Friday, 14 November 2014


Are you one of the half a billion people affected by this. 

If you have downloaded a 3rd party Flashlight/Torch App on to your Android phone or tablet the chances are that somebody else has got your browsing history, passwords and contacts. 

The top 10 Apps of this type on Google Play Store are all suspected of stealing your data.

Where is my stolen data being stored? Probably Russia, China or India. These are the top three countries stealing your data with these apps.

How to avoid your data being robbed

To avoid your data being stolen check out the size of the App. If it is under 1MB it is probably safe, you do not need too much software to turn your device into a torch. I am lucky in that my HTC One comes with a HTC Torch which I trust. So before you delete your App check where it has come from. If it is from the device manufacturer it is probably safe. If the App is over 1Mb and many of the top ones are over 5MB what is all that extra software doing, because it is surely not just turning on the lights!!!

If you have to delete one of these Apps you had better check out the video below. It involves a lot more tedious work than just pressing the delete button to do it right. We are not naming Apps here for legal reasons but just go and look at the Play Store and check out the size of the Apps yourself. There are a few around 500K - how can they do it? Also check out what permission levels they are looking for. They only need access to your camera/microphone and LED light anything more and run a mile away.

Is this all BS? 

Many commentators have said it is on YouTube. But they obviously didn't see the complaint from the Federal Trade Commission in the US this time last year about one of the most popular apps 'Brightest Flashlight' which is listed 4. in the Play Store. We have listed their complaint below for you to read.

We are not blaming Google Play Store for this, they have a totally open platform unlike Apple Store which plays a role in censoring the Web. It is better to have total freedom, but you just need to be more careful about what permissions you give an App.

Android Flashlight App Developer Settles FTC Charges It Deceived Consumers

‘Brightest Flashlight’ App Shared Users’ Location, Device ID Without Consumers’ Knowledge

For Release
The creator of one of the most popular apps for Android mobile devices has agreed to settle Federal Trade Commission charges that the free app, which allows a device to be used as a flashlight, deceived consumers about how their geolocation information would be shared with advertising networks and other third parties.
Goldenshores Technologies, LLC, managed by Erik M. Geidl, is the company behind the “Brightest Flashlight Free” app, which has been downloaded tens of millions of times by users of the Android operating system. The FTC’s complaint alleges that the company’s privacy policy deceptively failed to disclose that the app transmitted users’ precise location and unique device identifier to third parties, including advertising networks. In addition, the complaint alleges that the company deceived consumers by presenting them with an option to not share their information, even though it was shared automatically rendering the option meaningless.
“When consumers are given a real, informed choice, they can decide for themselves whether the benefit of a service is worth the information they must share to use it,” said Jessica Rich, Director of the FTC’s Bureau of Consumer Protection. “But this flashlight app left them in the dark about how their information was going to be used.”
In its complaint, the FTC alleges that Goldenshores’ privacy policy told consumers that any information collected by the Brightest Flashlight app would be used by the company, and listed some categories of information that it might collect. The policy, however, did not mention that the information would also be sent to third parties, such as advertising networks.
Consumers also were presented with a false choice when they downloaded the app, according to the complaint. Upon first opening the app, they were shown the company’s End User License Agreement, which included information on data collection. At the bottom of the license agreement, consumers could click to “Accept” or “Refuse” the terms of the agreement. Even before a consumer had a chance to accept those terms, though, the application was already collecting and sending information to third parties – including location and the unique device identifier.
The settlement with the FTC prohibits the defendants from misrepresenting how consumers’ information is collected and shared and how much control consumers have over the way their information is used. The settlement also requires the defendants to provide a just-in-time disclosure that fully informs consumers when, how, and why their geolocation information is being collected, used and shared, and requires defendants to obtain consumers’ affirmative express consent before doing so.
The defendants also will be required to delete any personal information collected from consumers through the Brightest Flashlight app.
The Commission vote to accept the consent agreement package containing the proposed consent order for public comment was 4-0.
The FTC will publish a description of the consent agreement package in the Federal Register shortly. The agreement will be subject to public comment for 30 days, beginning today and continuing through Jan. 6, 2014, after which the Commission will decide whether to make the proposed consent order final. Interested parties can submit written comments electronically or in paper form by following the instructions in the “Invitation To Comment” part of the “Supplementary Information” section. Comments can be submitted electronically via the Commission’s comment submission page. Comments in paper form should be mailed or delivered to: Federal Trade Commission, Office of the Secretary, Room H-113 (Annex D), 600 Pennsylvania Avenue, N.W., Washington, DC 20580. The FTC is requesting that any comment filed in paper form near the end of the public comment period be sent by courier or overnight service, if possible, because U.S. postal mail in the Washington area and at the Commission is subject to delay due to heightened security precautions.
NOTE: The Commission issues an administrative complaint when it has “reason to believe” that the law has been or is being violated, and it appears to the Commission that a proceeding is in the public interest. When the Commission issues a consent order on a final basis, it carries the force of law with respect to future actions. Each violation of such an order may result in a civil penalty of up to $16,000.
The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them.  To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357).  The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 2,000 civil and criminal law enforcement agencies in the U.S. and abroad.  The FTC’s website provides free information on a variety of consumer topics.  Like the FTC on Facebook, follow us on Twitter, and subscribe to press releases for the latest FTC news and resources.

No comments:

Post a Comment