Free*

File Transferring among various devices such as Personal Computers, Mobile Phones Tablets used to depend on several technologies like Bluetooth, Infrared until recently. Though these services were reliable they were not suitable to transfer large content as the transfer speed was several MB per second. With the development in data transmission techniques, new services emerged promising faster file transfer speeds due to their reliability of techniques such as NFC, WiFi, etc. These apps had another advantage of being able to work across different device platforms be it Android, iOS, Windows, etc. and it helped to increase their popularity in a rapid face. Among such apps, SHAREit can be considered as one of the leaders in the category, which has been downloaded for over 1.8 billion times across 200 countries and have around 500 million active users as well. 

Unlike social media apps, which are notorious for their data and privacy practices, these File transfer apps are not considered to be harmful. But do they really operate with fewer privacy data? We are about to explore this by looking at the privacy disclosure of SHAREit App.

The App collects your personal information if you open an account or use another service like Twitter, Facebook to log in, which includes your basic personal details along with email address, mobile number, etc.

Furthermore, when you use the service, the app may collect Location data related to your device. This does not limit to the usual GPS data, but also data from “WiFi, compass, accelerometer or other sensors in your mobile device”

Therefore it appears that the app may be using a number of hardware in the device you to transfer file and content while gathering several location related data that can affect your data privacy. 

Another controversial point that appears is that the App possibly collects data about the other activities that you perform while you are using SHAREit. 

As per the privacy statement, your personal and usage data is collected to function the services of the App. And they may require to transfer user data to countries such as “the People’s Republic of China or Singapore.” China is known for its controversial personal data monitoring and usage, and this is further enhanced by the fact that the parent company ushareit has Chinese roots.

But the company states that depending on the applicability of laws, the users will be able to request their personal data, restrict or even erase them by sending their request to dpo@ushareit.com

Furthermore, the statement explains that the company will not share your personal data with third parties without consent. But there are certain exceptions such as under the mandatory requirement from government authorities, For the purpose of academic research or the public interest, to safeguard our legitimate rights and interests, etc. 

  “The information that you transfer, send and/or share through the Application, the Services and/or the Site may be intercepted, collected, used and disclosed by third parties” For which the company is not responsible and the users need to take necessary security measures to avoid such incidents.  

Our Verdict: Despite the seemingly safe outlook of the App, ease of use and the transferring speeds, there may be a threat for your data privacy by using SHAREit. Therefore it is advisable to take necessary privacy protection measures in-app and with the support of other apps such as Anti-virus services.

Prevailing social distancing has made people looking of alternative ways to maintain social connections, of which social media, can be considered as the most commonly used medium. This movement has lead to extra demand for apps and social media networks that will allow them to have a better “experience”. Houseparty can be regarded as one such app that is seeing rapid growth due to some of the features that they share with other apps and also features that are unique to Houseparty.

Up in the sky

The sudden rise of the app has made us curious to dig some information about the developer behind the same and also the origin of the app. Houseparty is developed by a company called “Life on Air, Inc.” Epic Games, the company behind Fortnite, one of the highest-grossing games, recently bought the Houseparty app due to the success it achieved. Thus the users can expect to play more exciting games along with Heads Up, Finish the Lyrics, etc., with their friends, or even friends of friends who might suddenly join the chat. Because the app allows users to literally “crash-into-parties” which has been a somewhat controversial feature of the app.

“Any Connection of a participant in a video chat session may join a chat session, with or without an invite from you and whether or not you know him or her”

Rules of the Party

As per usual technology practice, this app also collects your personal details that you provide when signing up for the service which includes, your name, email address, phone number or mailing address. 

Also when you provide authority, the app will also “access your contacts information from your address book on your mobile device or computer”. As per the privacy statement, the app will use these contact details to provide suggestions on friends that are using the service and you might want to invite to the video chat. Further, the statement mentions that the company “will never share your phone number or the phone numbers of third parties in your Contacts with anyone else”

The app organizes certain contests in the app and when you sign up for such events, your contact information will be used for “other promotional, marketing and business purposes”. So you might want to opt-out of such communications if you are concerned about protecting your contact and other information. 

Other than that some of the data such as “(IP) address, cookie identifiers, mobile carrier, mobile advertising identifiers, MAC address, IMEI, and other device identifiers” are collected automatically while you are using the service.

