPhone versions of Pandora, a popular music app, sent age, gender, location and phone identifiers to various ad networks. iPhone and Android versions of a game called Paper Toss—players try to throw paper wads into a trash can—each sent the phone’s ID number to at least five ad companies.”

Read more in the full article here.


  1. Bad. Apple oversees other mal-issues concerning aps. I believe Apple should require more openness in telling us what each ap actually sends or monitors. That could be a required part of the ap description itself. It could also be tested as part of Apple’s approval process, not that slowing the approval process down would be a good thing. But this is an important issue and may be even more critical down the road.

  2. To : H. Wells

    Did it ever occur to you that the App Creator’s is Slipping in the API to Pull this information in a update after the Submission to Apple of the Main Application Process, then when given the application approval from Apple, the same application is uploaded, but with the added “EXTRA” API to pull the ID information, therefore, skirting around Apples approval process.

    Think about it, It’s already been talked about on how this could have been done, and this is the most likely way, Android has the same problem also, and they don’t have as strict guidelines as Apple in the Application submission process.

    Apple will be Pulling these Applications due to the Violation, They will investigate, and if found guilty of a violation Apple will act swiftly to send a message to the rest of the development community to play by the rules or go elsewhere.

    I Don’t Blame Apple for this, or even see this as a bad thing, Hell you have Idiots Putting there lives on Facebook every day, And those who complain about this are just hypocrites..

    Everyone that posts online & everyone that has a email can be tracked cataloged and found including more information found out by what the smart phone UID sent out.

    Think about it.

    You Give Up Something, For Something Else … It’s always a tradeoff.

  3. It’s reprehensible. Apple is really losing its appeal if it starts acting like MS or Google.

    ALL datamining, by law, should be opt-in and not a prerequisite for data services. “more relevant ads” is not a reason to allow your personal data to be swiped at every turn.

    If the user is already paying ANY data service fee, then there should be no ads pushed to the user without his/her explicit consent.

    Look how crappy cable TV, originally the “ad-free alternative to broadcast TV” has become. The mobile ad industry is an order of magnitude worse.

  4. @ Scott B : you might think differently if some spammer got ahold of your credit card information, or social security #, private photos, or other sensitive information. With no laws to protect us, and no corporate consciousness to do the right thing, then you can expect to eventually be electronically raped by the scumbags of the internets.

  5. Did you even bother to read the Article.

    If you did, Go back to School son, Your reading Comprehension is atrocious.

    You said nothing at all that had to do about Apple,

    This is About a few Application Developers Going Around and …

    Ah h Forget ti you won’t understand..

  6. Ok great let the Government control What?

    Hell, They “GOVT” Can’t even get along with themselves, and you want govt. control.

    No thanks, I fought for my Country, But I draw a line when I hear someone say they want Govt. to step into a Private Business Area where they have no fact, going off a story from the WSJ as gospel without proof of backup and heeding full force and head-on blinded into something they think they fully believe is factual.

    No Way, We believed another person like that before and allot of good American’s got killed cause someone believed in something that was told as truth and out Government was the one that said it Mike.

    I Am Done with People Like You Mike.

  7. Mike

    If you would have spent some time reading the article instead of trying to defend some one sided argument you would have seen that it is a problem that falls on the developers that have found a way around Both Android and Apples API’s

    I gave information on one of the way’s by how the developers could be circumventing Apples API’s and also Androids.

    You come up with some around the corner rant on how I may feel if my credit card or pictures are stolen. I am so glad you are a clairvoyant and can feel my emotions from this long distance that we are apart i say Thank You but you are Wrong.

    Next use a protected Credit Card, Yes, and most people should but they don’t, You may get one at your Bank for a small modest fee, use it only for online transaction and it is linked to Just iPhones, iPads, if anything happens the card is insured, You Kill the card no loss and a new card is issued in less the 24 hours.

    As for Photos use Digital Online Protected Mobile Account and Never Ever Ever go any further then that.

    Mike You Need to Be Smart, But you just had to many excuses and don’t take that as a insult, but you fired back quickly to my post as such.

    Have a great day.

  8. @ Scott B

    Thanks for the heads-up on obtaining a protected credit card. I had no idea they existed and that’s one thing I’ll definitely look into as I loathe giving out card #s over the internet. Even when Safari says “safe” I know it’s mostly an illusion engineered to make me feel that way. Vulnerability is always but a hacker or malicious PC virus away.

  9. The free versions of TextPlus and PaperToss are both ad based.

    I guess they need to somehow target the ads based on usage in these two apps and that’s why the ID is sent over.

    For other apps it will be the location that is sent over so that they can send ads that make most sense for the user.

    In the iPod touch/iPhone there’s a way to turn off location services on a per app bases. Not sure whether the free apps will still work if you turn off location service for the app.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.