Let me start with a quiz.
I was faced with this question today ‘Foo needs access to your identity, calendar, location, phone, photos/media/files, camera, Wi-Fi connection information, Bluetooth connection information, Device ID and call information. Do you accept?’
So, here’s the quiz: What is Foo?
If you answered your significant other or your best friend, think again. It was the United App on Google Play.
AYKM loosely translates to ‘are you kidding me!!’
To be perfectly fair, rather than hiding this from me, I was given the option to not accept these intrusions and to move on with life. But, still, this has got me so spun up that I was compelled to educate our Moral Compass audience about the broader implications of how technology continues to encroach on our lives; more often than not we willingly hand over our personal information with impunity because we need instant gratification – like installing the United App NOW - and then act surprised when our profile, our identity, and our data are exposed in the unlikeliest of places.
Wake up people!
Now, let us dig a little deeper into what the people behind the United App – the software developers that built the app – were thinking when they conjured up the need for the app to have all this information. Presumably, one hypothesis could be to look at all of the APIs (application programming interfaces) available for any app and ask for them all; much like a 5-year-old wanting everything in the toy store. This way, if they ever need to use any of those APIs and related data sometime in the future, they could.
A more sinister view – or sophisticated view, depending on your perspective – could be that, by asking for every possible personal identification metric, it could be fed into a machine learning algorithm to learn more about United’s customers. For example, if my call logs reveal that I really dig talking to American Airlines every week, perhaps United Airlines (UA) would send me a travel certificate in the mail to ensure my continued loyalty to UA.
If done for the right reasons – if the Moral Compass is pointing the right way – this could benefit both United as a business and me as a customer. But, the challenge is, depending on who runs the machine learning team and related business unit that is consuming this new information to help them drive market share and profitability for United, this data could easily be used for the wrong reasons – such as selling this information to 3rd party advertisers or other data mining companies that intend to use the data for who knows what.
But, the worrisome part with this is that, over time, this data collection becomes so rich; it becomes a veritable treasure trove of information for who I was, who I am – and even predictions for who I am going to be in the future. In short, they have me mapped to a ‘T.’ And when an Equifax-like breach happens – note I said when not if – this detailed digital colonoscopy of mine is made public.
So what, if anything, can an end consumer like me do? Glad, you asked.
Sticking to the United example, this is what I did. I clicked ‘Accept’ – wait don’t judge me yet – and then went over to the Settings -> App -> United -> App Permissions and revoked all the permissions. Now it remains to be seen how the app will perform with these capabilities disabled. But for everything I need to do with the app – such as search for air fares, check in, and check flight status – I will challenge that none of these permissions are needed.
The broader principle here is to ‘be alert at all times.’ Our ‘privacy’ really belongs to us and no one else. Blindly clicking accept on apps that we may use once a month (or never) needs to stop. Let’s take charge of our lives – including our apps, since those pretty much rules our lives – and let’s help educate each other on how we can successfully navigate through these complex technological mazes without putting our privacy and our safety on the line.
Did you like this post? Cool!
If you want more, a good place to start is by learning more about The Moral Compass.