In 2008 the internet played a galvanizing role in electing a new president — Obama raised half a billion dollars online alone — and the candidates this year will be even more digitally connected to voters. Millions of people have downloaded smartphone apps on both iOS and Android to show their support for President Obama or Mitt Romney, possibly to their own detriment. A report from web security firm GFI says that both candidates' apps — "Obama for America" and "Mitt's VP" — are amassing a surprising amount of user data, and most users probably don't even realize it. Sound creepy? It is. A guide to what you should know before you hit the download button:
What are the apps supposed to be used for?
"The ostensible purpose of both apps is different," says John E. Dunn at Network World. Obama's is a "straight canvassing tool" intended to help proactive Team Obama stumpers go door-to-door in swing states, by giving them tips on arguments to use, for example. Romney's app was originally a way for GOP voters to hear news about his vice-presidential candidate. But GFI staffers noticed "intrusive permissions" demanded by both apps, which gobbled up a "surprising volume of information users will be giving up to the candidate's campaign databases" about themselves, their families, and their contact lists. The firm looked at both candidates' Android apps to see what kind of information they were gathering.
What did they find?
Getting you to download the apps "apparently isn't enough for the presidential contenders," says Colin McDermott at NewsNet5. "They want your personal info" too. Take Mitt's VP app, for instance. Although it was intended to be used to announce his vice presidential pick, the app is still active and available for download. To use it, users either sign up for a "MyMitt" account — which asks for basic information like name, email address, and zip code — or they sign in using their Facebook account. Once that happens, "they are giving the app permission to post on their behalf and to collect data available from their Facebook friends," says GFI researcher Randall Griffith.
Is that all?
Not quite. Mitt's VP app also collects information like device ID, carrier, phone number, GPS location, cell location, and package info on other installed apps. But the weirdest part is the app asks for access to the audio recording features of the mobile phone and the camera. "The app doesn't appear to take advantage of those features," says Griffith, "so why does it need those permissions?"
What about Obama's app?
It's "similarly nosy," says Network World's Dunn. The Obama for America app also asks for cell and GPS location data, and demands access to a user's contact book, call logs, and SD card content if available. More "controversially," the app reveals information on nearby registered voters, including their first names, last initials, and home addresses. It then encourages users to visit these people on behalf of Obama's re-election bid, which could prove quite dangerous, says GFI's Griffith. "When checking out this particular feature, it told me to go canvassing in a part of town locally known for a higher crime rate."
What should users do about this?
"Even reputable sources like the official presidential campaigns may encroach on what many of us consider a reasonable expectation of privacy," says Griffith. "If you value your privacy, be careful what you download, and do what you can to educate yourself about how your publicly available information (in this case your voter registration) is being used."