Some Popular iOS Apps Discovered to Secretly Record Your Screen For Analytics

Data is ridiculously important, and sometimes a company’s vision for access is quite different than another’s. And it can be especially different for an individual user.

While some folks might not mind if their data is being collected for general analytics, some might mind quite a bit. Especially if that data is being collected in secret. That is apparently the case, as was reported by TechCrunch on Wednesday. Some iOS apps, many of which are very popular, apparently secretly record a phone’s display for analytical reason. Those apps include Hotels.com, Expedia, Air Canada, Abercrombie & Fitch, among others.

These apps are using Glassbox, which allows developers use something that’s called “screen replay” which records the screen technology. This can record not only individual taps within the apps, but also swipes, and record the entire screen for that matter. All of which is happening without the express consent of the individual users. That information, unsurprisingly, is then sent back to the developers.

“Apps like Abercrombie & Fitch, Hotels.com and Singapore Airlines also use Glassbox, a customer experience analytics firm, one of a handful of companies that allows developers to embed “session replay” technology into their apps. These session replays let app developers record the screen and play them back to see how its users interacted with the app to figure out if something didn’t work or if there was an error. Every tap, button push and keyboard entry is recorded — effectively screenshotted — and sent back to the app developers.”

There is an even bigger issue. Some of the apps, including Air Canada, do not properly mask the data that is recorded from the app. That can lead to exposed data, including, but not limited to, passport and credit card information. That means those working on the app can easily see that data.

Each of the apps have an individual privacy policy, but none of them go out of their way to make the user aware that Glassbox is being utilized, and, therefore, their information is being accessed on a regular basis. All the way up to the screen being potentially recorded. And Glassbox? They don’t require their customers to make note of the recording features at all.

“Glassbox has a unique capability to reconstruct the mobile application view in a visual format, which is another view of analytics, Glassbox SDK can interact with our customers native app only and technically cannot break the boundary of the app,” the spokesperson said, such as when the system keyboard covers part of the native app/ “Glassbox does not have access to it,” the spokesperson said.”

At this point, the only way to avoid this is to not use the apps on your devices at all. There is no way, at the time of publication, to opt out of this type of secret data collection. So, for now, if you don’t want it happening to you it sounds like you’ll need to forego using the apps altogether.

This is a major issue. Especially considering this is happening on iOS. This is yet another major issue for Apple’s platform as a whole, even if Apple isn’t directly responsible for it like the company was with the audio bug in Group FaceTime that could allow callers to eavesdrop on recipients before they answered the incoming call.

What do you think Apple should do in this case?

[via TechCrunch]