Skip to main content

Houseparty could be a digital privacy nightmare, experts warn

Video chatting app Houseparty has boomed in popularity in the last two weeks, but experts say users could inadvertently be sharing more personal data than they realize.

“Anybody who decides to use the Houseparty application to stay in contact during quarantine needs to be aware that the app collects a worrying amount of personal information,” Ray Walsh, digital privacy expert at the U.K.-based ProPrivacy, said in a statement to Digital Trends. “This includes geo-location data — which could in theory be used to map the location of each user.”

The app, which launched in 2016, reported 2 million downloads last week alone and has become particularly popular among teenagers, who use its informal structure and games to socialize while socially distancing to stop the spread of coronavirus, officially known as COVID-19.

But many users don’t realize how much information Houseparty gathers on its users, Walsh said. He was particularly concerned about what kind of data would be collected if a user were to link a Houseparty account to any other social media accounts that could further collect data from users.

Houseparty App
Image used with permission by copyright holder

It’s also possible that the U.S. government could begin surveilling the app because of its use of geolocation and popularity, he added.

“If the pandemic continues for any prolonged period, the chances that apps like this could be placed under surveillance to monitor how COVID-19 is spreading is a very real possibility,” Walsh wrote.

Gehan Gunasekara, an associate professor in commercial law at the University of Auckland, told Radio New Zealand that Houseparty was a “Trojan horse.”

“You’re essentially allowing this app to access your smartphone and your smartphone tells a lot about you, your movement, your locations, your contacts, how often you contact people, who you communicate with, and they’ll be able to basically track your every move,” he told the site.

Data and privacy expert Suzanne Vergnolle said in a Twitter thread on Houseparty’s privacy and permissions that the app was also likely not compliant with the European Union’s General Data Protection Regulation (GDPR).

Vergnolle added the app was tracking users by default and said requests for data deletion may or may not be honored.

Houseparty hasn’t updated its privacy policy since June 2018, two weeks after GDPR was implemented.

Houseparty did not immediately respond to a request for comment from Digital Trends.

Epic Games, the makers of the massively popular online game Fortnite, bought Houseparty in June 2019.

The CEO of Houseparty, Sima Sistani, at the time said in a statement that Houseparty and Epic “have a common vision to make human interaction easier and more enjoyable, and always with respect for user privacy.”

But Epic Games has previously been under the microscope over privacy concerns of its own.

According to the open-source privacy tracking website PrivacySpy, Epic Games has a dismal 2.3 out of 10 rating for its privacy practices, including allowing third-party access to personal data, and not notifying users in the event of a data breach. The Epic Games store also ran up against the European Union’s then-newly implemented GDPR rules in 2018.

Fortunately, it’s not hard for users to mitigate Houseparty’s lax privacy settings. ProPrivacy noted that users can simply turn location data off and make any and all chat rooms private.

Editors' Recommendations

Maya Shwayder
I'm a multimedia journalist currently based in New England. I previously worked for DW News/Deutsche Welle as an anchor and…
GameStop CEO takes 50% pay cut as some stores begin to reopen
GameStop storefront from outside.

GameStop is beginning to reopen stores in several countries, including the United States, and is making some salary cuts to help weather the coronavirus pandemic.

The gaming retailer is reopening stores in Italy, Germany, and Austria, as well as South Carolina and Georgia in the U.S., and will do the same in other countries and states where legally allowed. One-third of its U.S. locations will remain closed while the remainder will continue curbside pickup.

Read more
‘A staggering problem’: Working from home could lead to massive data leaks
man working from home

The corporate security situation right now is like trying to quickly assemble a shelter during a rainstorm, experts say: Even if you get something set up, you're still likely to have some water leaking through.
Everyone working from home, plus a reported increase in attempted cyberattacks means security systems straining under these unique conditions are especially vulnerable to massive hacks and data breaches -- which could be underway right now and may not be reported about for another six months.
“I’m terrified about it” said Ben Goodman, senior vice president of global business and corporate development at ForgeRock. “A lot of users are being thrust into a work from home environment, and they’re not at all used to this.”

It takes a lot to make sure users are properly implementing security best practices, he told Digital Trends -- practices that most companies didn't train for before employees were forced to work remotely.
“I think we’re going to have an unprecedented number of breaches being announced following the pandemic,” said Kayne McGladrey, member of the Institute of Electrical and Electronics Engineers.
“The amount of risk is at an all-time high,” agreed Chris Hertz, chief revenue officer for the cybersecurity company DivvyCloud. “If I were a cybersecurity professional, I would not be sleeping right now. It’s a staggering problem.”
An annual survey from DivvyCloud reported that 49% of respondents who use the public cloud in their jobs said “their developers and engineers at times ignore or circumvent cloud security and compliance policies.”
In addition, cyberattacks are on the rise, a trend that was already happening before the pandemic, and now has dramatically increased, said Hertz. 2018 and 2019 saw a record number of ransomware attacks that totaled $5 trillion in damages.
“Right now is one of the most critical periods for IT security professionals that we’ve had in last decades,” Hertz told Digital Trends. “As one of my colleagues says, we’ve planned for hurricanes, earthquakes, tornadoes, but not for a pandemic that would send literally everyone home for six to 12 months. That was never the framework we’re thinking of.”

Read more
Is Zoom’s new privacy policy worth a damn? Proceed with caution, experts say
Zoom Meeting

It’s a Zoom world, and we’re just living in it -- but we may still be handing over our private data in the meantime. Use of the popular videoconferencing app Zoom has spiked as work has moved into people’s homes. According to the New York Times, the app saw 600,000 downloads in one day, and that was two weeks ago when COVID-induced lockdowns were just beginning to take effect. It’s no wonder the app has surged in popularity -- it just works. Simply click on a link and have your meeting.

However, a recent investigation by Motherboard revealed Zoom’s iOS app was sending some data about users to Facebook, which was not made clear in the app’s privacy policy. Other investigations by The Intercept showed that the calls were not, in fact, end-to-end encrypted as the company claimed. People were inadvertently sharing their location, which device they were using, and advertising identification data. Even New York State Attorney General Letitia James is looking into the company's privacy practices.

Read more