Millions of people are being spied on by free apps they have installed on their mobile phones, security experts have warned. Many flashlight apps which allow a device to be used as a torch also secretly record the most sensitive personal information. This may include the location of the phone, details of its owner and their contacts, and even the content of text messages.
Flashlight apps downloaded to smart phones may be being used to spy on consumers by market research companies, experts have warned (file image)
The data is then transmitted to market research companies and advertising agencies to track user’s shopping habits, experts claim.
But it is also suspected that criminal gangs, hackers and identity thieves have developed torch apps of their own to obtain personal data about consumers which could give them access to their bank accounts.
The most popular flashlight apps for Android smartphones have been downloaded tens of millions of times.
They include the Super-Bright LED Flashlight, the Brightest Flashlight Free and the Tiny Flashlight+LED.
But few customers realise that many programs have capabilities far beyond switching on the phone’s light, according to American cyber-security firm SnoopWall, whose founder Gary Miliefsky has advised the US government.
Written warnings that data will be passed on to third parties are buried in the lengthy terms and conditions, which very few people read through.
Mr Miliefsky said: ‘We’ve all become victims of installing many apps on our smartphones and tablets that do much more than the service they should provide. We have opened a Pandora’s Box to online predators, cyber criminals and spies – all through these apps we foolishly trust.’
The threat does not apply to the in-built flashlight on Apple’s iPhones.
Technology experts say the warning should serve as a reminder that if an app is free, its business model may involve selling the customer’s data.
American watchdog The Federal Trade Commission last year upheld a complaint against one flashlight app that did not tell customers that information it obtained was being passed to advertisers.
Flashlight apps, such as those pictured above, are hugely popular among smart phone users
The agency said US software designer Goldenshores Technologies deployed ‘deceptive practice’ and that data had been passed on even when users had opted out.
Last night privacy campaigners in Britain called for closer scrutiny.
Emma Carr, director of Big Brother Watch, said: ‘Few of us would expect an app to be able to access our contacts lists, text messages or location data, yet so many of them do just that.
‘There needs to be far more awareness about how to protect your device and the data on it.
‘There is also a huge concern that the security around these apps can often be incredibly lax, with anyone with the slightest knowledge of how they work being able to access the data from them.’
Google, which is behind Android and the online store where apps are available, said: ‘We don’t comment on individual apps but we remove those that violate our policies.’
Bulgarian software developer Nikolay Ananiev, who made the Tiny Flashlight app, said: ‘My app does not have access to personal data and I believe most other flashlight apps are like mine.
‘But there are a couple of exceptions with a huge “permissions” list which I find hard to explain.’
There was no response from other app designers contacted by The Mail on Sunday.
