Personally identifiable information (PII) is any data that could potentially identify a specific individual. Any information that can be used to distinguish one person from another and can be used for de-anonymizing anonymous data can be considered PII.
What does that mean to you? Think about how frequently you use your phone or tablet for shopping, researching, banking, social media, or just playing games. Would you want someone collecting personal information about you, such as your location, e-mail address, age, sex, or contact information? Most internet users realize that critical pieces of their personal information are being collected but don’t know the extent of how much and what it is being used for.
Researchers from MIT, Harvard, and Carnegie Mellon found that apps downloaded from Google Play or the Apple Store may be sharing personal information with third parties, with Android apps spying more than iOS apps. Of the 100 plus apps that were reviewed, 73% of Android apps shared personal information like email addresses, and 47% of iOS apps shared location information. The study found that Android apps were far more likely to share personally identifying information, such as one’s name, than iOS apps. Also, 3 out of 10 apps under the “Medical Health and Fitness” category share medically related search terms. In translation, if you were to search for “herpes”, that would now be something known about you. I think that that’s a little scary, and most people are not willing to share their PII. Is it a little creepy? I definitely think so!
If you’re one of the billions of people who have downloaded the Facebook Messenger app downloaded the Facebook Messenger app. Here is a list of some personal information the app is allowed to access.
- Allows the app to change the state of network connectivity
- Allows the app to call phone numbers without your intervention. This may result in unexpected charges or calls. Malicious apps may cost you money by making calls without your confirmation.
- Allows the app to send SMS messages. This may result in unexpected charges. Malicious apps may cost you money by sending messages without your confirmation.
- Allows the app to record audio with microphone. This permission allows the app to record audio at any time without your confirmation.
- Allows the app to take pictures and videos with the camera. This permission allows the app to use the camera at any time without your confirmation.
- Allows the app to read you phone’s call log, including data about incoming and outgoing calls. This permission allows apps to save your call log data, and malicious apps may share call log data without your knowledge.
- Allows the app to read data about your contacts stored on your phone, including the frequency with which you’ve called, emailed, or communicated in other ways with specific individuals.
- Allows the app to read personal profile information stored on your device, such as your name and contact information. This means the app can identify you and may send your profile information to others.
- Allows the app to access the phone features of the device. This permission allows the app to determine the phone number and device IDs, whether a call is active, and the remote number connected by a call.
- Allows the app to get a list of accounts known by the phone. This may include any accounts created by applications you have installed.
The below below chart shows various ways internet users have tried to limit their PII from being observed online.