Chances are, most of the apps you downloaded on your phone collect and use your personal information. Sometimes that is necessary for the app to work. Even if not, many apps collect your personal information for analytical purposes. Developers use the data to improve their apps and make sure they work as intended. But some apps may collect your personal information for other purposes, such as creating an advertising profile that third-party companies can purchase and use to serve ads that may be more relevant to you. Apple has so-called “Privacy Nutrition Labels”, which allow you to see what personal data apps collect about you. If you don’t want an app to track you on an Apple device, you can also prevent your data from being collected. However, in the Android realm, we currently have no such tools to manage the data that apps collect from us. Something that aims to address the problem is the recently announced The “Data Security” section of the Google Play Store, in which, like Apple’s app privacy information, developers must explain how their apps collect, share, and secure users’ data. However, because the information has to be filled in by the app’s creators, it’s very unlikely that some developers will find a loophole and enter incorrect data.
The truth is that yes, you can delete your advertising ID on an Android phone, and yes, you have some control on iOS, but you can’t completely stop an app from tracking you. So let’s take a look at some good practices for identifying suspicious apps and protecting your personal data on Android.
Check and manage app permissions
App permissions play a vital role in protecting your privacy. You can use them to control which parts of the phone and system your apps can access.
Also checking what permissions an app requires can help you see if it can be trusted or not. For example, if a calculator app asks for permission to use your phone’s camera for no apparent reason, it might not be as innocent as you thought.
You can see on your phone what permissions an app currently has and needs, but you’ll help protect your data by checking what permissions an app needs before downloading it.
To see what permissions an app will use, go to the app’s page in the Google Play Store, then tap “About this app” and in the “Permissions” section, tap “Show details.” The Google Play Store will open a window with all the permissions the app needs.
Managing permissions is not enough
But even if an app looks secure, there’s another way to collect at least some of your data. Almost every app has built-in trackers, which are used to collect and transmit your personal information. Some of these are harmless. Others – maybe not so much.
What are the trackers in mobile apps?
Almost every app has built-in trackers, which are bits of code designed to collect your personal information for various purposes. They are normally provided by companies as an SDK (Software Development Kit), a collection of tools designed to facilitate application development.
Some trackers like Google’s Firebase Analytics and CrashLytics provide developers with statistics and crash reports and help them improve their apps. There are also trackers that are used to bombard you with ads. Trackers can also be used for profiling and identification, i.e. collecting as much information as possible in order to create a digital profile of you and to associate you specifically with your online and offline activities.
A great example that shows how versatile and powerful trackers can be is FidZup. This tracker makes your phone pick up an inaudible tone emitted by transmitters placed in establishments or shops. This way, FidZup learns your exact location and can track you while you shop. The tracker also allows these branches or stores to send you promotions. Like a report says about the tracker: “The consumer then receives relevant content in the right place and at the best time on his smartphone.”
But how do you see how many and what built-in trackers an app has?
Before we go any further, you should know that no service or app designed to discover built-in trackers is 100% accurate. So it is always better to double-check certain information with another app or service.
See how many trackers an app has with Exodus Privacy
Exodus Privacy “analyzes privacy issues in Android applications.” The service scans the codes of the free apps uploaded to the Google Play Store and lists all the trackers and permissions found in them. Unfortunately, the service only analyzes free apps, so you won’t be able to find or receive a report for a paid app with this service.
Exodus Privacy allows you to search for a recent report for an app before downloading it and see what permissions that app wants to use and what built-in trackers it has. The web service even lists other apps with the same trackers and provides links to the trackers’ official websites.
Analyzing an app with Exodus Privacy
Exodus Privacy is very easy to use. To analyze an app with Exodus Privacy, go to the Exodus Privacy Website, tap the ‘Check an app’ button and type the name of the app you want to analyze in the search bar. You can also copy and paste the link to the app from the Google Play Store into the Exodus Privacy search field.
If there is no report of a free app that you want to download, you can start an analysis yourself. All you need to do is click the “Run a new analysis” button, copy and paste the URL of the app and tap “Run Analysis”.
Analyzing an app with Exodus Privacy
For demonstration purposes, let’s see what Exodus Privacy has to say about Asphalt 9, a game I’ve logged many hours into.
When we search for Asphalt 9 in Exodus Privacy’s search bar, we find that the popular game has 34 built-in trackers and will ask 14 permissions from us. As we can see, many of these 34 trackers are for analytics or advertising purposes. But if we are not sure about a specific tracker, we can always google it or go to the tracker’s official website and see if it is safe or not.
How to use TrackerControl
To use TrackerControl, you need to download it from the Google Play Store, where you will find the slim version, or in other words, the analytic version of the app. Since it works similarly to a VPN service, you will be prompted to enable Android’s VPN option when you first run the app. TrackerControl sets up a local VPN server and, locally on your phone, starts analyzing the apps you run, except the browsers.
When TrackerControl finds trackers, it will distribute them in the tracker sections in the TrackerControl app. The app also displays the countries to which the active applications transfer your personal data.
TrackerControl can also block the built-in trackers, but to do that you need the full version of the app, which is also free, and you can find it at The official TrackerControl website†
The full version lets you choose which trackers you want to block, but first you need to know that no app can provide 100% protection against tracking and blocking trackers can prevent some apps from working properly.