Skip to main content

Robocall-blocking apps might be sending your private data to third parties

Image used with permission by copyright holder

If you get a ton of robocalls, installing an app promising to block them might sound like a good idea. Robocalls are a huge problem, and a blocker seems like a quick and easy solution for improving the situation. Turns out, the apps might be violating your privacy starting from the second you open them.

A security consultant for the cybersecurity firm NCC Group took a look at some of the most popular robocall-blocking apps, and found a number of privacy violations, TechCrunch reports.

The apps they looked at include TrapCall, Hiya, and Truecaller. According to the firm, the apps will send user and/or device data to third-party analytics companies with the intent of monetizing your data, without asking for your expressed consent to do so. In many cases that information was also transmitted before a user was presented with the app’s privacy policy.

According to the firm, those apps are in violation of Apple’s guidelines which require an app to gain permission from a user before it sends any data to third parties.

The consultant argues that most smartphone users don’t have a technical background and are not able to tell what information is being shared with third parties. A privacy policy, which let’s face it most people don’t read, it really the only chance a user has to know where their information is being shared.

NCC Group contacted all of the apps in question about the privacy issues, but none of them made any changes until the group contacted Apple, after which TrapCall updated its privacy policy. Truecaller has reportedly since fixed the issue that allowed data to be sent when the app is opened.

Robocalls are becoming an increasingly larger problem for cell phone users. In June, the Federal Communications Commission (FCC) voted to allow companies to block robocalls by default.

All of the major carriers in the United States currently offer some form of robocall blocking; however, customers have to opt-in for those services. The new FCC regulations allow carriers to block those calls without a user expressly opting in for them to do so — though some wireless providers will now charge you for the privilege. 

Editors' Recommendations

Emily Price
Emily is a freelance writer based in San Francisco. Her book "Productivity Hacks: 500+ Easy Ways to Accomplish More at…
iCloud doesn’t encrypt your data, but these cloud storage apps do
Encrypted Cloud

By now, it's well-known that Apple does not encrypt your iCloud backups, but there's no need to fret. There are plenty of other ways to accomplish the task of securely backing up your data to the cloud. Several services offer more secure storage with various encryption options. Here are the iOS apps to consider if privacy is your thing.
Tresorit

Tresorit offers encryption services for business, enterprise, and personal users. Secured with AES 256 end-to-end encryption, your files are safe both on the company’s servers and while in-transit to your device. Tresorit stores your data across multiple Microsoft Azure data centers in the European Union. The company is headquartered in Switzerland, which has stricter privacy laws than most other countries, including the U.S. Tresorit features include document version tracking and the ability to share drive documents securely. Prices range from free to $24 per month.

Read more
Ring allows undisclosed third parties to track you through its Android app
ring video doorbells free amazon echo show 5 doorbell pro

Amazon Ring’s Android app has been found to allow third-party trackers access to your data like your name, IP address, mobile network carrier, and more. 

The Electronic Frontier Foundation (EFF) published a report on Monday, January 27, about an investigation into Ring’s Android app. The investigation found analytics and marketing companies not mentioned in Ring’s privacy notice have access to your data directly through the Ring app.

Read more
iOS 13 bug allows third-party keyboards to upload your data without permission

iOS 13 has had a turbulent first few weeks as users continue to discover a new glitch seemingly every other day. Apple has quickly come to the rescue by releasing iOS 13.1 a week early but it turns out, the update doesn’t squash all the bugs.

In a brief advisory, Apple has warned iPhone and iPad owners about a bug concerning third-party keyboards. The issue allows any installed third-party keyboard like Gboard or Swiftkey to grant themselves "full-access" permissions -- without your authorization.

Read more