Some iOS apps are using Background App Refresh to send data to tracking companies

“It’s 3 a.m. Do you know what your iPhone is doing?” Geoffrey A. Fowler reports for The Washington Post. “Mine has been alarmingly busy. Even though the screen is off and I’m snoring, apps are beaming out lots of information about me to companies I’ve never heard of. Your iPhone probably is doing the same — and Apple could be doing more to stop it.”

“On a recent Monday night, a dozen marketing companies, research firms and other personal data guzzlers got reports from my iPhone. At 11:43 p.m., a company called Amplitude learned my phone number, email and exact location. At 3:58 a.m., another called Appboy got a digital fingerprint of my phone. At 6:25 a.m., a tracker called Demdex received a way to identify my phone and sent back a list of other trackers to pair up with,” Fowler reports. “And all night long, there was some startling behavior by a household name: Yelp. It was receiving a message that included my IP address -— once every five minutes.”

“iPhone apps I discovered tracking me by passing information to third parties — just while I was asleep — include Microsoft OneDrive, Intuit’s Mint, Nike, Spotify, The Washington Post and IBM’s the Weather Channel. One app, the crime-alert service Citizen, shared personally identifiable information in violation of its published privacy policy,” Fowler reports. “According to privacy firm Disconnect, which helped test my iPhone, those unwanted trackers would have spewed out 1.5 gigabytes of data over the span of a month. That’s half of an entire basic wireless service plan from AT&T.”

“Yes, trackers are a problem on phones running Google’s Android, too,” Fowler reports. “Google won’t even let Disconnect’s tracker-protection software into its Play Store.”

Read more in the full article here.

MacDailyNews Take: See, Android dominates in market share, with roughly 75% to iOS’ 25%, and the media will never fail to remind us all of that whenever they can (as if it’s some accomplishment to have amassed the cheapskates and the poor of the world instead of cornering the market on those with disposable income and the proven will to spend it), but then they treat Android as an afterthought whenever there’s a problem. Whenever an issue is found, the media place “Apple” and “iPhone” in the headline and spend paragraphs on it upfront before noting down below, “Oh, yeah, Android has the same issue and it’s worse, too.” The double standard is blatant.

Anyway, Fowler recommends trying Disconnect‘s free iOS version of an app called Privacy Pro “to glimpse the secret life of your iPhone.”

If you want to stop this data communication on an iOS device, simply turn off Background App Refresh:

Go to Settings > General > Background App Refresh and turn them all off at once with the main toggle switch or, more granularly, turn off individual apps you do not want the refresh in the background with their respective toggles.


  1. Hey Apple, FIX THIS NOW! Normally a huge fan of Tim Cook and Apple products in general. But what in God”s name is the point of paying Apple’s “privacy premium” if apps are allowed to do their surveillance in the middle of the night? Seems so easy for Apple to fix. Truth is, I’m beginning to think Apple turns a blind eye to stalking done by apps so developers stay happy. So, Apple, let me be clear: FIX THIS NOW. NOW!!!

    1. Well, Pistoff, you have to take some personal responsibility for securing your devices. And you also have to understand that compromises are often necessary to balance privacy with functionality.

      I see Android commercials that tout the phones “knowing your musical tastes” or knowing so much about you that the phone can predict what you need. The problem is, those commercials do not acknowledge that your Android phone is not the only one that “knows” all of that information (and much more).

      Apple has been refining its approach to iOS privacy and security since 2007. And Apple has paid a price for not opening up its customers to exploitation. Apple attempts to strictly limit the information available to third party apps, but bad eggs do slip through. Google, for instance, rejiggered their app years ago to bypass a step that Apple added to prevent tracking of individuals. It is hard to thwart all of the evildoers.

      And then there is the case in which users willingly provide wide access to personal data by allowing location services and such. I strictly limit location services to a few specific apps, and even those apps are limited to using location services while the app is active.

  2. MDN, that’s a major deflection, even for you.
    The price for Google is information, not money.
    The price for Apple is money, and allegedly not information.

    Though I do like your advice on how to turn it off.
    Maybe it’s better if all tracking is turned off by default, until the user specifically enables it.

    Apple has made themselves the IT department and justifies it with the promise of safety, privacy and security. So when that fails, who’s responsible? Me? If they are not responsible, it’s the worst of both worlds.

    “Google won’t even let Disconnect’s tracker-protection software into its Play Store.” – Fowler

    Not even good BS! Does Fowler know that the Play Store is not the exclusive channel for Android Apps and services?

    Did he even check this?

  3. If this is news to Apple, the next action I would expect them to take is to ban (at least temporarily) all offending apps from working on iOS devices no matter the size of the App developer. Anything less will degrade their claim of Security and Privacy being paramount to the iOS device experience. Additionally, inaction on this will weaken Apple’s arguments for maintaining the iOS App Store as the sole source of Apps for iOS devices.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.