Tag Archives: apps

‘Leaky Apps’ Scandal: Where Does the Buck Stop?

Apps stock imageThis week’s revelations about the role that app developers and advertising networks may have (potentially accidentally) played in UK and US government spying raises very important questions for the mobile industry.

Aside from Rovio, which released a comprehensive statement assuring its users that it does not give data to spying agencies, and levelling blame at third-party networks, the silence from the industry has been deafening.

Google’s Doubleclick ads are among those served within Rovio’s Angry Birds, which implicates the company in this alleged haemorrhaging of personal details. Google is also an app owner, with its suite of productivity apps among the most widely used in the world, giving it even greater visibility of data and relevant security issues.

Google: No comment

Asked what the company made of the Wikileaks information, a Google spokesperson said: “We don’t have a comment on this.” When pressed on its responsibility to its users, Google added: “No one’s available for comment.”

Ad networks including Millennial Media and Nexage also serve ads within Rovio’s apps. Millennial Media’s EMEA content and communications manager Dave Ross-Tomlin, made a short statement yesterday. “There has been reporting over the last 24 hours about the collection of mobile data by government ‘spy’ agencies,” he said. “Let us be clear: Millennial Media has not and does not work with, nor pass information to, the NSA, GCHQ, or any other such agencies.”

The company said that it uses non-personally identifiable data provided by publishers – in this case, app developers – with the permission of users. It then adds additional filtering for regulatory compliance, relating to laws like the Children’s Online Privacy Protection Act. We were directed to their privacy policy but Millennial could not give any more detail about whether data could have been collected without them knowing and, if so, how this could be stopped in the future.

MMA: We take privacy seriously

It is not entirely clear within whose jurisdiction this lies and who should be held accountable if consumers’ privacy is infringed. While the Internet Advertising Bureau said it is unable to comment, Stephen Upstone, UK chair of the Mobile Marketing Association, a trade body for the industry, said that his organisation and its members take the issue of consumer privacy very seriously.

“I am not aware of any companies sharing of customer data accidentally or deliberately,” Upstone said. “The MMA takes an active role in encouraging regulation and best practice with the mobile marketing and advertising industry globally. We consult with brand marketers, advertising agencies, publishers, software and service suppliers on behalf of the industry and consumers.”

When asked who could be held responsible if data has been handed over to security services, purposefully of not, Upstone added: “Individual companies that handle data are responsible for ensuring it is properly handled, securely stored and that the laws and regulations are being respected. App developers who work with third-party suppliers and manage data are responsible for choosing vendors who are managing data properly.”

Rovio has said that it is now re-evaluating its work with ad networks as it considers how to ensure that data is not made so freely available in future, but without clear evidence of who has done what, many in the industry face having this key app ad inventory removed from their arsenal. And with little response from app developers and the ad networks they work with, it is difficult to know how the industry can stop this happening in the future.

ICO: We have raised concerns about US spying

We got in touch with a number of consumer protection organisations, including Consumer Future and Which?, but they were unable to comment as they did not have the relevant expertise. An Information Commissioner spokesperson said that app developers must comply with the requirements of the Data Protection Act, including being open about how data will be used and that data collection is not excessive, on which the organisation has created guidelines.

On the NSA and surveillance, the ICO spokesperson said: “There are real issues about the extent to which US law enforcement agencies can access personal data of UK and other European citizens. Aspects of US law under which companies can be compelled to provide information to US agencies potentially conflict with European data protection law, including the UK’s own Data Protection Act. The ICO has raised this with its European counterparts, and the issue is being considered by the European Commission, who are in discussions with the US Government.”

This is just the latest in a long list of examples of government infringing on civil liberties, so are people right to ask whether privacy itself is a thing of the past? Online security firm Bitdefender says that users who embrace privacy are ‘denied access to modern technology’.

Bitdefender: Internet is a pool of data waiting to be mined

“Many of the apps that we install on a daily basis are paid for with our private details,” said Alexandru Catalin Cosoi, chief security strategist at Bitdefender. ”On one hand, advertisers are becoming greedier and greedier, because the more personal information they get, the more accurate their profiling, and on the other hand, developers are better paid if they accept the task of getting more information for the advertiser.

“It looks like a win-win situation, but the end-user has the most to lose in the case of a data breach, and what’s most harmful is that most of the time they aren’t even aware that their private information is being harvested. Social networks are booming and a good chunk of users either have no idea how to, or do not care about, safely using these. The internet has become a pool of personal information ready to be mined.”

It was announced yesterday that Ed Snowden, the man who did some data mining of his own when he leaked documents about government spying to Wikileaks, has been nominated for the Nobel Peace Price. But the prize is not without its critics, with past nominees including Joseph Stalin.

