A popular app sends geodata to an ad tech firm without user’s consent

Weather forecast app AccuWeather was caught sending data about users’ whereabouts even when denied access to the location to a company named RevealMobile. Pressing button "don’t allow" in respond to its location request stops the app from receiving GPS coordinates, but still, lets it see and send the device’s MAC address and router’s identifier.

RevealMobile builds "high-value audiences" for advertisers by analyzing mobile location signals, detecting where people live and work, where they go throughout the day. "Pairing this information with existing demographic targeting criteria allows retailers to target consumers with a high propensity to visit based upon two of their most relevant locations", says RevealMobile. It claims that it harvests location data from "hundreds" of mobile apps. Security researcher Will Strafach, who draw public attention to AccuWeather’s roguery, found 40 popular apps that supply RevealMobile with geodata.

He emphasized that the problem is not AccuWeather’s sharing the location data itself, but doing that without users’ consent, and even more, against their refusal. Pressing the "don’t allow" button in response to a location access request, a person expects to keep this information away from third parties and advertisers, but their hopes are in vain. The ad companies receive less data if GPS tracking is off, but still enough for analyzing, combining with other data and using for ad targeting.

In a comment to TechCrunch, the AccuWeather’s representative claimed that the app’s team was unaware of RevealMobile’s getting the location data. They had access to it through their SDK. This is a software development kit, a set of third party tools that can be integrated into an app to enrich it with certain functions. "AccuWeather will be removing the Reveal SDK from its iOS app until it is fully compliant with appropriate requirements. Once reinstated, the end result should be that zero data is transmitted back to Reveal Mobile when someone opts out of location sharing", the representative said.

Ludmila Kudryavtseva on Industry News
August 23, 2017
By downloading the comments you agree the terms and policies
Meet CAV, the car of the nearest future
Connected autonomous vehicles (CAV) are soon to replace motorcars and trucks on the roads.
Enjoy the new AdGuard website — and help us make it better

A launch of a new corporate website often excites the company much more than the users. AdGuard, probably, is not an exception. But we still couldn’t hold the agitation within the office walls. We proudly present our newly redesigned website — new.adguard.com! And besides, we’d like to ask you for some help :)

AdGuard download has started Click the button indicated by the arrow to start the installation. Select "Open" and click "OK", then wait for the file to be downloaded. In the opened window, drag the AdGuard icon to the "Applications" folder. Thank you for choosing AdGuard! Select "Open" and click "OK", then wait for the file to be downloaded. In the opened window, click "Install". Thank you for choosing AdGuard! Install AdGuard for mobile devices as well: