Stay Safe From App Tracking

This article is part of the On Tech newsletter. You can sign up here to receive it weekdays.

Thorin Klosowski dug deep into new disclosures from iPhone apps that show what information they collect about us and for what purpose.

He emerged both confused and concerned about our digital economy, which relies on apps that are obfuscating what is happening with our personal information.

Thorin, an editor for The New York Times’s product review site Wirecutter, spoke with me about his research into the app tracking disclosures of 250 iPhone apps, why people should care about app tracking and tips for people to protect their information.

Why should people be bothered by digital data collection? If a weather app knows all of the times I went to McDonald’s and in return I get local weather forecasts, isn’t that a fair trade?

For many people, yes. But it’s not a truly informed trade.

Let’s say you see in the description in the iPhone app store that a weather app records your location all of the time and keeps a record of all of the apps where you have entered the same email address. You have no way of knowing what the app maker needs that data for or whether that information is sold or shared with other companies.

What could go wrong?

The facial recognition start-up Clearview AI is an example of what happens when information that we put out in the world for one purpose gets collected and used for another — in that case, assembling an online photo database of millions of people — that none of the participants really consented to.

We have little control about what happens to our personal information. Even just trying to understand what happens to our data is exhausting. I have written about digital privacy for years, and I still find it extremely complicated.

Is the bottom line that these Apple app privacy disclosures, which are modeled on food nutrition labels, are better than nothing but still not very useful?

That’s it. These labels lack context. You can’t compare apps easily, so it’s difficult to know what’s normal activity for an app in any category, and what might be overreaching.

And after spending far more time than I anticipated digging into this, I’m not confident that this information on app tracking is helpful. I’m glad that the Apple privacy labels exist, but only as a first step for the public to understand how the whole data-collection economy is fundamentally broken.

Let’s find something positive! Are there apps that you have looked at that collect relatively little data?

The messaging app Signal is one, and a notes app called Bear. And almost all of the games that were part of Apple Arcade, the company’s $4.99 monthly video game subscription service, appeared to have minimal data collection.

What’s your advice to people who are concerned about their personal data being collected?

Apps on your phone that you’re not using regularly needlessly expose you to more data collection. My top recommendations are to delete any apps that you’re not using, and don’t download an app at all if you’re going to use it only once or occasionally. Using the website version of a service instead of the app is often a better alternative because the data collection tends to be less aggressive.

If you had absolute power, what’s one thing that you would change to better preserve our personal data?

I think I would get rid of personalized advertising that’s based on what we do, where we go or what our interests are. Digital ads based on our personal information are at the root of what’s wrong with our online economy.

Read more: Android said that it planned to follow Apple’s lead in requiring data collection disclosures in its app store. The Android data tracking labels will start next year.

Tip of the Week

Personalized ads aren’t just on apps, they can follow you around websites, too. Here is Brian X. Chen, the consumer technology columnist for The Times, on ways to keep digital companies from collecting our personal information:

Targeted ads are creepy. If you were window shopping in real life and looked at a pair of expensive shoes, would you want a flyer for the shoes to be permanently stuck to your car? That’s basically how personalized online ads behave. I call them stalker ads.

A few years ago, I wrote a column on defeating stalker ads with brute force. Most of that advice is still relevant today. The bottom line is that you need multiple techniques to block ads on the web and inside mobile apps. Here are a few steps:

  • Install an ad blocker. For your web browser, you can install add-ons that block ads. My favorite one for computer browsers is uBlock Origin, and on iPhones I recommend 1Blocker.

    For Android users, Google banned many ad blockers from its official Play app store. The simplest way to block ads is by using a private web browser, as I detail next.

  • On mobile devices, use a private browser. Firefox Focus, DuckDuckGo and Brave are privacy-centric mobile browsers that include built-in ad and tracker blocking. These are handy when you want to do a discreet web search. I wrote more about these web browsers here.

  • Install a tracker blocker. These detect computer code on websites that snoop on people and prevent the trackers from loading. My favorite tracker blocker for desktop systems is, and for mobile devices I like Barracuda CloudGen Access (free on both iOS and Android). Here is more on Apple’s new settings that allow iPhone owners to ask apps not to track them.

  • A scary computer attack on a fuel pipeline: Cybercriminals forced the temporary shutdown of a pipeline that carries nearly half of the East Coast’s gasoline and jet fuel supply. My colleagues looked at what this might do to fuel prices, and whether such critical infrastructure would be better protected under a White House draft proposal to mandate digital security standards for federal agencies and contractors.

    From last month: Nicole Perlroth explained why infrastructure like pipelines are so vulnerable to ransomware, the type of cyberattack that affected this fuel pipeline.

  • Campus contention over virtual exam proctoring: Some Dartmouth medical students accused of cheating on online exams said that administrators relied on faulty data from course assignment software that tracked student activity during remote exams without their knowledge. My colleagues Natasha Singer and Aaron Krolik examined the campus tensions at Dartmouth and asked: Can technology used to catch cheaters be accurate, fair and transparent?

  • Back to classrooms isn’t that simple: Some children and parents aren’t eager to return to in-person school because they have reordered their lives in the past year in ways they don’t want to undo, my colleague Dana Goldstein reported. It’s a nuanced analysis of what experts call “school hesitancy,” and what officials are doing to convince families to return.

We should love wasps! They control pests, pollinate plants and do other important tasks to help ecosystems, human health and the economy. Also, “they can strip a bird clear of meat within a few hours,” a behavioral ecologist told CNN.