Buy the app – become part of the game…

22 Jul

An interesting post came through my feed the other day: “Angry Birds as a Social Network Market” , written by Tama Leaver of Tama Leaver dot Net­, discussing the social network value of app-based games on mobile interfaces, such as Angry Birds. I must firstly acknowledge that Tama lectures some of my university studies at Curtin University, Perth. Tama (PhD) is a well-respected and awarded lecturer in Internet Studies, in particular on digital culture and how everyday lives are affected by social software.

Tama’s article, discussing the enjoyment of readily accessible social app games, reminded me of a situation recently when I was intending to install a game app on my Android, from Google Play. I was confronted with a list of permissions I should agree to, as required by their privacy policy agreement, to install the game app. Google’s Privacy Policy states:

Information we get from your use of our services. We may collect information about the services that you use and how you use them, like when you visit a website that uses our advertising services or you view and interact with our ads and content. This information includes:

  • Device information
    We may collect device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number). Google may associate your device identifiers or phone number with your Google Account.
  • Log information
    When you use our services or view content provided by Google, we may automatically collect and store certain information in server logs. This may include:
  • details of how you used our service, such as your search queries.
  • telephony log information like your phone number, calling-party number, forwarding numbers, time and date of calls, duration of calls, SMS routing information and types of calls.
  • Internet protocol address.
  • device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL.
  • cookies that may uniquely identify your browser or your Google Account.
  • Location information
    When you use a location-enabled Google service, we may collect and process information about your actual location, like GPS signals sent by a mobile device. We may also use various technologies to determine location, such as sensor data from your device that may, for example, provide information on nearby Wi-Fi access points and cell towers.

Needless to say I was surprised at the amount of information Google wanted to access and control from my Smartphone in exchange for me buying a game and installing the app. I didn’t install the app and won’t install any more at this stage. My decision to not participate is a conscious rejection of Google’s invasion of my privacy. Yet, so many people simply agree (or overlook reading the terms and conditions) because they want the game and think little about the consequences, or reach, of giving Google full access to their very personal and defining mobile activity. And this is fact–83% of people do not pay attention when they accept permissions of installation of apps (Norton, 2013). In turn, I started to wonder about anyone using mobiles or smartphones in networks that are monitored by Intelligence Agencies and authorative regimes. It does not take a deep search of the Internet to find articles that confirm that this happens more than we care to believe. I wrote about one aspect of this late last year discussing tracking mobile phone tracking: If ‘they’ can find planes and ships – finding you is probably not much harder… if you have a mobile phone.

Therefore, if Google can do this so simply, there is nothing stopping these agencies or regimes doing exactly the same thing by creating their own app. This infographic from Norton is quite alarming – as Google does not see all malware it approves as an app (Norton, 2012).  In his book: Net Delusion: The Dark Side of Internet Freedom, Evgeny Moronov discusses many ways that Internet technologies are accessed for control, surveillance and identification of perpetrators. For example, users can be identified through Cloud Services (2011, p.172), supposed safe-haven proxies such as TOR (2011, p.172-173) and even through business deals such as IBM giving China the technology to track social networks (2011, p.175). And that is not the end-point; they are just a few examples. Morozov also suggests that with some ‘trolling through all these blog posts’ on popular social media, quite a lot of information may be yielded to ‘intelligence services’ (2011, p.166). This information may suggest connections with other people of interest.

With further research into the commonality of Smartphone access yielding very private information, a number of recent reviews have suggested that Apps offer more than just a user-experience. The apps offer a key gateway for the developer or host to access the user’s private information in order to profile and match their data and make connections to people the user may never have considered they were connecting to. In his article “Google Android Vs. Apple iOS: The Mobile App Privacy War” Brian Prince reports that Bitdefender found 45.41 per cent of iOS operating apps have capabilities to location-track and Android applications had 34.55 per cent capability (Prince, 2013). Bitdefender also found that a low per cent also leaked the Device ID and user’s email. And worse, this leakage leaves a significant loop-hole, “yet to be exploited by cyber-thieves” (Prince, 2013).

Norton Mobile Security suggests that Android covers 72% of marketshare of Smartphones, and 97% of discovered malware threatens this operating system (Norton, 2013). Quite disturbingly for modern Smartphone users, the free Wi-Fi hotspot becoming more popular in cities around the developed world, are proving to be a relatively easy access point if someone has the intent to access user information via leaky phone apps. Daniel Bates reports that German researchers from Leibinz University of Hannover and Phillipps University of Marburg discovered, through their own WiFi research, that many Android users accessing the Internet network through free WiFi hotspots have left themselves vulnerable when accessing payment credentials, PayPal, bank account information, cloud information and Internet Protocol services (Bates, 2012). Users are too trusting of the security of Internet services. If that person is being pursued criminally or oppressively the outcomes could be severe, or even fatal.

