In a recent investigation by the Electronic Frontier Foundation (EFF) it was revealed that the Android version of Amazon’s Ring app was full of third-party trackers that were capturing and sending customers’ personally identifiable information (PII). When large businesses are failing to look after user data, what can you do to protect it?

What was happening?

The EFF revealed that PII was being sent by the Ring for Android version 3.21.1 app without the end user being informed. Infact, the majority of the businesses that information was being sent to, were not listed on Amazon’s List of Third-Party Analytics Services in their Ring privacy information documentation.

Through testing it was found that PII was being delivered to branch.io, mixpanel.com, appsflyer.com and facebook.com. Information was found to be sent to Facebook despite whether a user had an account or not. The range of information shared with third parties that could be used to identify an individual is quite surprising:

  • User information: full names, email addresses, and a number of unique identifiers including: ‘device_fingerprint_id’, ‘identity_id’, and ‘anon_id’.
  • Sensor information: magnetometer data, gyroscope data, accelerometer data, the number of locations a user has Ring devices installed in, and current calibration settings.
  • Device information: OS version, model, devices’ local IP address, screen resolution, and DPI.

Ring claims to prioritize the security and privacy of its customers, yet time and again we’ve seen these claims not only fall short, but harm the customers and community members who engage with Ring’s surveillance system” Bill Budington, senior staff technologist at the EFF.

It is not uncommon for apps to have surprising permissions and functionality, in our own recent investigation we discovered that over 62% of iOS applications requested access to the Photo Library, permitting them access to private photos. An alarming number of apps requested permissions that could be used to compromise businesses, such as always tracking the device’s location and activating the microphone. As a result these functions could be used by third parties to determine when individuals are in business meetings and listen in on confidential conversations.

What is PII?

The definition of PII differs from regulation to regulation, however a broad definition is information that can be used to identify you. This may sound vague and you may still feel anonymous after providing a website with nothing but basic information, however the aggregation of this data can produce startling results.

“Mr. X lives in ZIP code 02138 and was born July 31, 1945”

This may sound like a random sentence, however it was famously used by Latanya Sweeney, Carnegie Mellon University, to identify an individual. Surprisingly, the combination of gender, ZIP code and birthdate is unique for 87% of the U.S. population.

In the digital world, information such as names, private IP addresses, telecommunications providers, persistent OS and device identifiers, and sensor data from the devices can be aggregated to determine who you are online. This “digital fingerprint” can then be used to track the user as they use their device, browse the internet and interact with apps. This can all happen without the user being informed or providing consent.

Why does PII matter?

The analytics being conducted by the likes of branch.io, mixpanel.com, appsflyer.com and facebook.com could alone have profound effects. Cathy O’Neil’s Weapons of Math Destruction describes the real world scenarios that can occur from analytics: a poor student is unable to get a loan because the model used by a lending company deems him too risky (due to their zip code), they are then prevented from attending university and receiving an education that could allow them to pull themselves out of poverty.

As O’Neal describes many of the models and algorithms used are hidden, unregulated and uncontestable. Google lifted the lid on this by revealing how they are personalizing your ads. In Google’s case they allow you to correct information and even turn off ad personalization, however not all businesses are so transparent. The result of this is that businesses that you have never interacted with, may be making inaccurate or inappropriate assumptions about you.

How can I control personal and confidential information?

As Amazon Ring has shown, you may not know who is gathering information about you. Wandera’s cloud based platform was already protecting businesses by preventing personal and confidential information from being unknowingly exfiltrated. However, to provide greater visibility of the protection, Wandera provides a new filtering category called “User Tracking” is being developed so that customers can control and monitor tracking.

To prevent business profiling end users, Wandera has a host of other features to keep data private:

  • To prevent third party profiling based on tracking web searches, Wandera hosts a secure, private DNS. Provided by the Secure Access Layer which evaluates network risk in real-time using the full capabilities of Wandera’s threat intelligence engine, MI:RIAM.
  • Wandera’s service is secured end-to-end, with encryption for data at rest and transit. At no point does Wandera unencrypt customer information.