The App That Violates Your Privacy The Most Has Been Revealed

Are all apps the same? One is selling more of your information than the rest.

By Faith McKay | Published

This article is more than 2 years old

Digital Privacy

Online privacy. How much do we care about it? How much does it matter? What are companies really tracking about us, anyway? As the conversation around this grows, we’re learning more about things online companies wish their users could remain ignorant of. In a response to the demand for improved transparency, Apple recently launched their new privacy labels within the App Store for iOS users. The cloud storage company pCloud then used this data to analyze the store and determine which apps are the most “invasive”. Meaning, which apps are collecting the most information on their users? And then, naturally, selling that information to third-parties.

So, which app was the most invasive? And just how much more invasive was it than the others? The most invasive app according to the cold hard data is none other than Instagram. Just how bad is it? Instagram collects 79% percent of personal data. The second most invasive app on the list is Facebook, which owns Instagram. Facebook collects 57%, which is markedly lower. Currently, Instagram has self-reported that they are tracking your search history, browsing history, purchases, location, contacts, and your financial information. 


The data the apps collect on you allow them to create the targeted advertisements you see. When they give your private online information to advertisers, it can be used to create dynamic ads that reach their target market. So when a luxury car company wants to send out an advertisement, they can target users with recent online behavior that suggests they’re in the market for a car. They can also target people in a certain location, likely income bracket, and age range. While that is one usage for all of this online data apps are collecting, it doesn’t make it less unsettling for many users who would prefer not to be tracked. Google has recently been sued for tracking users. The allegation is that users have used settings they believed would turn off tracking, and yet Google is still watching.

How can users keep their devices and information secure online? Are there even apps that don’t collect data on their users at this point? Is this all just par for an unstoppable course? Well, a lot of the most popular apps you know and probably use were near the top of the most invasive apps on the list. These include DuoLingo, Uber Eats, LinkedIn, and eBay. On the other side, popular apps like Grubhub and My McDonalds weren’t selling any user data to third-party companies.

What does Facebook have to say about the study? Have they addressed the selling of their users data across two of the world’s biggest social media apps? Well, The Independent reached out, and they answered. Facebook insists that they have provided plenty of transparency for their users. About Apple’s privacy labels, they were not a fan. The spokesperson for Facebook said, “The format of Apple’s labels, which this report relies heavily upon, is too broad and ignores how data is used in context. They don’t allow us to offer people specific information about the types of data we collect and where we collect it, which unfortunately leads to confusion.”


Okay, that sounds fair, but let’s break into what Facebook had to say here. What are Apple’s privacy labels? Well, they’ve been compared to nutrition labels. They give you a quick glance at what’s being collected. Naturally, Facebook hates them and considers them misleading.

They do have a point when they say that the privacy labels do not provide context, which can make them more alarming. You can read on a nutrition label that something has 25 grams of carbohydrates. However, are you familiar with what carbohydrates are, how many your body needs to use in a day to stay healthy, and how the carbohydrates play off the other nutritional information in the food? With food, you hopefully have at least some idea of the context for nutrition, if not everything you’d be best served knowing. But what about with technology, which is always changing? There is naturally going to be a lot of missing context, especially the context companies would rather we did not know.

As we bring this metaphor back to the privacy labels, when you see that an app is tracking your financial information, it is quite terrifying. What does Facebook know of your financial information, how did they get it, and who are they selling it to? And why?

Naturally, if Facebook finds these labels to be lacking context, they could kindly provide us with such context. They could make beautiful and interesting videos and infographics explaining to us just why it’s so important we give them all our data so freely. If they believe this context will make everyone cheery about the decision, why not? Except Facebook didn’t exactly say we’d be happier about it with more context. Instead, they just let you know that it’s missing from the App Store’s new system. For a company claiming Apple is being misleading, they may be doing some of that sleight of hand themselves.

So how can you go about protecting your digital privacy? First, do your best to review what your permissions are on mobile apps. You can find some simple instructions for doing that on iOS here or Android here. Consider using a messaging app with end-to-end encryption, like Signal. Notably, Signal does not sell information to third-parties. Their app does not include advertisements. The next step is to decide what matters to you when it comes to your online privacy, and use that as a guideline for what apps you decide to download in the future. That part is a bit more difficult for most of us and may likely evolve as we learn more about what digital privacy really means.