In an interview in December Edward Snowden said: “I didn’t want to change society. I wanted to give society a chance to determine if it should change itself.” These revelations look like a good opportunity for the mobile industry to do some soul-searching of its own.

We reached out to a number of ad networks, including Nexage and Medaiplex, who did not get back to us. Adblock, creators of software to stop ads, declined to comment and App Annie, the app data analytics platform that tracks 3.9m apps, said it ‘may be next week when they engage with the question’. We are awaiting further comment from a number of other organisations. 

Written for Mobile Marketing Magazine and first published here:  http://mobilemarketingmagazine.com/leaky-apps-scandal-where-does-the-buck-stop/#vouAJQ4eioHpUut1.99

Rovio Points to Ad Networks Over Data Leaks to NSA and GCHQ

Angry Birds CartoonAfter revelations in the Guardian today, on the EU’s international Data Protection Day no less, that Angry Birds and other ‘leaky’ phone apps like Google Maps have been targeted by NSA and GCHQ for private user data, the app developer Rovio has responded by pointing the finger at third-party ad networks.

The allegations about the security of popular apps relate to documents leaked by Edward Snowden to Wikileaks and subsequently passed on to the Guardian, the New York Times and ProPublica.

They show that apps, where commercial data is collected by developers or advertising networks, are considered a target for spies, with Angry Birds used as a case study. Information that may have been intercepted includes phone model and screen size, personal details like age, gender, sexual orientation and sexual preferences, and location data, including live Google Maps queries.

‘Anyone using Google Maps on a smartphone is working in support of GCHQ’ 

The documents do not show how much data has been collected, stored or searched, or how many people are affected, but a document from 2008 highlighted by the Guardian explains that the level of access ‘effectively means that anyone using Google Maps on a smartphone is working in support of a GCHQ system’. And apps have certainly come a long way since then. The NSA has spent more than $1bn in its phone targeting efforts, the Guardian reports.

Rovio, who spoke to Mobile Marketing last week about its plans for the Angry Birds apps, which have been downloaded more than 2bn times to date, has now issued a statement. The company says that it ‘does not share data, collaborate or collude with any government spy agencies such as NSA or GCHQ anywhere in the world’.

“The alleged surveillance may be conducted through third-party advertising networks used by millions of commercial web sites and mobile applications across all industries,” Rovio said. “If advertising networks are indeed targeted, it would appear that no internet-enabled device that visits ad-enabled web sites or uses ad-enabled applications is immune to such surveillance. Rovio does not allow any third-party network to use or hand over personal end-user data from Rovio’s apps.”

‘We will have to re-evaluate working with these networks’

Mikael Hed, CEO of Rovio Entertainment, added: “The most important conversation to be had is how to ensure user privacy is protected while preventing the negative impact on the whole advertising industry and the countless mobile apps that rely on ad networks. In order to protect our end users, we will, like all other companies using third-party advertising networks, have to re-evaluate working with these networks if they are being used for spying purposes.”

We have reached out to ad networks working with Rovio, including Millennial Media, Nexage and Google’s DoubleClick, along with the relevant industry bodies and privacy campaigners to comment on the story. Watch this space.

Written for Mobile Marketing Magazine and first published here: http://mobilemarketingmagazine.com/rovio-points-to-ad-networks-over-data-leaks-to-nsa-and-gchq/#LVXpgpxoBCtYwy80.99

Apple to Refund $32.5m of In-app Purchases Made by Children

Apple App StoreApple has been ordered to refund American parents ‘at least’ $32.5m (£19.8m) for in-app purchases made by their children without their ‘informed consent’.

‘Tens of thousands’ of complaints had been leveled at the company since early 2011, the Federal Trade Commission said, with many claiming thousands of dollars in charges they didn’t know about. One consumer said her daughter had spent $2,600 in the app Tap Pet Hotel.

The FTC found that Apple was storing users’ passwords for 15 minutes after they had authorised an initial download, enabling children to go on an inconspicuous buying spree. The second accusation was that parents were often simply asked for their password without Apple making it clear that this was to authorise in-app purchases. Both of these violate the FTC Act.

Apple will also have to change its billing practice by 31 March so that parents are clearly informed if entering their password is being taken to authorise a payment. The company must contact all of the people it knows were charged in this way and give them a refund at their request.

In an email to Apple employees obtained by 9to5Mac, CEO Tim Cook said the case wasn’t needed as the company was already addressing these issues. Apple has emailed the 28m people who made in-app purchases within kids games and has received 37,000 claims. Of the amount set aside for refunds, this would indicate an average unauthorised charge of around $878 per claimant.

“This settlement is a victory for consumers harmed by Apple’s unfair billing, and a signal to the business community: whether you’re doing business in the mobile arena or the mall down the street, fundamental consumer protections apply,” said FTC Chairwoman Edith Ramirez. “You cannot charge consumers for purchases they did not authorise.”

