A popular app sends geodata to an ad tech firm without user’s consent

Weather forecast app AccuWeather was caught sending data about users’ whereabouts even when denied access to the location to a company named RevealMobile. Pressing button "don’t allow" in respond to its location request stops the app from receiving GPS coordinates, but still, lets it see and send the device’s MAC address and router’s identifier.

RevealMobile builds "high-value audiences" for advertisers by analyzing mobile location signals, detecting where people live and work, where they go throughout the day. "Pairing this information with existing demographic targeting criteria allows retailers to target consumers with a high propensity to visit based upon two of their most relevant locations", says RevealMobile. It claims that it harvests location data from "hundreds" of mobile apps. Security researcher Will Strafach, who draw public attention to AccuWeather’s roguery, found 40 popular apps that supply RevealMobile with geodata.

He emphasized that the problem is not AccuWeather’s sharing the location data itself, but doing that without users’ consent, and even more, against their refusal. Pressing the "don’t allow" button in response to a location access request, a person expects to keep this information away from third parties and advertisers, but their hopes are in vain. The ad companies receive less data if GPS tracking is off, but still enough for analyzing, combining with other data and using for ad targeting.

In a comment to TechCrunch, the AccuWeather’s representative claimed that the app’s team was unaware of RevealMobile’s getting the location data. They had access to it through their SDK. This is a software development kit, a set of third party tools that can be integrated into an app to enrich it with certain functions. "AccuWeather will be removing the Reveal SDK from its iOS app until it is fully compliant with appropriate requirements. Once reinstated, the end result should be that zero data is transmitted back to Reveal Mobile when someone opts out of location sharing", the representative said.

Ludmila Kudryavtseva on Industry News
August 23, 2017
Comments are powered by Disqus. By downloading the comments you agree the terms and policies of Disqus
Ad blocking is under attack

Well, this is huge, so I'd like to draw your attention to what's happening right now. This is a very alarming case, and it concerns every ad blocker user.

Brief introduction into ad blocking

To understand better what's happened, you should first learn a bit more about ad blocking. Every ad blocker work is based on using so-called filters lists, which are maintained (mostly) by volunteers. That said, whichever ad blocker you use, credits for actual ad blocking belong to the filter lists maintainers. The most popular filters list is called EasyList and this is what this story is about.

Got it, so what happened?

Enjoy the new AdGuard website — and help us make it better

A launch of a new corporate website often excites the company much more than the users. AdGuard, probably, is not an exception. But we still couldn’t hold the agitation within the office walls. We proudly present our newly redesigned website — new.adguard.com! And besides, we’d like to ask you for some help :)

AdGuard download has started! Click the button indicated by the arrow to start the installation. Thank you for choosing AdGuard! Select "Open" and click "OK", then wait for the file to be downloaded. In the opened window, drag the AdGuard icon to the "Applications" folder. Thank you for choosing AdGuard! Select "Open" and click "OK", then wait for the file to be downloaded. In the opened window, click "Install". Thank you for choosing AdGuard!