5,400 trackers found on iPhone bleeding up to 1.5 GB private data over a month

Apple likes to claim the high moral ground no on user privacy and that may well be true when it comes to the data Apple collects from users. However, what Apple doesn’t make clear is that it doesn’t take the same level of care to protect the data that other apps collect about users and forward remotely in many cases without explicit user consent. Writing for the Washington Post, Geoffery A. Fowler used an app from US privacy firm Disconnect to monitor what his iPhone did while on his bedside table overnight.

On a recent Monday night, a dozen marketing companies, research firms and other personal data guzzlers got reports from my iPhone. At 11.43pm, a company called Amplitude learned my phone number, email and exact location. At 3.58am, another called Appboy got a digital fingerprint of my phone. At 6.25am, a tracker called Demdex received a way to identify my phone and sent back a list of other trackers to pair up with.

According to Fowler, in total, his iPhone was loaded with 5,400 trackers buried in apps that would have sent a total of 1.5 GB of data remotely over the course of a month -- something that Apple freely allows to happen on its devices with apps from third-parties. The only way to terminate data sharing in the background on iPhone is to disable “background app refresh” -- launch the app, however, and the data starts flowing freely once again. (On Android, a similar result can be achieved with battery optimisations enabled or by setting each app to be put to sleep when not in use).

Apple, for its part, says that apps that violate its privacy policies are removed, but this doesn’t necessarily happen by default and often requires users to notify Apple of a violation. Unless you want to limit yourself to only apps from Apple, there is absolutely no guarantee that apps installed from the Apple App Store, as Fowler highlights, make using an iPhone safer, or more private, than an Android device.