In general, after you install an app on Android or iOS, when you launch it for the first time, apps will ask for your permissions to get access to your private data such as messages, call logs, photos and more. When you deny permissions, you assume that apps will not have access to that particular private data. Researchers have now proved that apps are stealing your private data even after you deny permissions. According to researchers, 1,325 Android apps available in Play Store violated permissions by using workarounds to steal personal data from Wi-Fi connections, metadata stored in photos and more.
Shutterfly is one of the popular photo editing apps available on mobile devices. Shutterfly had been collecting location data from photos stored in the mobile and sending the data to its own servers. Even though you had denied Shutterfly to access your location data, it was collection location data through photos. Some apps are even worse, they would scan through unprotected files on a device’s SD card and steal data. Next month, researchers are planing to release more details about these apps.
Google is now aware of these kind of tactics to steal data. Google has now announced that they will fix this issue in the upcoming Android Q update which will be released later this year.