No privacy for Santa

Christmas goodies are found all over Switzerland

Cybersecurity experts warn that shopping applications are among the most privacy-unfriendly apps as online shoppers rush to take advantage of online sales and buy Christmas gifts. More than 25 per cent of permissions to access device functions requested by shopping apps are unrelated to their performance, research by NordVPN reveals.

“Shopping apps are among the most eager to request access to devices’ functions that are not needed for their performance. Collected data could be used against the user’s interests and lead to privacy issues that are way more serious than targeted ads. Users should always consider whether the app needs certain data to do its job before tapping ‘Accept,’ even if the app is developed by a well-known and trustworthy online shopping platform,” says Adrianus Warmenhoven, cybersecurity advisor at NordVPN.

According to cybersecurity and privacy researchers, on average, one shopping mobile app asks for more than 18 device permissions, including access to your location or photos and videos. As many as five of the permissions are unnecessary for the functionality of an application. 

Moreover, the shopping apps category stands among the leaders in requesting special, dangerous, and biometric permissions, which deal with highly sensitive or personal information and system-critical processes. Shopping apps request 10 special, dangerous, and biometric permissions on average. Only lifestyle (14), messaging and social networking (13), and dating and navigation (11) apps request more permissions of this kind.

How to protect your privacy on shopping apps

To protect your privacy on shopping apps, Adrianus Warmenhoven offers these preventive measures:

  • Download from official stores. Unofficial app stores won’t always have systems to check whether an app is safe before it’s published and available to download. Moreover, getting a shopping app from an unofficial source carries the risk of it being modified by criminals.
  • Read the app’s privacy policy before downloading. Check what information the shopping app will track and what it will share with third parties. If you’re not happy with the level of privacy, use the shopping platform’s webpage to purchase goods instead of downloading an app.
  • Get to know your data permissions. When you download an app, you’ll be asked to give various permissions to access your data. Make sure they make sense to you. If you already have an app, review all the permissions and turn off the ones you don’t want or need, and consider deleting the apps that ask for too many permissions (especially if they’re not needed for the app’s functionality). You should pay particular attention to permissions like camera, microphone, storage, location, and contact list.
  • Don’t automatically sign in with social network accounts. If you’re logging in to an app with your social media account, the app can collect information from the account and vice versa. 
  • Delete apps you don’t use. If an app is sitting unused on your screen and you’re not shopping on that platform anymore, delete it. Chances are it’s still collecting data on you even if you’re not using it.