American tech giant Apple has always advertised itself as a stronghold for user data and preached about how it considers user's privacy sacrosanct. But, if you are thinking that Apple has mastered the art of keeping user data safe, you might be wrong.
A recent study conducted by The Washington Post's Geoffrey Fowler has revealed that when the 'Background Apps Refresh' feature has been active on the iOS, some of the apps have been using it to send data to third party companies.
The report mentions that Fowler in collaboration with a privacy firm named Disconnect used VPNs to keep a regular check on what was going on inside his iPhone.
While there are many apps that use trackers to send back user data, the frequency at which some of the apps took advantage of the background refresh feature was alarming.
What's more worrying is that Fowler found that these apps were sending data like phone numbers, email, location, IP address, and more.
It was almost a week that Fowler ran these tests and during the course of the tests discovered as many as 5,400 trackers within apps on his phone. Considering the amount of trackers and the type of data that was involved it has been estimated that almost 1.5GB of data was shared over the course of 30 days.
The Washington Post contacted Apple for a comment and its response was pretty standard.
For the data and services that apps create on their own, our App Store Guidelines require developers to have clearly posted privacy policies and to ask users for permission to collect data before doing so. When we learn that apps have not followed our Guidelines in these areas, we either make apps change their practice or keep those apps from being on the store.Apple Inc to The Washington Post
"At Apple we do a great deal to help users keep their data private. Apple hardware and software are designed to provide advanced security and privacy at every level of the system," it added.
Some of the apps that were found sharing the data were Microsoft OneDrive, The Weather Channel, Spotify, Nike, DoorDash, Yelp, Mint, Citizen and even The Washington Post’s own iOS app!
It's a stated fact that data collection is a necessary evil all users must adopt. Not all data collection is bad, especially when you know that it is not being stored and used only for a specific purpose.
However, there are some trackers which are lifting copious amounts of data without letting the user know how long the data will be stored and what kind of data is being collected.
The report also points out that there is no easy way to know which of the apps are using trackers and when the data is being sent. Even Apple doesn't have a tracker online that can inform users about which apps are using trackers and for what.
Apple has been lining up bulwarks against malicious apps and hackers for a while now however it seems even that even that wall has been breached.