Mobile Apps May Make You A Target

By Peter Haden
April 29, 2014

Maybe you are one of the 56 percent of Americans who now owns a smartphone. You may even suffer from nomophobia - a panic that sets in when your phone is out of reach. But in addition to separation anxiety, these mobile devices can make you a target.

You know all those people you see pecking at their smartphones? Ask them what they’re doing. You’ll probably hear something like this: Facebook, Instagram, Fitness Pal, Pinterest.

Apps. We love ‘em. There are more than a million apps available, letting you do everything from checking email to popping virtual bubble wrap. The average American smartphone user slaps on 33 mobile applications, according to research by Google.

All those apps have one thing in common: a user agreement, also known as the fine print. And, let’s be honest, most of us just can’t be bothered. The terms and conditions are long, legalese, and it's easy to scroll down, click "OK and mess with the app.

After all, that seems to be how everyone does it. But sometimes that fine print can set you up for a big headache.

"So what you don’t realize is that within that document that you’ve said you agree to, they’ve told you that they will use your app for monitoring," said Chase Cunningham, Director of Cyber Operations for Cybersponse, a Scottsdale company that helps businesses keep their information secure. He says that by clicking “OK”, you can give carte blanche access to your personal information.

Cunningham compares it to hiring a locksmith to make a key for your door.

"They said, 'oh, by the way, we’re gonna keep our key for your front door as well and we’ll come and go anytime that we want,'" he said. "You know, who would do that for their house? But you’ll do it for every piece of information you’ve got because it’s a pain in the butt to read."

Take the case of the Android app called “Brightest Flashlight Free.” It sounds pretty straightforward, right?

The app does turn your phone into a flashlight. But it also collects information about your location and phone for third-party advertisers.

Michele Stuart is a forensic investigator from Gilbert. She teaches law enforcement and military intelligence on the use of the internet. She says people are complacent, they just aren't that concerned with the user agreement.

"They want the app. They want to play Flappy. They want to play Angry Birds. So they want that instantaneous satisfaction of the game or the information, and they don’t worry so much about the security," Stuart said.

And that is borne out by the numbers. The Brightest Flashlight Free app was downloaded more than 50 million times. The maker of the app, Goldenshores Technology, settled charges by the Federal Trade Commission in December. The FTC accused the company of deceiving consumers about how their information would be used.

It’s the first case of its kind to penalize an app maker for being misleading. But Stuart says trying to regulate apps downloaded from the internet might as well be a game of mobile whack-a-mole.

"The fact of the matter is, a lot of applications aren’t even created in the United States. So, if you have an application developer that’s sitting in Russia or China, do your really think they care what the United States government says they have to give up? It’s not going to happen," Stuart said.

It’s a reality well understood by those trying stem the threat.

"On average, the FBI is receiving tens of thousands of complaints every month," said John Iannarelli, Assistant Special-Agent-in-Charge of FBI’s Phoenix Division.

"The criminals out there in the cyber world trying to take advantage of mobile vulnerabilities is growing dramatically every day. As far as apps are concerned, it’s a free market. There’s very little oversight," Iannarelli said.

Until oversight improves, Cunningham says we might just be better off with a different approach.

"Maybe we can make a flashlight that does phone stuff," he said.

One that doesn’t keep us in the dark.


This story is part of collaboration between the Walter Cronkite School of Journalism at Arizona State University and KJZZ.