And iOS apps are not exempt from this problem. Science News reports that:

“Almost half of the mobile apps running on Apple’s iOS operating system access the unique identifier of the devices where they’re downloaded… and 13 per cent access the devices’ location and more than 6 per cent the address book.” (atl4484, 2013).

Mobile access to the Internet and its games and social networks affords the user many experiences and connections but without the right attention to permissions and controls the privacy of usage and leakage of information threaten the security of that device and the personal life of the user. It would be easy to dismiss this by suggesting that users be more careful. However, the companies accessing this information to profile clients and utilise their contact information to exploit the weak links of ties (Granovetter, 1973) also need to consider whether their information gathering is clever marketing or stealthy exploitation. Weak links, or leakages, create a more rapid spread of information.

And this article would be incomplete if the world’s largest social network, Facebook, (Vaughan-Nichols, 2013) was not considered in relation to mobile access and sharing of information. Violet Blue, in her article “Anger mounts after Facebook’s ‘shadow profiles’ leak in bug” reports that Facebook have been exposed for storing shadow information on users without their knowledge and that only through accidental exposure have users suddenly become aware of this ‘underground’ profiling and linking to their information (Blue, 2013). Facebook can easily deflect this by suggesting that agreeing to the terms and conditions on installation of the mobile app shows that the user is willing to accept this agreement.  Yet Blue goes on to suggest that Facebook now has access to far more information than users knew or perhaps considered they were agreeing to (Blue, 2013).

In the case of the oppressed, any exploitation of privacy may be lethal or have detrimental results for family and/or communities and further investigation may reveal more in this area. It is fair to expect that any person feeling threatened by their government would be far more likely to avoid networking where possible. Indeed Morozov suggests that using unbranded mobile phones, without unique identifiers may make the phone ‘virtually untraceable’ enabling users to ‘stay off the grid’ (2011, p.176). However, suspecting governments are starting to remove the availability of such phones, and pre-paid SIMs, in order to remove this anonymous mobile gridding (Morozov, 2011, p.177).

Next time you are considering installing an app on your mobile technology, or a popular and freely available program from the Internet, stop! Read the fine print, and be aware of what you are really signing up for.

You may well become part of the game, but not just the game you bought.

References

Atl4484. (2013). App to protect private data on iOS devices finds almost half of other apps access private data. Retreived from http://sciencenewsnews.com/app-to-protect-private-data-on-ios-devices-finds-almost-half-of-other-apps-access-private-data/

Bates, D. (2012). Android apps leaking private data are putting millions of smartphone users at risk of identity theft, study warns. Retrieved from http://www.dailymail.co.uk/sciencetech/article-2222293/Android-apps-leaking-private-data-putting-millions-smartphone-users-risk-identity-theft-study-warns.html

Blue, V. (2013). Anger mounts after Facebook’s ‘shadow profiles’ leak in bug. Retrieved from http://www.zdnet.com/anger-mounts-after-facebooks-shadow-profiles-leak-in-bug-7000017167/

Google.com. (2013). Google Policies & Principles: Privacy Policy. Retrieved from https://www.google.com/policies/privacy/

Granovetter, M.S. (1973). The Strength of Weak Ties. American Journal of Sociology. 78(6), 1360-1390. Retrieved from http://www.stanford.edu/dept/soc/people/mgranovetter/documents/granstrengthweakties.pdf

Morozov, E. (2011). E. Net Delusion: The Dark Side of Internet Freedom. New York: Public Affairs

Norton Mobile. (2013). Norton Mobile Security for Android. Retrieved from http://www.norton.mobi/lp/nms-privacy/desktop/images/img02.jpg

Prince, B. (2013). Google Android Vs. Apple iOS: The Mobile App Privacy War. Retrieved from http://www.darkreading.com/privacy/google-android-versus-apple-ios-the-mo/240157894

Vaughan-Nichols, S. (2013). Facebook remains top social network, Google+, YouTube battle for second. Retrieved from http://www.zdnet.com/facebook-remains-top-social-network-google-youtube-battle-for-second-7000015303/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: