Abstract
Privacy risks are increasingly linked to how people use their smartphones and tablets. This study investigates privacy issues in 21 mobile apps for Android. The experiment was done in Oslo, Norway, in November and December 2015. All the
apps in this study accessed personally identifiable information. A central finding is that many mobile apps not owned by big American tech companies (e_g. Google, Facebook) - such as sports apps and dating apps - transmitted potentially sensitive user data to a complex myriad of third-party
services. In our study the 21 mobile apps communicated with approximately 600 different primary and third-party domains. Many of these third-party domains are trackers that pose potential privacy risks because we have little knowledge
about how they collect, store and link user data. Third-party trackers in our study sent data to servers in Europe and the USA.
Oppdragsgiver: Norwegian Consumer Council
apps in this study accessed personally identifiable information. A central finding is that many mobile apps not owned by big American tech companies (e_g. Google, Facebook) - such as sports apps and dating apps - transmitted potentially sensitive user data to a complex myriad of third-party
services. In our study the 21 mobile apps communicated with approximately 600 different primary and third-party domains. Many of these third-party domains are trackers that pose potential privacy risks because we have little knowledge
about how they collect, store and link user data. Third-party trackers in our study sent data to servers in Europe and the USA.
Oppdragsgiver: Norwegian Consumer Council