Apple, “Clueful,” and the Complexities of Mobile Apps Privacy

July 23, 2012

Data privacyA developer creates a mobile app enabling users to determine which of the many apps he or she has downloaded are “misbehaving.” 

Misbehaving apps include those that, without notice to the user, capture, share, or analyze personal information accessible on the user’s device.  Most would view this privacy app as a good thing, which should be supported and encouraged.

In the complex world of personal privacy rights, however, the situation is apparently not quite that simple.

The company, Bitdefender, recently developed and launched a mobile app named, “Clueful.”

Clueful enables users of equipment running Apple’s operating system for mobile devices (iOS) to check the apps they are running and identify those that are inappropriately handling personal information and thus potentially intruding on the user’s privacy.

Clueful discovered some interesting and troubling facts about many of the most widely used iOS apps.

After reviewing approximately 65,000 apps now in use, it concluded that nearly 43 percent of those apps do not encrypt personal data they transmit and process, more than 41 percent track the physical location of users without notice to the user, and almost 20 percent can access and share the address book information stored in a device’s address book.

Clueful was originally approved by Apple for distribution through its App Store.

After a brief period of time, however, Apple reversed that decision and removed Clueful from the App Store.

To date, Apple has reportedly declined to specify why it removed Clueful from the App Store.  Absent an explanation, there is no way to assess the reasonableness of Apple’s judgment in this case.

The action appears, however, to be ill-advised.

Clueful seems to provide a valuable tool for mobile device users, empowering them to understand the capabilities of the apps they use.  That knowledge is vital if individuals are to protect their security and privacy effectively.

To the extent that Apple has legitimate concerns about Clueful, it should collaborate with Bitdefender to resolve those concerns promptly so that Clueful can again be readily accessible to users.

Clueful and similar products and services offer important support for individuals as they work to protect their online security and privacy.

Working frequently with apps developers and users, we have learned that the world of software apps is currently a very murky place.

There is a notable lack of transparency with respect to the full functional capabilities of the many apps now in commercial use.

Apps users are seldom provided with effective notice regarding the ways in which the apps are used for the benefit of other parties.  The rights and remedies available to apps users are also commonly not disclosed to consumers.

Key players in the information technology sector, including Apple, should do their best to facilitate access to products and services that help make the world of apps less murky and more understandable for consumers.

At a minimum, Apple and its counterparts should not impede the development and distribution of new privacy and security tools for individual users.