Fri. Jul 10th, 2020

Robocall Blocker Apps Are Giving Up Your Personal Information, Research Finds

Dan Hastings, a security consultant at NCC Group, analyzed some of the most popular robocall-blocking apps and found that when you download these apps, you may be trading one evil for another.


Why? Because these apps violate your privacy as soon as they’re opened.


Hastings looked at the privacy policy for robocall-blocking apps — including TrapCall, Truecaller, and Hiya — and compared it with the network traffic data being sent from the app. And he found that a majority of these apps were collecting personal information from people’s devices without they explicit consent and sending this information to third-party analytics firms.


One app, TrapCall, sent users’ phone numbers to third-party analytics firm AppsFlyer without telling users.


Other apps, Truecaller and Hiya, uploaded users’ device data —  device type, model and software version, among other things — before a user could accept their privacy policy. An act that Hastings says violates Apple’s app guidelines, which states that app makers must first obtain users’ permission before sending their information to third-parties.


Robocalls have become a major issue for consumers. So much so, that the FTC and FCC have started taking legal action against companies and individuals accused of placing spam calls.


Additionally, earlier this year the FCC voted to let phone companies block robocalls by default. However, the vote does not prohibit carriers from charging users for such a service, so many consumers have turned to free apps. And while these apps may provide a cost-effective solution, they’re creating another problem for people’s privacy.


“If most people took the time to read and try to understand privacy policies for all the apps they use (and are able to understand them!), they might be surprised to see how much these apps collect.”