Furthermore, they will receive information about you from third-party services. Another concerning fact would be that the App will receive information such as “your name, your SNS(Social Networking Service) user identification number, your SNS user name, location, sex, birth date, email, profile picture, and your contacts on the SNS” Which means they will receive certain information about you from your other social media accounts.  And there is a possibility that it will send back information regarding you to companies like Facebook as well.

Other than the Cookies, the Social Media Widgets available in the app, such as connecting to Facebook will also retrieve your data such as “IP address, which page you are visiting through our Services, and may set a cookie to enable the feature to function properly”

Furthermore, the App automatically records your Log Data which includes;

1. Browser type, 
2. Operating system
3. Location (to provide Geo-filters, etc.)
4. Users with whom you video chat
5. Access date
6. time spent on features

The Company will retain personal data as long as you use the service or “as necessary to fulfil the purpose(s) for which it was collected”

Good News is that you are able to inform the company to remove or stop collecting some of your personal data and share them with others using in-app settings and by emailing them at hello@houseparty.com

Ask from any teenager today about their go-to-social media app to pass time, most of them will mention Tiktok. This short-video based social media app gained a massive following after revitalizing the app Music.ly, which already had a significant impact on the social medial space. 

Despite the significant growth, there have been several issues that would arise due to the App’s ownership being Chinese origin and the USA’s constant speculations over the privacy and use of data. Were such accusations on the app real? Let’s try to dig deep in the privacy statement and terms of service of Tiktok. 

The app requires and collects basic account information such as username, date of birth, email, mobile number when you sign up directly to the service. Also if you choose to register using other social media accounts (Eg:- Facebook, Twitter, etc.) it will provide your username and public profile on that social media site and in return, Tiktok will share information such as App ID, Access Token, Referring URL. This will allow other Social Media to track and identify your account.  

To “infer your likely interests” Tiktok will use both information you provide them with Third-party information which will include data such as websites visited, apps you have downloaded and purchases you have made.  As same as other apps, Tiktok also collects data related to your device’s software, hardware and network details and configurations. 

We allow our business partners, advertising networks, and other advertising vendors and service providers (including analytics vendors and service providers) to collect information about your online activities through Cookies

Such data can be used to identify a particular person across multiple websites and apps. “We link your contact or subscriber information with your activity on our Platform across all your devices, using your email or other log-in or device information” So for what Tiktok use all our information for? There is a lengthy list that they provide and following are some of the “reasons”. 

• notify you about changes to our service;
• provide you with user support;
• enable you to share User Content and interact with other users;
• enable our messenger service to function if you choose to use this function;

Further, it will share with advertisers and other third-parties information such as”…how many and which users of the Platform have viewed or clicked on an advertisement” Along with your Device ID. 

How long will your details remain on the Tiktok servers? Their privacy statement doesn’t provide any specific time period other than “only for so long as we have a legitimate business purpose in keeping such data” After you terminate your use of service they will still store your information in an aggregated and anonymised format. 

Here’s some good news! You can request Tiktok to;

1. Not share your data with Third-parties
2. Disclose the data they have related to you
3. Erase and dispose of your personal data

But they also state that it by doing so they “may not be able to fulfil your requests and you may not be able to use some of TikTok features and functionality” 

You have to email privacy@tiktok.com to exercise your rights 

From notorious connotations as a sexting app, Snapchat grew rapidly in the social media space, challenging the existing presence of Facebook as the King of content. On the outlook, these images, videos based app seems less privacy threatening compared to Facebook but is it the reality? Let’s find out. 

Snapchat collects the information you provide when you register for the service. These include things such as your name, username, password, email address, mobile number, etc. Other than that they also collect “whatever information you send through our services, such as Snaps and Chats.” 

So now you got registered and it’s time to start snap-chatting! When you are doing so the app automatically collects data in order to understand how you use and interact with the app and its features. “We might know, for instance, that you watched a particular Story, saw a specific ad for a certain period of time, and sent a few Snaps.” Further, they collect information about your activities such as the filters you use, stories you watch on Discover and the search queries you make. (In other words, they know when you open a message or screenshot it!)

Generally being a mobile app they collect a wide range of device-specific data including but not limited to “the hardware model, operating system version, device memory, advertising identifiers, unique application identifiers, apps installed, unique device identifiers, Information from device sensors, such as accelerometers, gyroscopes, compasses.” 

Is that all they know about you? Not really. They collect information from third-party services such as Advertisers, App Developers, and Publishers who will share data with Snap Inc. By combining both Internal and External information they are able to target ads and promotions better for you. (After all it is a free service. Right?)

