What are mobile apps telling advertisers about you? It's a question that's come about after a federal grand jury convened to investigate how smartphone app developers are collecting and disseminating information about users without their knowledge or authorization. An app security firm decided to dig deeper, and take a look at what one of the apps being investigated is doing.
Veracode took a close look the Pandora app for Android as part of its research, using its own tools to analyze the app. The researchers found that the Pandora app contains software components for five ad platforms. Veracode also examined what data these ad platforms were collecting: In the case of the Pandora app, the ad libraries--the software components that allow app developers to integrate ads into their apps--could access a user's location. Veraphone also suspects that the ad network libraries may also have access to a users' gender, birthday, and postal code.
You can read the full analysis at Veracode's company blog.
According to the Wall Street Journal's report from earlier this week, the issue isn't so much that these apps are accessing and transmitting user data to advertisers, but that these apps are allegedly doing so without informing users first.
"Pandora has argued that it needs the user information so that it can continue delivering personalized music streams. Veracode's analysis, however, shows that Pandora isn't just collecting that information for itself, but is also using it for advertising purposes."
In any case, it should be interesting to see how this all shakes out, and it'll affect popular smartphone apps.