November 05, 2012, 2:40 PM — Everyone knows there’s no such thing as “free” on the InnerWebs. Everything costs something – if not money, then your personal information.
OK, Fine. Tell me something I don’t know. Right?
The problem: When you spend a buck or two on an app, you know exactly what it costs. When a free app asks to track your location or comb through your contacts, however, the real cost is almost entirely hidden from view. You don’t know how that data will get “spent,” how many times it will be sold, who will have access to it, and what could happen to you as a result. All of that is invisible.
If that doesn’t concern you, well, it should.
Today’s example of Apps Behaving Badly comes from a report by Juniper Networks’ Mobile Threat Center, which looked at 1.7 million apps available on the Google Play market over the last year or so. The key finding: Free apps are far more likely to use and abuse your personal information than paid apps. To wit:
Free apps are 401 percent more likely to track location and 314 percent more likely to access user address books than their paid counterparts.
In other words, one out of four free apps tracks your location. (Only one out of 16 paid apps does this.) About seven percent comb through your address book (three times as many as paid apps); roughly the same percent of apps can initiate phone calls or access your phone’s camera without getting the A-OK from you.
The usual explanation for this rampant data gathering is that the apps need your location to deliver the services they offer, or need to access your address book to make connections with other people who use the same app, or they need this stuff to deliver targeted ads to you. And that may all be true in many cases. But Juniper found that most apps that track location, for example, aren’t part of any ad network. So what do they need this information for? Excellent question. Nobody knows.
It gets worse. The Google Play (aka Android) market is well known for having lax standards at best when it comes to screening apps. Though Google began automatically scanning all uploads for malicious code last January, malware laden apps were still widely available on the Google Play market six months later.
According to Juniper, the worst offenders are faux gambling apps and racing games. Nearly all cards/casino/racing apps have the ability to make calls or send texts on your behalf, which can rack up steep charges for premium calls; most also can access your camera independently as well.