A group of security researchers from the GuardianApp team have discovered 24 iOS apps that were sending user location data along with other sensitive information to third parties for data monetization.

The team of researchers used tools that analyse network traffic to spot these apps, all of which required access to a user’s location data. However, according to the researchers, the apps usually gave users plausible explanations for needing access to their location data, and in many cases not mentioning that the data will be shared with third parties.

apple iOS code leak

Will Strafach, one of the researchers involved in finding these apps said to TechCrunch, “I believe people should be able to use any app they wish on their phone without fear that granting access to sensitive data may mean that this data will be quietly sent off to some entity who they do not know and do not have any desire to do business with.”

According to the researchers, each of the apps they’ve identified needed access to one or more of the following:

  • Bluetooth data
  • precise GPS location
  • WiFi SSIDs

Some of the apps from the list that the researchers have published, include the likes of:

  • Ask.fm: a question and answer app popular among teens, which boasts of millions of users.
  • NOAA Weather Radar: a weather app which, according to the researchers, used location data it obtained for ‘providing weather information’ and sent it to three separate firms.
  • Homes.com: a house finding app that uses location data to find houses nearby, but was also sending data to AreaMetrics.

There are many more apps, and third-party data monetization services that the researchers have named in their article and you can give it a read to find out if any of your favourite apps are misusing your data or not.