Other than for developments, bug fixes, analytics, ad targeting related to the app if you are an Apple user they collect some additional information as well. As the Privacy Statement puts it; 

We may also use information from Apple’s TrueDepth camera to improve the quality of Lenses. Information from the TrueDepth camera is used in real-time—we don’t store this information on our servers or share it with third parties.

The best thing about the Snap, in fact, the initial concept on the service was based on building a messaging service based on disappearing traces. Therefore the information they collect might also delete automatically? Well, some will do and some won’t. 

• Snaps and Chats will be automatically deleted by default when they are opened or expired. 
• Basic account information is stored until you request to delete them.
• Store time varies for location-based data
  • If you use the Map, information about your favourite places will be stored up to 40 days
  • If they are associated with your content (Snaps/Memories/Our Story) they will be retained until the particular content exist. 

Say after going through our article you feel like ending your “Streak”;

“If you ever decide to stop using Snapchat, you can just ask us to delete your account. We’ll also delete most of the information we’ve collected about you after you’ve been inactive for a while—but don’t worry, we’ll try to contact you first!”

But they are also unable to assure that the deletion process will occur “within a specific timeframe”, due to the reasons such as Legal requirements to store data, etc. 

Now you know how every time you open Snapchat your screen get flooded with content also how they apply popular filters, be it the Puppy face or Geo filters. It all about Information! 

Check out our online publishing partner for Free*, Pulse for more articles on this and so much more

Covid-19 Pandemic is disrupting the routine lifestyle of people around the world and as a result of same, work-from-home has become the new “norm” in the work culture. Thus video conferencing apps and related services has picked up rapid growth amidst social distancing initiative. One such beneficiary of the new trend is Zoom, which not only supports employees and corporates but also students and universities and everyone else to stay connected with friends and family.

As Zoom gathers momentum, Users and Developers are finding some of the security and privacy-related issues related to the services which include,” Zoombombing” where some people entering video calls without invitations and sharing irrelevant and unsuitable content. Furthermore, Washington Post reported that thousands of recorded Zoom meetings which were kept in the cloud service were available on simple search results.

Therefore we thought that it is the ideal time to go through the company’s privacy statements and understand if they have mentioned such possibilities of Privacy and Security breaches.

“We do not sell your personal data”

“We do not allow marketing companies, advertisers or similar companies to access personal data in exchange for payment”

The company mentions that they do not share user data that were gathered through Zoom services (Eg:- Video call) or through their website to any third party. But as per an article by VICE, they have observed that Zoom iOS app sending some analytics data to Facebook, even if that person is not a Facebook user!

The Zoom app notifies Facebook when the user opens the app, details on the user’s device such as the model, the time zone and city they are connecting from, which phone carrier they are using, and a unique advertiser identifier created by the user’s device which companies can use to target a user with advertisements

This is contradictory to what the Privacy statement explains, as we further explain below.

Furthermore, they state that they don’t monitor or store meetings unless the host request to store recordings either locally or on Zoom’s cloud storages.

“We have robust and validated access controls to prevent unauthorized access to meeting recordings saved to the Zoom cloud. “

Yet it can be seen that there are several instances where recorded meetings were available on the open web without any security and privacy protection.

 As per the statement, they only collect data that is required to facilitate meetings uninterrupted. They collect data such as Your name, username and email address, or phone number, IP Address, Nearest City location data, chat /  instant messages, files, whiteboards, and other information shared while using the service.

Are you still watching?

 One of the questionable tools of Zoom is their “Attention Tracking” feature, which allows the meeting host to know whether Zoom is the active window of the participants’ devices. The company has been promoting the feature, especially to the Education providers. But for the employees who work from home, this feature would even curtail their privacy as well.

“Neither the meeting host nor Zoom can see or access any other applications on a participant’s screen or computer”  

Zoom states that they will gather marketing information when you visit their marketing sites (Zoom.us and Zoom.com) and other than the information you may provide when signing up, they will collect

(IP) addresses, browser type, the Internet service provider (ISP), referrer URL, exit pages, the files viewed on our marketing sites (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data Which will use to understand your behaviour around the site.

With regarding the Data retention period, as per the statement, the company will hold the personal data collected for “as long as required to do what we say we will in this policy” But you have the ability to delete their “content” and EU and California State citizens receive further rights due GDPR and CCPA Acts. 

