Stay connected, but choose apps wisely to protect data privacy

Want to stay connected with friends, family, and coworkers? Need to track your fitness routine, or plan that long awaited family trip after COVID? There’s an app for that! There’s an app for everything, but experts say choose wisely.

So, which apps should you choose?

Apps to document your vaccination status

In certain parts of the country, showing your vaccination status is an everyday event. Showing vaccination status to travel to other countries can be mandatory. But paper cards wear out, get lost, or are counterfeited. The alternative is a proof-of-vaccination app.

Some apps are no more than a photo app displaying an uploaded CDC card, whether it’s legitimate or not. While other apps, such as those offered by New York and Washington State, draw on vaccination registry databases and confirm your shots really happened. Currently there’s no federal regulation on these apps mandating a strict level of data protection. “There will be no federal vaccinations database and no federal mandate requiring everyone to obtain a single vaccination credential,” White House press secretary Jen Psaki said in April.

For many consumers not residing in a state with a registry database, like New York and Washington State, CLEAR Health Pass has become the best option. CLEAR offers a touchless ID technology that is currently used by airport security as a fast pass method. This combines proof of vaccine and photo ID on a scannable color-coded screen. This adds facial-recognition selfies, and very personal sensitive information, to a company-owned biometric database. This can result in a high potential for misuse and use without consumer permission with little oversight or regulation.

Apps to stay connected to friends, family, and coworkers

Facebook – now Meta – recently announced the deletion of an estimated one billion faceprints accumulated over the years. In 2019, Zoom came under fire for a webcam hacking scandal, and a bug that allowed snooping users to potentially join video meetings they hadn’t been invited to, for those meetings that weren’t password protected. In early 2021, LinkedIn had 500 million users’ public data scraped. Even public data can be exploited by hackers and phishers.

Apple reacted to these kinds of issues by enforcing stricter privacy guidelines and features with their App Tracking Transparency (ATT) framework. As a result of its privacy features, Apple has cost social media companies including Meta, Twitter, Snapchat, and YouTube, nearly $10 billion in revenue in the second half of 2021.¹

The Financial Times found that most users have opted out of tracking using Apple’s App Tracking Transparency (ATT) framework. This measure is a requirement that forces developers to ask users if they wish to be tracked across other apps and websites. Meta, in particular, has used the narrative that ATT will hurt small businesses that run targeted ads for potential customers, without substantial proof. Meta’s revenue was impacted by 13.1% percent due to ATT, while Twitter was only impacted by 7.4%. Twitter told the Financial Times that it was less impacted because its “ads rely more on context and branding than on tracking consumers’ mobile habits.”

Mozilla released a holiday tech gift guide based on best privacy practices

Santa is also keeping an eye on your data privacy.

The Mozilla foundation’s annual, “Privacy Not Included“, shopping guide analyzed 151 popular connected gifts. Nearly one-third of these gifts did not meet basic standards for digital security and privacy. Among the 47 worst offenders according to the digital rights group included: Facebook Portal, Amazon Echo, and NordicTrack Treadmill.

Mozilla researchers analyzed product and app features and combed through privacy policies. This analysis included location tracking, data collection, and potential privacy-infringing tech (they considered past company track records in protection consumer privacy). “While gadgets may be getting smarter, they are also getting creepier and way more prone to security lapses and data leaks,” Jen Caltrider, lead researcher for the project, said in a statement. Surprisingly, Apple took the title of “Least Creepy” of the big tech companies.

Facebook’s AI-powered Portal chat device was a particularly bad offender because it regularly sends data back to the company. Meanwhile, Amazon’s Alexa digital assistant is seemingly everywhere, embedded in numerous products made not just by Amazon, but also by third-party companies. Facebook declined to comment on the report, while Amazon noted that its Alexa FAQ states that users can chose to not have their Alexa recordings retained. NordicTrack Treadmill reserves the right to sell your data and may collect data from brokers to target ads, including calls and texts.

Choose apps with clear guidelines, privacy notifications and data risk intelligence

Consumers are still being asked to shoulder too much responsibility for protecting their data privacy and security. Some companies require people to track down complicated documents across several websites to even start getting an idea of how their data is used. Clarip can help your organization improve trust and take the pressure off consumers with data risk intelligence. Better understanding of the flows of sensitive personal information in your digital environment and easily capture consent across multiple channels with granular, intuitive preference forms.  We can also help with data subject requests, consent management, data mapping, and much more.  Visit us at www.clarip.com or call us at 1-888-252-5653 for a demo!

Citation

1 Financial Times. (2021). Snap, Facebook, Twitter, and YouTube lose nearly $10bn after iPhone privacy changes. Retrieved from https://www.ft.com/content/4c19e387-ee1a-41d8-8dd2-bc6c302ee58e