British Virgin Islands-based VPN service ExpressVPN Digital Security Lab has released a new report revealing the prominence of location tracker SDKs in dating apps.
Your online privacy is becoming a big deal as apps and business websites track you without your permission and target you due to the information you provide online. But the prominence of questionable location trackers is proliferating among the dating apps you use.
Location data is commonly harvested from your smartphone. It can enrich user-profiles and provide insights into user behavior via intimate details about a user’s movements. Data collected by location and proximity sensors could end up in the hands of law enforcement, intelligence agencies, and military organizations. This massive amount of data about the movements of populations can threaten the privacy of ordinary people around the globe with potential human rights issues.
ExpressVPN Digital Security Lab worked with Esther Onfroy of the Defensive Lab Agency and used the app scanner provided by Exodus Privacy to analyze 450 apps across messaging, gaming, social, and shopping apps used by everyday consumers.
It used a combination of automated tools and manual analysis, to determine whether there are “signatures,” or identifying information, for a tracker in an app’s code, gathering other interesting information such as network endpoints that the app may communicate with.
To do this, it downloaded and unpacked each app installer, disassembled machine language into human-readable source code, searched the source code for tracker signatures and other identifiers, and correlated its findings with web databases, public information, and app stores.
It found that all apps that it analyzed contained questionable trackers. These apps collectively have been downloaded at least 1.7 billion times by consumers globally.
It identified 64 dating apps that have been downloaded at least 52 million times globally. These location trackers are associated with several companies such as X-Mode (subject to a ban by Apple and Google), OneAudience, and Predicio, amongst others, which have repeatedly been called out for privacy violations.
X-mode appeared in 44% (199) of all 450 apps analyzed. Despite the ban, only 10% of these apps have been removed from Google Play.
These dating apps remain available for mass download at the end of January 2021 on the Google Play Store and specifically target a range of sexual orientations and dating preferences, as well as a large assortment of national, ethnic, and racial groups.
These include apps such as Jack’d – Gay Chat & Dating (five million downloads), FEM – Free Lesbian Dating App, Chat and Meet Singles (one million downloads), Encore – Single Parents and Divorced Dating and Chat (500,000 downloads), Black Dating – Meet Online Black Singles Nearby (100,000 downloads), and Asian Mingle – Free Asian Dating and Singles Chat (100,000 downloads).
They also cover more generic dating apps like Mingle2, which claims to have over 39 million members.
There is a growing threat to consumer privacy. When you download an app, you can not take advantage of privacy-protecting searches like Xayn, you are at the mercy of the app. Many apps will not work without location services, and some updates turn settings back on stealthily.
But do you live a life without the apps that bring you joy and keep your location secret, or do you accept that this data may, one day, be used against you in some way? The choice is yours.