Facebook group is so expanded that it is almost impossible to escape their presence in the Social Media space. Whether it is photo sharing, general social networking, or peer-to-peer messaging FB Inc. has a widely used app in any category. Some which were developed by the company themselves, or acquired from the promising competitors, where Whatsapp is one such acquisition that became highly successful. This messaging app revolutionized the text-based communication category, which can even be called SMS on steroids (if you know what we mean). This is due to the number of facilities such as multimedia sharing that were provided for the users Free of charge. (PS: – Except before they were acquired by Facebook, where they charged a $0.99 fee after a year)

The Information they collect from you

Since the App is mobile phone number based, one of the most important information they collect is your mobile number along with the other numbers in your address book which is collected on a regular basis. This means Whatsapp get both contacts of the users who use the app and don’t use the app as well.

The messages you send are deleted from the servers once they get delivered and the once which are not delivered will be stored for 30 days on the Whatsapp servers as they attempt to deliver same. According to the company, no message will be stored for over 30 days.

But to improve performance and efficiency they will store a particular photo or a video which has gone viral and lots of people are sharing that at the same time.

Information such as Usage and Logging details, Transactional, Device and Connection details are collected automatically by the App.

Furthermore, they receive Third-Party information “which may include information about you” as per their privacy statement. These are collected from the people whom have you as a contact on their Whatsapp. Also, they receive details from Third-parties who help the app to operate, improve, support, etc.

How they use the information they collect

As per the statement, they use the information for the operations and the security enhancements of the app and service and also to communicate information related to other Facebook group apps and services. The Policy further states that they don’t have any intention yet to put third-party ad banners on the app.

The app will also use the information they receive from other Facebook products to improve the service and the user experience. Eg: – Suggestions friends, connections or interesting content. But emphasize the fact that the messages would not be shared with others.

This suggests that the companies might be using the content and behaviour of the users to aggregate data and increase their value to target you with better ads.

So let’s say you want to control your Whatsapp usage? You have to use the settings provided In-App such as Privacy settings. And if you want to delete the account itself, you have to use the Delete account feature.

When you delete the account, all messages will be deleted from the servers along with any other information that the company no longer need to provide their service. Does this hint that the company will retain some information direct or indirect even after we delete the account?

“You agree to our data practices, including the collection, use, processing, and sharing of your information as described in our Privacy Policy, as well as the transfer and processing of your information to the United States and other countries globally where we have or use facilities, service providers, or partners, regardless of where you use our Services”

• Whatsapp Privacy Policy –

The statement requires the users to be at least 13 years old to use the service, but there is no mention as to how they would ensure the same.

The Whatsapp Parties will not be liable for any losses, indirect or “incidental” relating to any communication with Whatsapp services. Even if the company have been advised of the possibility of such damages. 

Since Whatsapp Acts as a messaging app, unlike Instagram or Facebook which are more content-based, it can be seen there is less privacy risk associate with the App. But since it is now a part of Facebook Inc. it is doubtable how “private” our private information would be given the notorious claims regarding the group of companies.

On a concluding note, did you know that the maximum aggregate liability that the company will bear is $100?

Resources :

Whatsapp Legal Info as at 20^th of Nov 2019. Available at https://www.whatsapp.com/legal/#key-updates

Check out our online publishing partner for Free*, Pulse for more articles on this and so much more

Way back on 6^th of Oct, 2010 and app was launched which is based on building social connections through photo sharing, where the first ever post was a picture of one of the founder’s dog. Ever since then the only way for the company was up as it saw a massive growth to the point where the King of Social Networks Mark Zuckerberg himself felt a threat from this new entrant and eventually acquired it under Facebook Inc. In the 2^nd Episode of Free* Season 1 we are talking about none other than Instagram !

Being one of the 1 Billion! Monthly active users , and of the 69% who logs at least once per day, and spend around 28 minutes per day by 2020, we hope that you should understand what you what rights and data you might directly or indirectly give to the company.

Since it is part of the Facebook group, the Terms and Conditions of Instagram is similar to that of its parent company app. It collects the details we provide directly when we first sign up which would include; Username, Passwords and email address other profile information, content we create such as photos, comments,  and communications between the users and Instagram.

Other than that they will collect “information in or about the content you provide (like metadata), such as the location of a photo or the date a file was created” and the details from the main hardware, your Camera when you capture that selfie with Puppy filter on.

“We collect information about how you use our Products, such as the types of content you view or engage with; the features you use; the actions you take; the people or accounts you interact with; and the time, frequency and duration of your activities”

Furthermore as same as Facebook, it collects a variety of Data about the devices we use, background activities, device IDs, Location details, IP address. Furthermore through Metadata they would collect latitude and longitude information as well.

