Pandora App Sends Private Data To Advertisers

Trailrunner7 writes "An analysis of the popular free mobile application from online music service Pandora.com that is the subject of a grand jury investigation into loose data privacy practices in the mobile application market confirms that the application silently sends reams of sensitive data to advertisers. The analysis was conducted by application security firm Veracode and found that Pandora's free mobile application for Android phones tracked and submitted a range of data, including the user's gender, geographic location and the unique ID of their phone, according to an entry on Veracode's blog."

Wait a minute...

[Nidi62]

So, you mean all those ads at the bottom of the Pandora app that were specific to my home town wasn't just a random coincidence? How is it taking these things "silently" when it tells you exactly what you are giving it access too? Obviously, knowing where you live has no bearing on the type of music it's going to play. What else did people think this was going to be used for?

what do you expect for free?

[alen]

seriously, what do you expect from a free app that streams licensed music that they had to pay for? a bunch of ads no one clicks on?

this is how google makes money, metrics. everyone is doing it as well.

Live in Application

[ObsessiveMathsFreak]

The big problem here is that whenever you install any application, you're technically giving the designers virtually free reign to do whatever they like with your system/PC/phone/whatever.

Once permitted in, most commercial applications barge into your PC, rewrite whatever files they please, alter configuration settings, gobble up memory, install themselves as startup applications and often install an entire suite of unwanted applications and advertisements you didn't even ask for. Then they plonk themselves down in your living room, feet on the sofa, and begin to shout at you, along with all the dozens of other loudmouth applications you've invited in.

Re:What about iOS version?

[Anonymous Coward]

You should also uninstall the internet, because almost all ads use targeting. This story is pointless.

Re:what do you expect for free?

[Anonymous Coward]

In other news, it's only bad (or "evil") when Google does it.

Re:As I said last time

[Gutboy]

Google needs to allow you to authorize specific permissions for apps, not their current 'all or nothing' system. This way you could say "Yes, you can have my position because I believe a GPS mapping system needs that, but no you can't have my address book, since a GPS system doesn't need that". Sure it would screw advertisers over, but I don't care about them. Not everything in the world needs to have advertising on it.

Re:As I said last time

[Belial6]

Every time this comes up, the Android folks say that they uninstalled Pandora when they tried to get assess to our personal data. No one talks about the data stealing on iPhones. Is that because we know they are not doing it on iPhone, or because the iPhone doesn't warn the user that the app is stealing their data.