After analyzing the ‘Obama for America’ and ‘Mitt’s VP’ apps for Android and iOS, GFI Software has determined that users following both presidential candidates via Smartphone are unknowingly turning over private personal information.
Both apps, which Network World is calling “similarly nosy,” ask users for basic database or canvassing logistics (name, address, phone number), to be expected. But they also seek permission to access a user’s general phone utility, contact lists, and social networks, all of which are otherwise protected by Smartphones and are privately secured.
In a side-by-side analysis of the Romney and Obama apps for Android, the GFI Labs team identified five permissions that both apps seek as “dangerous” with the potential to be “abused in apps that leak data.”
Romney’s app – developed to introduce Paul Ryan as his VP pick but is currently still available for download – requires users to register for a “MyMitt Account” by manually inputting personal vitals or connecting through Facebook, after which users are prompted to permit the app to gather information about the user’s Facebook friends.
Even more unusual is the app’s request to receive access to both the Smartphone’s audio recordings and camera, even though Romney’s app itself does not have any functional use for either.
Alternatively, Obama’s app, which received flack from Reuters when it was released earlier this month for sparking “privacy fears,” probes for a user’s phonebook, personal call logs, and even nudges users to visit other registered voters in their surrounding areas to campaign for Obama on a grassroots level.
“The implications of having a stranger’s name and address at one’s fingertips” as one privacy expert put it, has been mentioned as a potential cause for concern. (Fox News, on the other hand, labeled it just plain “creepy.” The New York Times has more loftily called it “the science-fiction dream of political operatives”).
Although the latest Romney and Obama apps do not appear to be breaking any presumptive privacy laws – since the information they want to be granted is technically publicly available –there is no way to determine (at least for now) in what ways Smartphone users following the campaign trail might be duped into revealing more than they should.