John Leyden at The Register reports that security experts uncovered privacy concerns in mobile applications available from both the Barack Obama and Mitt Romney presidential campaigns. Researchers at GFI Software examined the Android versions of both products and are alarmed at the invasive nature of the offerings.
Obama for America and Mitt’s VP request permissions, access to services and data and demonstrate capabilities beyond product expectations. Each of the apps cross-posts on users' behalf and report back to base.
More alarmingly, both apps slurp the details of users' contacts and log location data. The Romney app even requests permission to record audio for unspecified purposes. Much of this is covered in the terms of service micro-fine-print, if users choose to read it.
The Obama for America product forces consent to an agreement for the product to gather and track private information, such as GPS location of the user. The app bundles the ability to access a user’s phone contact list (names and numbers), call and message logs, data on currently installed apps, and contents of the SD card. With mobile apps playing such a key role in voter engagement in the US, the way that both campaigns are using apps to collect data and deep dive into users' devices and data is quite concerning from a privacy perspective, GFI Software concludes.
"The lesson here for users is that it’s their responsibility to know what the apps on their mobile devices are doing and what personal information they are divulging about themselves and potentially their contacts and social network connections," Randall Griffith, junior threat researcher at GFI Software writes. "Even reputable sources like the official presidential campaigns may encroach on what many of us consider a reasonable expectation of privacy and limitations on data collection. Read the fine print before installing any app.
If privacy is something that you value, exercise caution when it comes to the products you install on your mobile devices and inform yourself about how your private information can be turned into publically available information.
Source: http://www.theregister.co.uk/2012/08/20/us_pres_campaign_mobile_app_privacy/print.html
