Rogue flashlight app shines a light on the importance of Android app permissions

Jonathan Rockway via Flickr/Creating Commons

Here's just the latest verse in the ongoing ditty dubbed "No, seriously, check those Android app permissions."

On Thursday, the FTC announced that it has reached a settlement with Goldenshores Technologies, LLC, the developer of the super-popular "Brightest Flashlight Free" app—an app that has been sharing Android users' unique device IDs and precise physical location with advertisers.

Now, as shady as that is by its lonesome, it's not illegal, and it's par for the course with many of the free apps clogging up the Play Store halls. But the FTC says the app's privacy policy didn't clearly spell out what data was being shared, and more egregiously, the opt-out clause Goldenshores included didn't really stop the flow of information.

"The company deceived consumers by presenting them with an option to not share their information, even though it was shared automatically, rendering the option meaningless," the FTC statement reads. That's wonderful, especially when you consider the silly little app was downloaded more than 50 million times over.

Goldenshores has agreed to delete the data it's collected, clean up its privacy policy, and give users more control over their location data as part of the FTC settlement. You—yes, you—should take this as yet another lesson in being proactive with your smartphone safety, though. Check out those permissions before installing a new app, and follow our advice for keeping your phone secure.

And if you're really worried about ad tracking, checkout the freemium Lookout Mobile Security app; earlier this year, the company began targeting pushy ad networks as malware.

This story, "Rogue flashlight app shines a light on the importance of Android app permissions" was originally published by TechHive.

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Shop Tech Products at Amazon