Indian android apps seek more of your data than global counterparts
Interestingly, most data that these apps and websites share with third parties end up going to two of the largest global tech firms — Google and Facebook
According to an annual study by enterprise cyber security and data privacy platform Arrka Consulting, about a third of the permissions sought weren’t required for core functionality of those apps. Interestingly, most data that these apps and websites share with third parties end up going to two of the largest global tech firms — Google and Facebook.
The key privacy metrics were assessed on 100 Indian apps with each having at least a million downloads across Google Play, Apple’s App Store and websites. About 50 global Android apps were assessed on privacy and technical parameters to draw a parallel to Indian ones and their permission settings. In some categories such as travel, shopping and wallets, homegrown apps end up taking 1.5 to 3 times higher permissions than global peers.
With rising number of smartphones and data becoming cheaper, internet companies are witnessing many unique visitors to their platforms and seeking permissions helps companies gather more information about usage behaviour, shopping patterns, bank transactions and use of a host of services. Essentially, these permissions help build user profiles which third-party vendors can then use for targeted selling. On an average, Indian apps take about 8 permissions when a user installs a certain app.
When an app seeks more permissions, it collects additional information about a user that’s seen as invasion of privacy, especially when the user has unknowingly granted access to certain apps.
Global tech firms like Facebook have come under scrutiny for mishandling customer data. Most recently, Google said it’s bringing in new controls that allow user users the rights to share data while installing third-party apps from Google Play Store.
The study puts the spotlight on lack of discipline in collecting user data and privacy concerns during data collection as some reasons why Indian apps access excess user information. “App development could be done by a vendor and no justification is asked by organization on permissions taken during the process,” the study added. It said 99% of apps send data to one or more third parties for advertising, analytics, etc. “On an average, an app/website sends data to more than five third parties and many had the same parent organisation. Google was observed in 30%-58% instances and was clearly the leader while Facebook was second,” the report said.