Tinder continues to track your location when the app is not in use, while Facebook and Instagram not only track your location but also save your home address and most commonly visited locations, according to a new study.
With many of our lives relying heavily on social media and smartphone apps, from dating to online shopping, it does open ourselves up to constantly sharing private data – but what exactly is shared?
A recent study by online security experts vpnMentor has delved through the various privacy policies of some of the most popular applications, to discover how they’re really tracking our every move.
Some of the findings include:
• Location – Apps such as Tinder, continue to track your location when the app is not in use, while Facebook & Instagram not only track your location but also save your home address and most commonly visited locations.
• Your Messages – Both Facebook, LinkedIn & Instagram use the information you share on their messaging services, while Twitter and Spotify openly state they have access to any messages sent on their platforms.
• Device Information – Google and Amazon keep hold of voice recordings from searches and Alexa, while Apple Music tracks phone calls and emails sent and received on the devices the service is used on.
In the advent of GDPR and in-depth privacy settings, you would be forgiven for thinking that you have more control over your data than ever. But despite the familiar site message asking if you’re willing to accept cookies, many don’t realise what this entails – and it can be hard to keep track of what data you’ve given away.
A new tool from vpnMentor highlights the data different major websites holds on you, as listed in their privacy policies. With over 7.2 billion accounts held across the services studied, including platforms like Google, Facebook, Amazon, and Tinder, how many are aware of the finer details of the privacy policies that many automatically accept?
Your Data, Their Rules
While it’s unlikely to come as a surprise that sites you’ve signed up for will hold the details you’ve given them, for many sites this isn’t all they track. With Facebook and Instagram being the biggest offenders, seemingly tracking as much as they can about their users, is it time that we thought twice about what we’re accepting within the terms and conditions? Some of the surprising details tracked include:
• Location – Of the 21 services within the study, 18 tracked your current location at all times when using the app. Some of these, such as Tinder, continue to track this even when the app is not in use, while Facebook & Instagram both not only track your location but also the location of businesses and people nearby, as well as saving your home address and your most commonly visited locations.
• Your Messages – Think nobody will ever know about you sliding into someone’s DMs? Think again. Both Facebook, LinkedIn & Instagram use the information you share on their messaging services to learn more about you, while Twitter and Spotify both openly state they have access to any messages you send on their platforms.
• Device Information – Seemingly harmless, but many services and apps track more of your device information than is appears to be needed. Facebook & Instagram, for example, both track your battery level, signal strength, nearby Wi-Fi spots and phone masts, app and file names on your device and more. Meanwhile, Google and Amazon both keep hold of voice recordings from searches and Alexa respectively, and Apple Music confusingly tracks phone calls made and emails sent and received on the devices the service is used on.
No Profile? Still A Problem
On top of this, even if you don’t hold an account with these services this won’t stop your online moves being tracked. Google keeps track of your activity on third party sites that use Google features like adverts, while Facebook partners (an enormous 8.4 million sites across the web) send both them and Instagram data collected through Facebook Business Tools like the Like button – regardless of whether or not you have a Facebook account or are logged in.
And for those among us who have taken the action to set up the “Do Not Track” option offered by some browsers, which was created to stop sites tracking your information, this won’t help you either. Almost no major sites respond to the signal given, instead continuing to track you regardless. In fact, it’s not just third-party sites these companies are storing your data from, Facebook also holds any data provided about you from others – including if they upload your contact information without your permission.
Online Data-ing Disasters
With the technological takeover hitting all aspects of life, even dating, more and more of us are turning to online dating to find “the one”. In fact, there are over 2.6 million accounts held across the seven dating services we reviewed – but how do they treat your data?
One of the key discoveries revealed that those dating sites within the Match.com umbrella (Match.com, Tinder, OKCupid and Plentyoffish) all share any data shared with one service with all of the others. On top of this, all of these services, with the addition of dating app Hinge, also have access to your private messages to potential suitors. Notably, Hinge also states that user data is accessible on a need-to-know basis by Hinge personnel, rather than completely anonymised.
Overall, the best dating app for those looking to keep their private data private appears to be Happn, who were the only service to note that it does not keep track of where users have travelled or where they are regularly. Instead, it only keeps track of when members are in close proximity and where they were when they crossed paths with another user. Happn also makes a point that messages are not accessed except by legal request, including by anonymised engines. This is markedly not the case with many other dating or social apps.
Internet security expert Gaya Polat, from VPNmentor said: “The amount of data held online about users should make them wary about how their personal details are used. While the majority of this data usage is benign or necessary for services to function, knowing which companies hold which data about you is the only way to track your privacy, and how secure you really are.