Today is Data protection day here in Europe which is a perfect opportunity to publish a blog post assessing mobile applications which target Jersey users.
For these tests, I am using an online scanning utility from a French non-profit organisation named Exodus Privacy. They provide an excellent online tool (and mobile app) which can be used to remotely download and inspect mobile apps.
Throughout this post I test Android apps because of its dominant market share, however iOS users should expect near-identical tracking in the iOS versions of these apps. Users of iPhones and iPads are viewed by marketers as a more affluent demographic and their data sells for a higher price. If anything, you can expect greater tracking and targeting efforts.
First up is Love Jersey, an eGov project app launched by the Department for Infrastructure (DfI) for users to report problems such as potholes or fly-tipping. From a privacy perspective, this is a fine start for eGov as it contains zero trackers. You can view the third-party test results here. It does need camera and location access, however this is necessary for the intended use and should be acceptable to most users. I can recommend this app.
If you prefer to skip the app and use the website instead, I have some bad news. This scheme was launched less than two years ago, however the eGov webpage for reporting problems online appears to already be abandoned and is no longer secure. Visitors using a modern web browser will see prominent warnings instead of the “Love Jersey” website, and should not use the website until this security issue is resolved.
Active Jersey is a local physical fitness membership scheme, and you can sign up for personal training, rehabilitation, swim classes, and much more. It’s a great idea but their app contains three separate trackers from Facebook. This is particularly concerning because if you’ve ever logged in to Facebook on your mobile they have your unique mobile Advertising ID.
This mobile app quietly transmits sensitive user data about you to Facebook, whether you have a Facebook account or not. For more information on this topic please see this BuzzFeed News article.
Privacy minded users should probably stick to ringing their local facility to make bookings.
This app enables users to pay for parking using their mobile. That is convenient but you are trading a significant amount of privacy and personal data for that convenience. This app contains the most trackers I have ever seen, eleven different tracking packages from Facebook, Google, and numerous other data brokers!
The inbuilt trackers for this app record everything you are doing and describe how they can even track you across different devices. If you like being relentlessly tracked by some of the creepiest companies on the internet, this app is for you.
Privacy minded users, stick to using Pay Cards for now. I don’t like them either, but the alternative is worse.
Yoti - your digital identity
This is a relatively new “Digital ID” app so you should expect that the application developers can identify you, that’s the point after all.
Privacy minded users, just keep using a photo ID as before. These work perfectly well, never run out of charge, and do not constantly phone home to advertising companies. That’s a feature, not a bug.