Skip to main content

Study shows prominent apps are selling your data to 3rd parties


These apps are more like a glorified data farm.

Among the various categories of apps that exist out there, some by their nature store more of your personal information as compared to others. One such niche is dating apps that have gained momentum over the past decade. However, there’s something shady that has been going on all the while in the background.
In a study [PDF] conducted by the Norwegian Consumer Council named ForbrukerrÃ¥det on 10 apps, it has been found out that several popular dating apps such as Tinder, OkCupid & Grindr along with certain popular menstrual help apps such as Clue and MyDays have been sharing the personal data of users with as much as 135 different third parties for advertising purposes.
This data includes one’s location, age, gender, sexual orientation, drug use, religious & political views although varying from case to case depending on the information one has given to these specific apps.
prominent dating & menstrual help apps selling your data to 3rd parties
Researchers analyzed tons of app, here are some of them.
Yet, we’ve seen this happening before and looks like no learned from it. Two years ago, Grindr was discovered sharing the HIV status’ of its users whereas Tinder was found giving away 100m accurate location data. The cause of alarm though lies in the fact that users at a fault too here. 
prominent dating & menstrual help apps selling your data to 3rd parties
This is how advertisers make your digital ID
You see, when one signs up to these apps, they are in some way agreeing to their privacy policies. Since both the policies of Tinder & OkCupid contain clauses that they may share your data with unspecified third parties, they may have a case of having your consent.
Moreover, it also states that they can share your data with any apps under their parent company: Match Group. So even if you haven’t ever used any other app than Tinder, 45+ other apps still have a right to access your data.
None of the apps provided the information necessary for the consumer to  make an informed choice when launching the apps. Furthermore, we found a near-complete lack of in-app settings to regulate or prevent the sharing of personal data with third parties. This illustrates that consumers are often not given enough information to choose whether they accept being tracked and profiled, the study revealed.
Nonetheless, on the other hand, it is important to realize that these apps may be in violation of certain privacy laws such as the EU’s GDPR because of the secretive way in which they inform users of the handling of their data and how it is processed altogether. Hence, it is very important that they review their current policies and move forward in a legally compliant way.

Comments

Post a Comment

Popular posts from this blog

List Of Sql Infected Sites-HACKEREAD

SQL injection  is a  code injection  technique, used to  attack  data-driven applications, in which malicious  SQL  statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).  SQL injection must exploit a  security vulnerability  in an application's software, for example, when user input is either incorrectly filtered for  string literal   escape characters  embedded in SQL statements or user input is not  strongly typed  and unexpectedly executed. SQL injection is mostly known as an attack  vector  for websites but can be used to attack any type of SQL database. List of SQL Infected sites:  http://www.genhound.co.uk/source.php?id=477 http://www.lcoastpress.com/journal.php?id=8 http://www.travellers-tales.co.uk/travelJournal.php?id=42 http://www.arrowvalves.co.uk/content.php?id=8 http://www.reaplasrack.co.uk/content.php?id=129 http://www.arrowval...
Post a Comment
Read more

Google dork list for XSS (Cross- site scripting)-2020

GOOGLE DORK LIST FOR Cross-site scripting -2020 Google Dorks  its also known as google query ,List “Google Hacking” is mainly referred to pull the sensitive information from Google using advanced search terms that help users to search the index of a specific website, specific file type and some interesting information from unsecured Websites. Google Dorks list  2020 can uncover some incredible information such as email addresses and lists, login credentials, sensitive files, website vulnerabilities, and even financial information (e.g. payment card data). Here you can see an example to understand how  Google Darks   password  used by hackers to gain sensitive information from specific websites. You can also use for Exploit DB site to give you according to you Search state. https://www.exploit-db.com/ “ inurl: domain/ ” “ additional dorks A hacker would simply use in the desired parameters as follows: inurl = the URL of a site you want...
Post a Comment
Read more

Popular Android Zombie game phish users to steal Gmail credentials

The app made its way to Google Play Store was also found phishing users for Facebook credentials. Scary Granny ZOMBY Mod: The Horror Game 2019 is the latest game on Google Play Store that is condemned by the digital security fraternity for sneakily stealing personal data from unsuspecting users. The game, which has been downloaded for over 50,000 times, was available for Android devices making Android users its primary target. The malicious app attempts to collect sensitive information such as Facebook and Gmail login credentials. The malicious activities of Scary Granny ZOMBY Mod were detected by the mobile security firm Wandera. The company found out that the app asks users to enter their Gmail or other Google account credentials, which are then used for collecting private data of the user by hijacking the account –  All of this happens, unsurprisingly, without alerting the user. Gmail phishing page on the supposed gaming app (Screenshot: Wandera) Rese...
Post a Comment
Read more