As per the company “We don’t sell any of your information to anyone, and we never will. We also impose strict restrictions on how our partners can use and disclose the data we provide”

The data they provide to advertisers are aggregated and so the people who use the data won’t be able to identify what data belong to which user.

 “When you subscribe to receive premium content, or buy something from a seller in our Products, the content creator or seller can receive your public information and other information you share with them, as well as the information needed to complete the transaction, including shipping and contact details”.

The information you provide might remain even after you change or delete those information, in cached or archived pages, or if the other Users or third parties have already copied them.

User data will be stored for a “commercially reasonable timer for backup, archival and /or audit purposes”.

These are some of the rights you provide Instagram for using the app and agreeing for their terms

Sources:

1. Instagram Privacy Policy – as at 15^th of Nov 2019
2. Instagram Terms of Use – as at 26^th of Nov 2019
3. https://blog.hootsuite.com/instagram-statistics/

Check out our online publishing partner for Free*, Pulse for more articles on this and so much more

In this first Season we focus on the Social media apps we all use daily. Whether to check on some updates of your friend or just to pass time laughing at that meme or video. First Episode is on none other than Facebook, which is arguably the social media platform majority of the Sri Lankan internet users are part of. Looking at the numbers according to the statistics from NapoleanCat^[1] by October 2019 around 6,335,000 or roughly 30% of the entire Sri Lankan population have an account and regularly use Facebook. Whether you use the Web version or the mobile version through facebook app ( which makes it much more easy to collect Data about you ) there are a number of Terms and Conditions or Terms of Service as they call it that is applicable, which gives Facebook Inc. permission to collect various kinds of Data about you.

Let’s reveal !

As per the latest version of Facebook Terms and Conditions^[2], the amount and the type of Data that is collected depends on how we use the Facebook products, these are some of the main Data types they collect

• Content, communications and other information that you provide when you use Facebook’s products along with the information you provide at sign up
• Can contain “create or share content and message or communicate with others” and metadata such as Location as well
• Collect contact information if we “…choose to upload, sync or import it from a device (such as an address book or call log or SMS log history)”
• All the activities such as scrolling down, mouse movements are monitored when we are on the site to analyze and learn our behavior.

If you are a person who buy things on Facebook , below are some of the facts that you really want to know ;

• “includes payment information, such as your credit or debit card number and other card information
• other account and authentication information
• and billing, delivery and contact details.

They collect these information and data not only from Computers and Mobile devices but also from Connected TVs and other Web-connected devices as well. Which includes all the personal assistant enabled speakers such as Google Home, Alexa, etc.

Did you know that partners companies of Facebook provide information about our activities Off Facebook also ! So even if you log out from the site or app, when you use the internet you data will be connected by various companies and they will send them to Facebook.

Some of the Information they collect are the following :

• What is the device we are using
• Websites we visit
• Purchases we make and
• Ads we see

Even if you think that if we don’t have a Facebook account or logged out of it , still some of your Data will be with Facebook, those they get through various APIs (the process where the websites communicate with servers ). These can be from certain online games we play, purchases we make. Therefore it can be seen that technically both Online and Offline actions we make is monitored through Facebook and their partners.

As per the statement they collect these data to “… To create personalised Products that are unique and relevant to you, we use your connections, preferences, interests and activities based on the data that we collect and learn from you and others (including any data with special protections you choose to provide) “  

So as you can see, they pretty much know not only about the 2.45 billion monthly active users on Facebook as of September 30, 2019^[3] but also about a population that don’t even have an Account in Facebook or in any other family app.

The statement further says that they can share or provide access to public information of users to anyone on or off Facebook products. And that they don’t sell our data but they just provide aggregated data where data can not be separated into individual users.

Now you know what kind of Data Facebook has about you, and the massive size of the company and its product family have made it hard to protect our data from them. Because they have accumulated enough power even to collect data from third parties and again share it with third parties as the cost of providing a space to “Scroll Down” forever, looking at all the positive, and negative content that they want us to see.

Coming up in the next episode , Instagram. World’s most famous photo sharing app !

Check out our online publishing partner for Free*, Pulse for more articles on this and so much more

^[1] https://napoleoncat.com/stats/social-media-users-in-sri_lanka/2019/10

^[2]  Accessed on 25/10/2019

^[3] https://newsroom.fb.com/company-info/