As Apple only takes 30 per cent of each transaction made, with 70 per cent going to developers, this means they are likely to pay out more than they actually received for each unauthorised payment. But $32.5m is a drop in the ocean compared to the revenues Apple makes in the App Store. Last year, the company made $10bn.

One of the four commissioners working on the case disagreed with the decision. In a statement, Commissioner Wright said he did not feel Apple should have to change its business because of an ‘extremely small and arguably, diminishing subset of consumers’. But this kind of problem is not limited to the US, with complaints to premium charge regulators PhonePayPlus growing rapidly in recent years.

The FTC outlined a range of steps it has taken to address issues created by growing smartphone use, including creating guidelines to avoid deception in mobile advertising, to improve transparency on data privacy and to help smooth the transition to mobile payments.

Written for Mobile Marketing Magazine and first published here: http://mobilemarketingmagazine.com/apple-to-refund-32-5m-of-in-app-purchases-made-by-children/#R0qH7Sg2FiqIlLoS.99

Mobile Traffic Doubles at Evening Standard and Indy


ESI Media – which comprises the Independent, the i paper and the Evening Standard, all owned by Russian oligarch Evgeny Lebedev – has had an exciting few years.

From taking the Standard free and launching a concise sister paper to the Independent, the i, back in 2010, to hiring the youngest ever editor of a national newspaper earlier this year, the group has consistently evolved with the changing face of news.

“It’s a challenge for all print newspapers to maintain circulation and readership, and is even harder for paid-for titles,” says digital MD Zach Leonard. “But we’ve actually got more people reading Independent journalism today than ever before because of the absolutely radical growth of the website.”  Worldwide, the company now sees 30m unique users every month and only 55 per cent of those are now in the UK, he said.

As part of its most recent reinvention, which includes a facelift for the Indy, a new iOS app has also launched this week for the Evening Standard. An Android app and a dedicated Kindle Fire app are on the way in the coming weeks – the Fire delivers the second-largest audience share after iOS – with the same updates promised for the Independent before Christmas. The apps are all powered by Page Suite, chosen as something that would work for both the free London paper as well as the paid-for national title.

40 per cent of traffic is mobile

“A year ago, 20 to 25 per cent of our web reads were coming from mobile,” Leonard said. “Including our apps, we’re solidly north of 40 per cent every single month.” The new Evening Standard app combines digital elements with a PDF replica of the day’s paper, seeking to satisfy both those who enjoy the traditional linear view, as well as serving up dynamic elements no doubt with a younger readership in mind.

People will be able to see a rolling week of content, as well as gaining access to a 30-day archive. Yes! magazine, which comes out in print each Friday, will also stay in the app for an entire week. “We’re hoping the new app gives people a reason to check in with the Evening Standard on their way to work,” he said.

The app uses push notifications to alert opted-in users to the availability of the latest edition, as well as automatically downloading each edition in the background for the reader to view offline. Within four days of the app’s release, Leonard says the Standard is running around 50 per cent more additional page impressions.

Video and virtual-only editions?

A later release will bring video into the dynamic content section and Leonard said the company’s TV channel London Live, which is launching online and on mobile in the new year, could provide a tie-in.

The company is using both print and digital resources to support the production of this new range of apps and has committed to a rather gruelling-sounding digital production schedule, actively curating a digital edition of the Standard up to five times a day. Leonard says he hopes the paper will be able to deliver an entirely virtual evening edition in the near future.

ESI is actively working with the Audit Bureau of Circulations – the organisation that counts newspaper readership – to create a standard for measuring digital publications. “We’re seeing a move towards metrics that are a lot more robust,” Leonard said.

Native, RTB and transactional ads?

The company is now looking to ensure it can sell truly cross-platform advertising packages, in some instances encouraging its historic print advertisers to go digital. Within the Evening Standard app, as well as the upcoming updated Independent app, there will be IAB-standard ads, as well as overlaid and full-page interstitials between news content.

The group sells a lot of its premium inventory directly to brands, but they do have network and RTB partners. “ESI is currently more dependent on external sales partners for mobile inventory. We’ve been selling mobile ads for the last three years within our apps and the last 18 months on the mobile web and there is growth in terms of networks and RTB.”

“But developing really interesting embedded advertising is where the market is going – the highest premium spots, particularly, are about that,” he said. “We have sponsorship conversations but it’s much more intersting to build something into a content area. I’m really keen to explore transactions and shopping opportunities on our apps in the future.”

Written for Mobile Marketing Magazine and first published here: http://mobilemarketingmagazine.com/content/mobile-traffic-doubles-year-evening-standard-and-indy#7g9mw54TOFCGgo6y.99