Does anyone else want to talk about something else other than [the global situation that will not be named] for a little while?
I do. I have a problem. I’m paranoid of downloading apps. If [the global situation that will not be named] has taught me anything, it’s that there are at least a million people doing the same thing as I am at any given time (giving up mascara, chatting with long lost friends, rewriting wills, etc.). Thus, I suspect there are some of you out there with app apprehension too.
For those of you who blissfully tap ‘GET’ when someone you hardly know says ‘this new app is perfect for grooming your dog’ and accept all the ensuing permissions, including signing in via Google, allowing location services, and using your camera – let me explain.
A dread fear grips me at the sight of a dialogue box which wants my information. I suspect phishing, malware or some kind of a scam. So NO, I will not put a password into the box, because passwords are to be guarded with extreme care. Ditto personal information. To me, it feels like walking down the street and having a stranger ask you where you live. Creepy.
Apps can be scary. Cambridge Analytica was a spectacular case of an app secretly collecting reams of information about Facebook users and their friends.1Ancient history? It was years ago and since then many platforms have tightened their requirements for third party apps.
Googling, I found an abundance of posts on how to tell which apps were the good ones, but couldn’t decide what to believe. If you had an app that steals peoples’ banking info, you’d write an unbiased post suggesting the app in question was a safe one. The most insidious thing I can think of is disguising a malicious app as antivirus or anti-malware software.
Common suggestions were that apps could be validated by the number of times they’d been downloaded, length of time they’d been around, where the app could be obtained, and the credibility of the app’s creator.
More than 10 million downloads equals credibility. Yup, except Facebook: number of users at the time of the Cambridge Analytic scandal – over a billion2. Tiktok – concerns have been raised about the privacy practices of TikTok.3A recent report puts its users at 800 million4.
The App and Google Play stores lend credibility because developers must obtain a license to sell in these stores and apps are scrutinized. This would deter small time bad actors but if your agenda is to derail civilization or take control of the power grid, you would jump through the hoops.
Sometimes, the app hasn’t had time to catch up to its popularity. Think Zoom, which is available in the App Store. A wonderful entrepreneurial story of a business that stepped up to keep a good deal of the world running in the past few weeks. The sudden humongous demand for this video conferencing app has revealed some security weaknesses – only natural with the level of usage and popularity.
Every business, from commercial banks, to communications conglomerates, to restaurant chains, have their own app – custom-made pieces of software optimized to deliver the company’s business. If I download multiple apps, I’m concerned about them mingling, with all those different permissions, developers, standards and policies, on my many devices.
Hard as I try, my devices are like amorous bunnies and make connections even when I think I have them segregated. A bit of information here, a bite there, and I imagine my phone could borrow a million dollars by simultaneously applying to eight banks for a mortgage to buy real estate that’s contaminated with toxic waste that I end up responsible for remediating.
I did say I’m paranoid. What is the risk of a bad app? There are the truly malicious that have criminal activity as their intent. While concerning, those won’t get through most of the checks mentioned above. The other category is the mostly ok with weaknesses that might be exploited to manipulate, rather than perform criminal acts. Cambridge Analytica purloined data from a huge number of people. Information was abused to sway voters in several national events. This is pretty abstract stuff. If I download an app, the fate of the world may shift? Shut up, I just want to find cheap frozen pizza.
Where does this lead me? I can see why people embrace apps. They deliver a lot of functionality, fun and deals. Research supports that many people are resigned to sharing their data with endless commercial concerns and accept it as a consequence of the value they derive from apps. And aside from the rare, truly malicious cases, data use is directed to direct marketing or abstract things that one person has little influence over.
Should I avoid apps? My apprehension has grown over time as various spectacular app-fails emerged. This doesn’t mean they are all bad. Just as all cars have certain risks – mechanical failure, expensive maintenance, manufacturing defects and circumstances leading to accidents – all apps share common traits. They are foreign bits of software that might invade your device with malicious intent and lead to personal or societal harm. But all cars are not the same. Some are better built, some easier to fix and some have more protective measures to lessen operational calamities. I concede. Some apps do exactly what they say they do. Some are better engineered and have a lower risk of backdoor information leakage. A very few will be malicious. Probably fewer will cause societal disasters.
When a new product type emerges into the market, the tendency is to treat all versions of the product the same way. Then, as the product grows in popularity and matures, the value of individual versions or brands becomes clear. We have passed the emergent stage with apps, so I should value each app on its own merits and risks.
How will I deal with my app apprehension? One app at a time.
1Here is one of many stories: https://www.vox.com/policy-and-politics/2018/3/23/17151916/facebook-cambridge-analytica-trump-diagram
3For example: https://www.theverge.com/2020/2/27/21155845/reddit-ceo-steve-huffman-tiktok-privacy-concerns-spyware-fingerprinting-tracking-users