Some Popular iPhone Apps Secretly Record Your Screen for Analytics Purposes

[ghanwani]

What a surprise?!

This is why I don't download apps even from legitimate sources. Because those legitimate sources are cheap and outsource their work to companies whose ethics and business practices are likely to be suspect. Basically, if you have any app on your phone, you have to assume by default that it knows everything about you. Nobody really knows what's in the code.

 

[JosephAW]

Heat maps and click location recording are nothing new. We've used them for years to determine where the majority of users click and spend their time at our websites.

 

[barnyard]

and just like that.... I deleted the hotels.com app

 

[KPandian1]

Multiple popular iPhone apps from major companies are using intrusive analytics services that capture detailed data like taps, swipes, and even screen recordings without customer knowledge, ...

​

With no way to detect that this is going on, all customers can do is refuse to use the apps and services of companies that are found to be engaging in shady analytics tracking purposes without clear privacy policies.

Why Apple? We install these apps because you vetted them? Are we not supposed to trust the apps from Apple anymore?

I have "just" three airlines apps on iPhone. No search sites - never trusted them. Most are owned by Expedia.

 

[ipponrg]

The issue is the handling of your data with legitimate apis. It’s not about being two faced. Once your info gets off your phone into some back-end dB that is not managed by Apple, it’s up to the integrity of your app developer to manage your data in accordance within the tos of the app.

It’s literally no different than a trusted friend spilling your secrets.

That’s not the issue.

If you allow the api and you have to allow an app to get in, then you are responsible for ensuring the continual compliance of the app.

Because Apple continually brags about privacy, this makes it seem like it’s all a facade to make them sound different.

 

[Dholtz001]

I'm confused why this is a big deal. It's just screen recordings, right? Most websites already do this. To be honest I'd be surprised if MacRumors doesn't do it too (despite this article suggesting it is dubious.)

 

[Ramchi]

Thats the FaceTime feature everyone seems to be using it probably had an API to record conversations!

 

[fairuz]

I don't see anything wrong with this. All they're doing is recording what you click on in their app. Most apps have done this for a long time, only with lesser precision than these guys are. Every website does the same too at least by tracking URL visits, plus usually analytics for other features. This implies nothing about spying on usage outside of their app or website.

 

[dampfnudel]

Monitoring usage information means they are monitoring keystrokes and swipes. They monitor ALL the ways that your interact with the app.

What about when you’re not using the app?

 

[fairuz]

This shouldn’t even be possible, from a programming standpoint, WTF Apple?

The title is misleading, borderline clickbait. They just record what you do in their app, not the rest of the screen or your screen when you're in other apps.

 

[Sevanw]

But, but, the walled garden. I'm continuously made to believe I'm so safe in this walled garden. Nothing bad is supposed to happen inside these walls. The hardware is supposed to be of the highest quality. And the software so stable with the tightest security. The diehards have been telling me this for years. But now reality is sinking in. Someone please get me my Apple glasses and Kool aide, I can't take this shocking reality. Lol, man o man, gotta love this company's ability to keep its diehards believing.

 

[Ramchi]

I don’t want free apps. I want secure apps. I would gladly pay money to avoid this. I only use a handful of apps anyway.

Plus, the argument doesn’t hold water. Expedia isn’t a free app that I use without compensating them. They get paid when I use their service. The app is their storefront. Same with just about all the other apps. People are already paying those companies and the app isn’t their revenue generator.

Free App is myth! Apps save tons of time, effort, money for corporations and increase their reach of services by making end-users to buy mobile, have mobile connection, pay for internet usage, and keep upgrading the OS and mobile phones etc...and keep paying monthly charges for mobile connection. Enough of charging poor consumer !!

Now coming back to privact and security, we never know hoe far Apple devices have been exposed. I see the trend only slowly but steadily increasing in recent months

 

[ani4ani]

I’m expecting Apple will remove all those suspicions apps immediately

Run to the hills....empty the App Store...woohoo I’ll only need a 4GB iPhone soon.

 

[Heineken]

I don't see anything wrong with this. All they're doing is recording what you click on in their app. Most apps have done this for a long time, only with lesser precision than these guys are. Every website does the same too at least by tracking URL visits, plus usually analytics for other features. This implies nothing about spying on usage outside of their app or website.

