This week in Apps That Screw You Over, Pandora comes front and center. Federal investigators set their sights on the music streaming site’s mobile app to determine whether or not it was collecting and distributing private user information to third parties – illegally. Of course, Pandora isn’t the only app being surveyed, and claims that apps are being looked at “on an industry-wide basis.”
While the results of the investigation aren’t in yet, Internet security firm Veracode decided to conduct its own research into the matter. And according to the company, “your personal information is being transmitted to advertising agencies in mass quantities.” Veracode claims that its own tests revealed that the Pandora app for Android is tied to advertisement libraries for AdMarvel, AdMob, comScore (SecureStudies), Google.Ads, and Medialerts. The study also took at look at what kinds of data Pandora is storing in these libraries. GPS locations, user birthdays, genders, and postal codes were among the types of information the app has been giving away.
Of course, Pandora does have a decent defense in this situation. The music streaming service claims that in order to generate music based on your preferences, it needs to access some of this personal information.
Finding that mobile apps are sharing user info with third parties isn’t a revelation, but Pandora is currently in the midst of going public and would do well to stay out of any legal trouble during the time being. Veracode puts its allegations into context, saying, “consider for a moment that your current location is being tracked while you are at your home, office, or significant other’s house. Couple that with your gender and age and then with your geolocated IP address. When all that is placed into a single basket, it’s pretty easy to determine who someone is, what they do for a living, who they associate with, and any number of other traits about them.” Of course, this won’t get too serious until the federal investigation comes to a close, whenever that will be.