Nov 292011
 
 November 29, 2011  Posted by  Breaches, Business, Non-U.S., Surveillance

The Yomiuri Shimbun reports:

A smartphone application that gathers information on the location of its users was downloaded by more than 1.5 million people, and the data was sent to an advertising company in the United States, according to experts.

The application in question is a goldfish catching game that does not require any information about the user’s location to play.

As the GPS data makes it possible to identify a user’s location with a margin of error of several meters, it would be possible to presume the user’s home or office address if such information was accumulated, they said.

An image showing what type of information is collected appears on the screen before installation, but only a small number of users correctly understand the explanations, the experts said.

[…]

According to an analysis by KDDI R&D Labs in Fujimino, Saitama Prefecture, at the request of The Yomiuri Shimbun, the free application released on the Internet last month was designed to send Global Positioning System information from smartphones to a U.S. advertising firm at a rate of about once per minute.

When the application is installed, an image appears on the screen with a message reading “the range of access authority and positional information.” Approval of the reading of positional information is requested but there is no mention of its purpose and whether the information will be transmitted remotely.

The software development company that produced the application released it on 238 application markets since November last year, and 1.5 million people have installed it, according to the firm.

The collected information was found to have been used to display ads highly connected with the locations of application users.

“When we created the application, we built in the programs sent from a U.S. advertising company, with which we had made a contract for ad placement, without confirming their contents,” the president of the app development company said. “We had no idea that private information was being transmitted, because the game’s content has no connection with positional information.”

The U.S. advertising firm insists that information about users’ locations is collected to provide more convenient advertisements and that no problems will arise because information is treated anonymously.

Read more on Daily Yomiuri Online

Brilliant. A little privacy by design wouldn’t have killed the app developer, now would it? And what will they do now that they know?

Sorry, the comment form is closed at this time.