The app you exited always restarts suddenly? Beware of privacy leaks

Apps "steal" and waste traffic, so be careful of privacy leaks

​​

Apps that had been exited suddenly started up in the middle of the night, and apps that had not been used for a long time generated traffic on their own...Beijing Youth Daily reporters found that the harm caused to users by these apps that "run secretly" in the background is far more than just "stealing traffic."

On April 20, the Ministry of Industry and Information Technology stated that it will issue a series of industry standards to provide policy and standard support for App personal information protection supervision.

The App that exits the program always starts up suddenly

As most telecommunications companies have launched data packages or data plans, there is no limit on the speed limit for exceeding the data limit. This makes many users no longer pay attention to where their mobile data is going, which gives apps that secretly start or run in the background an opportunity to take advantage of it.

Recently, Ms. Ma, who likes sports, encountered a bad thing. She received reminders from the mobile monitoring app almost every night. An app called "MalaMala" in her mobile phone always suddenly started up in the middle of the night and refreshed frequently. "I have an Android phone. Every time I finish using this app, I will exit it, but it always starts up by itself. Is it to steal my data?"

In fact, Ms. Ma's experience is not an isolated case. Reader Ms. Zhang recently discovered that her mobile phone, which had been idle for a while, had consumed data. "Except for occasionally turning it on to look at photos and charging it, I hardly use this phone." However, this month she received a data bill for her mobile phone. Although the data was only a few dozen megabytes (M), she didn't understand why a basically idle mobile phone would generate data. After consulting the mobile phone manufacturer, Ms. Zhang found that in addition to the mobile phone system consuming some data due to positioning, ID services, and push notifications, some apps that had not been activated for nearly a year also "silently" consumed some data.

Among the apps that consumed data displayed by Ms. Zhang, the Beijing Youth Daily reporter noticed that some apps were still at the initial "Welcome" interface, and some required the user to enter an account number and password, which was obviously because they had not been used for a long time. However, these apps continued to consume data even after Ms. Zhang had left her phone idle.

Some netizens also reported that some programs consumed data without being used. In the Apple community, some netizens said that there was a "deleted program" on their phone that generated data. More than 40 consumers had the same experience.

Focus on App "sneak peek" to get users to buy more traffic?

Where does all this traffic go? In response to the questions raised by readers and netizens, Beijing Youth Daily reporters contacted some app operating companies and mobile phone manufacturers. Except for some mobile phone manufacturers confirming that system programs "by default" consume some traffic to provide necessary services, most app operators did not clearly state the reason why the apps "privately" consume traffic.

Some netizens said that these apps "steal data" in order to consume data quickly, so that users can buy more data packages from operators. This statement has been recognized by many people online.

However, the Beijing Youth Daily reporter interviewed some people in the App development industry, and they thought this statement was unreliable. They had never experienced or heard of any App having such cooperation with operators. Moreover, it is basically impossible for operators to know which App "contributed" the traffic generated in the user's mobile phone. "The basic functions of counting App usage are provided by mobile phone manufacturers. Telecom operators cannot participate in it, and they cannot design a distribution model." At present, there are about 3 million mobile apps in my country, and this number is increasing every day. Faced with such a large number of apps, the so-called "operator participation in profit sharing" is obviously untenable. At present, the price of traffic is getting more and more favorable. In terms of the traffic contributed by video apps, the traffic provided by these "privately" running apps is almost not worth mentioning, and operators are unlikely to "cooperate" with them for this.

Beware that in addition to click-throughs, user information may also be leaked

Does this mean that these apps that are "secretly" generated have basically no impact on consumers except for causing a small loss of traffic? Industry insiders said that compared with the loss caused by a small amount of traffic, it is more worthy of consumers' vigilance to why these apps "secretly" generate traffic.

"There are generally two situations: one is that malicious apps increase traffic by 'kidnapping' mobile phones. The other is that apps 'privately' upload user information," said an app engineer who did not want to be named.

He further explained that in order to obtain click-through rates from target websites, malicious apps make the phone "click" related websites or advertising pages in the background. In this case, the basic traffic consumption is huge in a short period of time, and "it is common to consume one or two GB in an hour."

In the other case, although the traffic loss is not much, the risk of information leakage to users is greater. Many apps will make some "unauthorized requests" that are irrelevant to the use of the app at the beginning of installation. For example, some wallpaper apps require authorization for "calls", "contacts", "text messages", etc., which is obviously excessive authorization. Once the user agrees, these apps may upload user information to the server. This is why some apps still generate data traffic even if they have not been used for a long time. Most of them upload user information in the background.

The Interim Provisions on the Protection and Management of Personal Information on Apps will be released

In order to reduce or avoid the "unauthorized" use of mobile apps, or even avoid downloading malicious apps, industry insiders recommend that users download apps from official channels and avoid downloading unknown apps easily. Regularly observe the traffic usage of apps, and delete some apps that consume a lot of traffic in a timely manner. After using an app, remember to completely close it instead of simply exiting it. Every time you install a new app, carefully read the authorization details to avoid unnecessary authorization. Some software that has been found to have "unauthorized" can also limit its startup permissions through the phone settings.

Not only should users pay attention to the methods and approaches when using apps, the Ministry of Industry and Information Technology and local communications administration bureaus have also long begun to report and handle apps that infringe on user rights.

In March this year, Xiao Yaqing, Minister of Industry and Information Technology, said that there are nearly 3 million mobile apps on the market. The Ministry of Industry and Information Technology, together with relevant departments, has specially rectified the problems that the public has strongly complained about. This year, the requirements for app rectification will be further improved, and apps that refuse to accept rectification will be resolutely removed from the shelves. At the same time, in terms of supervision, the capabilities of technical equipment must be improved. First of all, it must be ensured that loopholes in information protection can be detected and advertising information can be effectively intercepted.

On April 20, Zhao Zhiguo, spokesman of the Ministry of Industry and Information Technology and director of the Information and Communications Administration, reported that since the beginning of this year, the Ministry of Industry and Information Technology has completed technical inspections of 290,000 apps, put forward rectification requirements for 1,862 illegal apps, publicly reported 319 apps that had not been rectified, and organized the removal of 107 apps that refused to rectify.

At the same time, the Ministry of Industry and Information Technology will, on the basis of fully soliciting opinions, jointly with relevant departments issue the "Interim Provisions on App Personal Information Protection Management", organize the formulation of a series of industry standards such as the "App User Rights Protection Evaluation Specifications" and the "App Collection and Use of Personal Information Minimum Necessary Assessment Specifications", to provide policy and standard support for App personal information protection supervision.