Did you just skip the part about user data being exposed?

 

[ani4ani]

But, but, the walled garden. I'm continuously made to believe I'm so safe in this walled garden. Nothing bad is supposed to happen inside these walls. The hardware is supposed to be of the highest quality. And the software so stable with the tightest security. The diehards have been telling me this for years. But now reality is sinking in. Someone please get me my Apple glasses and Kool aide, I can't take this shocking reality. Lol, man o man, gotta love this company's ability to keep its diehards believing.

I am not sure what is more incredulous....that Apple actually believe they can...or the fact they actually do!

 

[Ramchi]

With all of the iOS security problems lately with apps, imagine how bad Android systems must be.

Android apparently to some extent mitigates these with custom layers for each device. It is not like iOS where most of the customers in the same OS version...you need to develop, deploy different techniques for each set of devices...not a preferably method for hackers!! Probably effort required far exceeds the rewards!

 

[kakinc]

Seriously, I switch to iPhone and Mac for its privacy stance.
But ability to record screen without permission? and no way of disabling such function?
This is getting to the point, seems to me, it no longer matters when both Google and Apple are actively ignoring/avoiding real changes. Apple privacy stance is getting more and more like just a PR stunt with no real actions, unless when they are forced to, like when shxt gets out. Then you get a REACTION.

 

[James_C]

Vote with you finger folks. I only had the Expedia App on the Apps listed. Use to use it a lot, now deleted and won't use them again, will switch to lastminute instead.

 

[Sevanw]

Vote with you finger folks. I only had the Expedia App on the Apps listed. Use to use it a lot, now deleted and won't use them again, will switch to lastminute instead.

So no blame to Apple? Just keep believing this company is the privacy warrior it pretends to be? Nothing to worry about with other apps? Still full trust to Apple?

 

[Vjosullivan]

----- -----

 

[bobob]

If apple doesn’t remove these from the App Store and hit the kills witch on the ones the are on users phones I will be very disappointed.

This privacy lapse is indeed bad, but I think the bigger story here is that Apple even employs a kills witch in this day and age.

 

[Piggie]

"What happens on your iPhone, Stays on your iPhone" eh Timmy?

Let's see you block these apps immediately please so you can stay true to your word.

 

[fairuz]

Did you just skip the part about user data being exposed?

To the company you're giving it to in the first place. And it's in one random case they found. That's just not doing it right since it's bad practice to show, say, their UX people customer data they aren't authorized to see. But it's not the end of the world.

Equivalent lack of internal access controls is a problem in other ways in most companies, e.g. some database the customer service employees can read from. This isn't news, and it's currently unavoidable whether they "capture your screen" or not. I'd be willing to bet an unauthorized employee in any company that's not a tech giant can access your CC number if it's in their system.
[doublepost=1549526426][/doublepost]

"What happens on your iPhone, Stays on your iPhone" eh Timmy?

Let's see you block these apps immediately please so you can stay true to your word.

It was never a true statement since iCloud exists.
[doublepost=1549526513][/doublepost]

So no blame to Apple? Just keep believing this company is the privacy warrior it pretends to be? Nothing to worry about with other apps? Still full trust to Apple?

What rule do you want them to put in place, no collection of app usage analytics? Then appmakers start putting everything into websites so they can track usage in the backend. It's fundamental: If something is set up to be used, it can be set up to track the usage.
[doublepost=1549526608][/doublepost]

People wanted free apps. Well this is what you get when you use free apps. Massive invasions of privacy for the purpose of mining and monetizing your personal information.

They'll do it even if you pay for the app. Open source is really the only way to go if you want to avoid this nonsense, plus the backend should be federated if possible. But those solutions are always ghetto, probably because people aren't willing to do UX work for free.

 

[usarioclave]

You have already consented to the app’s policy and they already have your data. What’s the issue? On-screen data isn’t even useful because you have to ocr it. The app maker already has the data you’re typing in.

 

[Elijen]

I am surprised how article author fails to understand the basic concept behind this. It's NOT "recording user screen". It just sends a list of actions you made inside the app. The app only has access to the information you give it.