iubenda logo

In a digital era where smartphones and apps govern our daily lives, one question that often goes unanswered is: “What happens to the data these apps collect?”

Today, we are diving into some eye-opening revelations made by noyb, a European non-profit organization focusing on digital rights. Noyb recently filed three complaints in France against Fnac (the largest electronics store in France), the real estate app SeLoger, and the fitness app MyFitnessPal, alleging that these companies’ apps illegally access and share user personal data.

The Methodology and Findings

Noyb’s complaints stem from a technical investigation where apps were installed on an Android smartphone to analyze their network traffic. The findings were unsettling. As soon as users open these apps, the applications begin collecting and sharing sensitive data like Google’s unique Advertising ID (AdID), the model and brand of the device, and the local IP address with third-party organizations.

Why is this a Big Deal?

Such data collection allows for extensive user profiling, which in turn enables targeted ads and marketing campaigns, thereby increasing revenue for these companies. The more concerning aspect is that users aren’t given the option to consent to this data sharing, making the process unlawful under the ePrivacy Directive of the European Union.

The Illusion of Consent

European law states that data access or storage on a user’s terminal device is only allowed if users provide “free, informed, specific, and unambiguous consent.” Two out of the three mobile apps that were part of this investigation did not even display a consent banner upon launching. The third displayed a consent banner but began data transmission before the user could interact with it or provide their consent.

Detailed Tracking

Information like AdID is unique to a device, making it possible for third parties to single out users for targeted advertising in the future. Some apps go a step further by tracking user behavior outside their apps, providing even more granular data for their profit-making schemes.

The Larger Context

According to research by Konrad Kollnig and others, only 3.5% of all apps give users a real choice to decline consent. Ala Krinickytė, a Data Protection Lawyer at noyb, has emphasized that illegal data sharing is a widespread issue in the mobile app environment. Noyb aims to push regulatory authorities to put an end to this troubling practice.

Call to Action

Noyb has urged the CNIL (The National Commission on Informatics and Liberty) to order MyFitnessPal, Fnac, and SeLoger to delete all unlawfully processed data. They also suggest imposing fines due to the seriousness of these violations. This is merely the tip of the iceberg, as noyb plans to file more complaints against mobile app companies in the future to halt the illegal sharing of user data.

As consumers, it’s crucial that we remain vigilant and informed about the apps we use and the permissions we grant. Regulatory bodies must also step up to enforce existing laws designed to protect user data. Until that happens, organizations like noyb will continue to uncover the underbelly of data violations in the mobile app industry, pushing for change one complaint at a time.

As Ala Krinickytė of noyb puts it, “The illegal collection and sharing of users’ personal data is a widespread problem in the mobile apps environment. It is key that the supervisory authorities now take appropriate action to put an end to this practice.” Let’s hope that the coming months and years bring about more accountability in this sector.


Mobile apps under scrutiny by privacy authoritiesMichigan Personal Data Privacy ActPrivacy Policy for iOS Apps

About Us

iubenda is the easiest and most professional way to generate a privacy policy for your website, mobile app and facebook app
www.iubenda.com

Generate a privacy policy now

Ready in a few steps and built to meet the needs of both website and mobile app owners

Generate your privacy policy now

Sometimes the best choice is to "just give it a try"

iubenda is the easiest and most professional way to generate a privacy policy for your website, mobile app and facebook app

Generate your privacy policy now