Jim Bray's Car & Tech rants - publishing online exclusively since 1995
Think your apps are safe? It might be time to think again.By Jim Bray It has been said there's an app for virtually everything, from tracking how far you walk in a day to how you order what once would have been called a taxi. You can order groceries with apps, you can book your car into your favourite dealer with an app. Apps, apps everywhere. It's all about convenience, we're told, and app pushers are known to offer carrots to customers who partake of their apps. Of course, it's as much about app pushers getting consumers trained to use their apps – rather than someone else's – as a way to ensure customers keep using their services – rather than someone else's. But what if the apps you're using are also using you? Is Big Brother rearing its ugly head under the guise of convenience? It's probable that not all apps are problematic but, in my never humble opinion, anyone who trusts any bit of technology to be completely benign these days is being a little naive. And I may not be alone. A new study conducted by IT Asset Management Group out o New York State has named Instagram and Facebook as the worst for invasive apps, cited for collecting "the most sensitive info like physical address, device, and user ID." IT Asset Management Group, according to the study's press release, is "a certified ITAD firm specializing in secure IT asset disposal and enterprise-grade IT equipment buyback"). Alas, their website doesn't work from my home unless I use a VPN, though their PR contact assures me from Italy that they're the real deal. Anyway the study analyzed the privacy policies of over 5,000 apps available on the Apple app store. To determine which apps were the most egregious, they "created an index out of 100, based on 46 indicators including 35 types of data, six purposes for data collection, and five different types of user relationships. The level of privacy intrusion was measured by whether each data type is tracked and linked, tracked, linked, not linked or tracked, and not collected at all, with "tracked and linked" being the most intrusive." Yeah, it sounds like a lot of gobbledegook, but the point is that your data may not really be yours if you use certain apps. According to Richy George, Chief Revenue Officer of IT Asset Management Group, "As our reliance on mobile devices and, more specifically, mobile apps continue to grow, it's essential for users to be aware of the extent to which their data is being collected, linked, and tracked." He notes that the data highlights just how nosy apps can be and says it's "a reminder for consumers not just to accept any privacy policy blindly, but to take control of their privacy settings instead and stay informed about the data practices of the apps they use daily." Here's the top 10 list of nosy apps:
Instagram and Facebook, which are used by millions of people around the world, earned an index score of 61.47 out of 100. The study says they rank so high because of "how invasive they are in collecting sensitive info like physical addresses, devices, and user IDs." On the other hand, the survey shows this is in contrast to such other popular entertainment apps as YouTube and TikTok, which the survey says rank in 27th and 76th place respectively.' I was gobsmacked to see that YouTube ranked so low. I never use its app, preferring to access it via either their website or my Roku devices when I go there, but I find YouTube increasingly annoying anyway, due to its seemingly unending barrage of commercials. I don't mind commercials if I'm getting something for free, but YouTube seems to be getting greedier by the day and I look forward to finding an alternative that offers as much content without beating me over the head with promotional crap, a lot of which you can't skip. But I digress. Moving on, Grab: Taxi Ride, Food Delivery scored 55.57 out of 100 score to earn third place in this hall of shame. "This app collects 27 data types, eight of which are linked to the user, and 15 are linked and tracked. As a ride-hailing and food delivery app, it collects sensitive information such as payment information and other financial data, as well as precise location and purchase history." There's a three-way tie for fourth place between Threads, Meta Business Suite, and Messenger, each of which scored 54.53 out of 100. "These apps collect 32 data types, and while all are linked to the user, none are tracked." So, there's some consolation, I guess. Seventh place Nordstrom Rack: Shop Deals scored 53.62, collecting 22 data types, four of which are linked to the user, with 18 "both linked and tracked." The Pinterest app collects 29 data types, 22 of which are linked to the user and six of which are "linked and tracked." People who hate Sydney Sweeney may be pleased to find that position10 was taken by AE + Aerie, which is the clothing brand American Eagle Outfitters. Their app collects 21 data types, three of which are linked to the user and 16 of which are linked and tracked." According to the folks behind the study, "Photo-Video Apps are the most invasive. Although only 23 were over the minimum review threshold and therefore eligible for the study, the category's overall score is 38.54 out of 100." That about matches my grade 12 math scores… To me, the default position for whether or not you should trust any app is to not. I'm not saying you shouldn't use these apps; it's none of my business what you do and they really can offer a lot of convenience judging by what people I know who use them say. But go in with your eyes open and realize that your privacy is – and probably always has been – for sale. Remember, when something is offered free to you, it's probably you that is the real product being sold. So, thanks to IT Asset Management Group for pointing out that it's a jungle out there in cyberspace. Now get your website fixed. Note: Image provided by PixxlTeufel Copyright 2026 Jim Bray |