Currently, Google is going through a tough phase by being under the radar by the Department of Justice. A lawsuit has been filed against the tech giant for its monopoly to remain the default search engine and browser. And now, the company faces another blow as some researchers from the nonprofit International Data Accountability Council (IDAC) have reported about three famous apps for children on Google Play Store to be violating Google’s data collection policies. IDAC has further reported that these apps may be accessing users’ data by getting access to their Android ID and Android Advertising ID numbers.
Now, Google Play Store is literally a playground for more than 3 million apps, and it is not a surprise actually that some of these apps may contain malicious content, adware, or some other questionable things.
The three apps that have been removed now by Google after this report, were quite famous among children, with 20 million-plus downloads collectively. These apps included Princess Salon, Cats & Cosplay, and Number Coloring, and they have been developed with the Software Development Kits from ‘Unity,’ a 3D game engine, ‘Umeng,’ an analytics provider engine owned by Alibaba which has also been accused of being an adware provider too, and ‘Appodeal,’ which is also an analytics provider and app monetization system.
Researchers think that by accessing the Android ID and Android Advertising ID numbers, there must have been a data leakage that was connected with these three SDK providers. Google has affirmed that it has removed these three apps in question, but it is not known how much of the data has been leaked and how much damage has occurred because of it.
Although Google has a defensive stance, IDAC president Quentin Palfrey says that this violation raises some serious concerns about data processing practices within apps.
According to Palfrey, access to the Android ID and AAID numbers can make the users vulnerable and their geolocation information can also be accessed. And that is definitely a serious concern because there is a possibility that Google’s privacy protection measures may have a breach or may have been bridged.
The IDAC president did not go into a lot of specifications, but he did point out that certain versions of SDKs provided by ‘Unity’ engine have been found to be collecting users’ Android ID and AAID numbers both at the same time, and that could make Google’s privacy controls a lot more vulnerable as developers can bypass these controls and can track users across different devices. It can provide ample information for the users to become targeted by specific ads and other types of adware too.
Now, Google Play Store is literally a playground for more than 3 million apps, and it is not a surprise actually that some of these apps may contain malicious content, adware, or some other questionable things.
The three apps that have been removed now by Google after this report, were quite famous among children, with 20 million-plus downloads collectively. These apps included Princess Salon, Cats & Cosplay, and Number Coloring, and they have been developed with the Software Development Kits from ‘Unity,’ a 3D game engine, ‘Umeng,’ an analytics provider engine owned by Alibaba which has also been accused of being an adware provider too, and ‘Appodeal,’ which is also an analytics provider and app monetization system.
Researchers think that by accessing the Android ID and Android Advertising ID numbers, there must have been a data leakage that was connected with these three SDK providers. Google has affirmed that it has removed these three apps in question, but it is not known how much of the data has been leaked and how much damage has occurred because of it.
Although Google has a defensive stance, IDAC president Quentin Palfrey says that this violation raises some serious concerns about data processing practices within apps.
According to Palfrey, access to the Android ID and AAID numbers can make the users vulnerable and their geolocation information can also be accessed. And that is definitely a serious concern because there is a possibility that Google’s privacy protection measures may have a breach or may have been bridged.
The IDAC president did not go into a lot of specifications, but he did point out that certain versions of SDKs provided by ‘Unity’ engine have been found to be collecting users’ Android ID and AAID numbers both at the same time, and that could make Google’s privacy controls a lot more vulnerable as developers can bypass these controls and can track users across different devices. It can provide ample information for the users to become targeted by specific ads and other types of adware too.
