Apple iOS Apps Leak More Personal Info Than Android

Free iPhone and iPad apps from Apple's App Store pose a greater privacy risk than free apps from Google Play. That's the finding of the latest study by Appthority, which is in the business of evaluating mobile apps for companies.

Why the App Store Loses

On the surface, the Appthority study — released Tuesday during the RSA security conference in San Francisco  — appears to find iOS and Android apps equally culpable of privacy violations. Of the 10 top-selling apps the firm tested in each of five categories, 60% of the iOS apps shared data with advertising and analytics networks. So did 50% of Android apps.

A closer look, however, revealed that iOS apps were far leakier than their Android counterparts. A full 60% of iOS apps gathered your location data, 54% vacuumed up your contact lists and 14% siphoned information from your calendar. With Android apps, those percentages were 42%, 20% and zero, respectively — not exactly laudable, but certainly an improvement over the performance of Apple apps.

Encrypting user data was not a big priority for apps on either platform. All of the iOS apps sent unencrypted data to ad networks, while 92% of Android apps did the same.

Appthority says iOS apps fall short because ad networks are willing to pay more for user data from Apple devices, giving developers a greater incentive to gather and hand over as much information as possible. At the same time, there are more developers making iOS apps, so they have to work harder at making a buck — and that apparently tempts some to compromise on privacy.

"Developers are struggling to monetize, because it's hard to run a company giving apps for free or selling apps for 99 cents," says Domingo Guerra, president and co-founder of Appthority. "So, in turn, they use the ad networks to try and get money, and the ad networks will pay more money if the developers share more data on the users."

The Overall Numbers

Appthority tested business, education, entertainment and finance apps, as well as games. Entertainment apps were the worst when it came to user privacy. This category had the highest number of apps that tracked location and shared data with ad networks. Education and finance apps posed the smallest threat — relatively speaking, at least — to user privacy.

Individual developers built roughly 80% of the apps tested. Companies with iOS apps in the study included Apple, Intuit, Kids Games Club and PayPal. On the Android side, the companies included Imangi Studios, Intuit, PayPal and Intellijoy.

Appthority's last report was in July 2012, when the apps tested posed a slightly higher risk to user privacy. However, the study was done differently. It analyzed the top 50 free apps in each platform, regardless of category.

Last year's study also showed iOS apps gathering more user data than Android apps, though less than iOS apps this year.

The Trend

Guerra predicts the next Appthority study in three months will show a decline in risky app behavior, thanks to recent government crackdowns on online privacy abuse.

This month, the Federal Trade Commission announced an $800,000 settlement with social networking start-up Path, which was charged with uploading users' address book data without permission and gathering personal information on several thousand children without parental consent.

In addition, some states are also taking a hard stand on privacy. California Attorney General Kamala Harris last year formed a Privacy Enforcement and Protection Unit to prosecute companies that violated the state's privacy laws.

While prosecuting scofflaws can be a deterrent, sometimes the best way to protect privacy is to pay for an app, rather than hunt for something similar that's free. In general, paid apps gather less user data than free apps, Guerra says. "Your privacy is worth more than 99 cents, so just buy the app."

Image courtesy of ShutterStock