The company has shared startlingly sobering stats on the sad and sorry state of superfluous and suspicious app data gathering in its latest blog post entitled "Mobile Privacy: What Do Your Apps Know About You?".
Asking "just how much personal information are your apps gathering", and "do they really need so much?", Symantec notes how we're "all eager to click 'accept' and 'next' when we download a new app", but that we "really should take the time to understand what information we are sharing, how it’s used and if the app developer is protecting our privacy".
One such example shared in the blog is of "an Android flashlight app that has more than 10 million downloads and requests access to users’ calls, messages, camera, etc."
The answer is, as you'd expect,: "Probably not."
Norton by Symantec has released an infographic analysing how much personal information is being gathered by the top 100 apps on Google Play and iTunes, and it is embedded at the bottom of this article.
There's plenty more in the blog post which you can read about here.
Symantec's second blog post is entitled "Fraudulent Google Play apps: Symantec has found 68 fraudulent apps by five different developers that contain aggressive advertisements".
Here we learn that "after analysing the top 100 free apps in the Google Play and Apple App Stores, Symantec found many apps may be requesting risky permissions or excessive access to user’s personal information":
- Forty-five percent of the most popular Android apps and 25% of the most popular iOS apps request location tracking.
- Forty-six percent% of popular Android apps and 25% of popular iOS apps request access to a device’s camera.
- Some Android apps even ask to access SMS messages (15%) and phone call logs (10%).
You can read plenty more in the blog post, here.
Here is Norton by Symantec's "list of best practices for choosing and downloading apps, along with easy steps for users to take back control of their privacy":
Before you install an app, Symantec encourages asking a few questions:
- Do I know what information and permissions an app is asking?
- Am I comfortable sharing personal information with this app developer?
- Does the app really need the device permissions it is requesting?
How to avoid granting excessive permissions if you have already installed the app:
- In the case of Android apps, you can remove unnecessary permissions by going to the Settings menu and then clicking on Permissions.
- Removing permissions may cause a poorly designed app to stop working. Well-designed apps will indicate if they need a permission when you attempt to perform the function that requires it.
- In the case of iOS apps, you can remove unnecessary permissions by going to the Settings menu and then clicking on Privacy.
How to protect your personal information:
- Ideally, don't sign into an app using your social networking site account. If you do, check what data the app will receive from the social network account.
- If you do sign into apps using your social network account, be frugal about how much information you provide in your public profile on social networking sites.
- When you post data to a social networking site from an app, think about whether you want the social networking site to have this information about your app.
How to check what apps are using data from your Facebook account:
- Go to the small down-arrow at the top right of the homepage and select Settings.
- Select “Apps & Websites" in the menu on the left to discover what apps are actively using your data.
- Select each app to view and edit the permissions on the data it uses.
How to check what apps are using data from your Google account:
- Visit the Google My Account Permissions page here.
- Here you can review and edit what third-party apps have access to your Google account.
- You can also review and edit which apps are using Google for sign in and what information is being shared with them.
Here's Norton by Symatec's infographic: