Developing concerns around mobile device apps that gather user data are making the headlines again. Security firm AVG in particular is in the limelight over its new privacy policy, instituted mid-month, which acknowledges that some of its apps will gather usage data. The company then may warehouse such data for later sale to third parties.
“We may collect your name, address, email, phone and SIM number, IP address, Device ID, location, and if you buy our products, payment information,” runs the privacy policy summary. Of course, any company from Amazon on down that collects user registrations will do some or all of that. But the concern is that some of AVG’s apps will be doing that without explicitly informing users.
“Our customers should have the ability to choose whether or not to participate in our anonymized data collection program,” runs AVG’s own statement on its new privacy policy. “We are currently adding this option to some of our FREE consumer products.” But it continues: “Most software products and websites collect usage data.” And the irony of a security firm that potentially violates users’ privacy has not been lost on people.
AVG does assure users that: “We do not, and will not, sell personally identifiable data to anyone, including advertisers.” However, a lot of the criticism, and skepticism, revolves around precisely this question of personally identifiable data. Some argue that data cannot be comprehensively anonymized; others point out that advertisers will be pushing for data that allows them to identify users. This isn’t the first time that AVG has been pulled up on the issue. Way back in 2011, one of its early apps for Windows phones was criticized for privacy invasion. And of course, this may be the price you pay for free products, but AVG’s position is attracting far more attention, and criticism, than usual.
Then there’s the issue of the upcoming Senate vote on the Cybersecurity Information Sharing Act, which in principle makes it easier for tech companies to share information with the U.S. government to improve national cybersecurity. It also grants these companies immunity from resulting prosecution for violation of privacy. Major tech companies aren’t exactly lining up behind the new bill, though. Apple, Dropbox, Reddit, Twitter, Wikipedia, and others have come out against it. The Electronic Frontier Foundation is leading a campaign against it. With such broad condemnation, you’d hope that it will die a death before becoming law. But the underlying concerns remain, and will not go away.
