7 Apps Stealing Your Data - Identity Review | Global Tech Think Tank - Identity Review | Global Tech Think Tank

As the Internet becomes increasingly prominent in the current times, it is no surprise that nearly 5 billion people around the world have access to it. Many of these users are very active and utilize the net to store data, send messages, and search up information. However, it may be shocking to find out that this type of “private and personal” information is not so “private and personal” after all. Here is a list of the top applications that are stealing your data.


Read the Report on TikTok’s Data Collection Practices

1. TikTok

As one of the leading social media applications to date, TikTok has amassed a loyal following of 1 billion active users; however, Tiktok has come under massive suspicion for its Chinese origins. Owned by Chinese Internet company ByteDance, TikTok has been the target of a ban by the Indian government in 2020, and while president Donald Trump had moved to prohibit the app’s use in the US, he was ultimately unsuccessful after leaving office. In 2019, the ByteDance settled to pay $5.7 million over allegations that they were illegally collecting and stealing data from children under the age of 13. 

TikTok gathers a variety of information such as: location, IP address, which device the app is being accessed from, viewing content, and even biometric data as of recently. Using these pieces, the company infers other things about the user including race, age, and gender. It is still unclear where this data goes, but according to a CNBC Evolve article, “13 of the 14 network contacts” came from third parties – making it virtually impossible to trace. Furthermore, in a recent report, TikTok has gone under fire for allegations that Chinese engineers “had access to US data between September 2021 and January 2022.”


TikTok is on a meteoric rise, taking the world by storm. However, amidst its unprecedented rise, concerns regarding data privacy and security are top of mind. Download our report to see what kind of data TikTok actually collects. Should we be concerned about the potential national security threats when the personal information of American users is accessible by employees of ByteDance, TikTok’s Chinese parent company? This report delves into these pressing questions, providing readers with a comprehensive understanding of TikTok’s data collection practices and the possible implications for user privacy and national security.


TikTok’s Data Collection Practices: An In-Depth Look at Privacy Implications

2. Facebook

Facebook is yet another social media goliath. With its nearly 3 billion active users, it is no surprise that Facebook is one of the leading platforms for marketers and advertisers. As a result, Facebook has been known for collecting, and quite possibly stealing, user data, and they have gone under fire for security breaches, data leaks, and scandals regarding privacy. 

With tracking cookies, Facebook is able to see what websites and clicks users interact with. Facebook also uses facial recognition software to track users across multiple channels and better identify users. Furthermore, Facebook is able to use a person’s liked posts to accurately infer various things such as: intelligence, religion, sexual orientation, and more. According to a Forbes article, Facebook does not directly sell users’ data, but the company does sell “access to its users through ads and acts as a conduit through which others harvest data.”

3. BetterHelp

BetterHelp is one of the leading figures in the rise of mental wellness apps that took place during the pandemic. After all, four in ten Americans are said to be experiencing depression during the Covid-19 outbreak. BetterHelp, along with many other mental health applications, have been caught sharing consumers’ data with third parties. Many of these applications do not disclose this in their privacy policies. Applications such as BetterHelp are able to do this because they lay in a gray area where the Health Insurance Portability and Accountability Act (HIPAA) do not apply.

4. Twitter

Unlike Facebook’s method of selling access, Twitter directly sells its data to third parties who use the information to roll out targeted advertising and marketing. In April of 2020, Twitter took their methods to an extreme by disabling the option to opt out of data sharing. While beforehand, mobile Twitter users had the option to turn off the “Share your data with Twitter’s business partners” option, the button has now been replaced with an “OK” – forcing users to simply accept the change in privacy policy. 

5. Farmville

Even some mobile games seem to be working behind the scenes. Zynga, a huge name in the mobile gaming world with hits such as Words With Friends and Zynga Poker, has proved itself as one of the worst apps regarding user privacy. Zynga is known to track all sorts of user data, including but not limited to: full name, age, gender, chat logs, email, IP addresses, and browser language. Afterwards, Zynga grants third parties access to this data – their most notable scandal involving Cambridge Analytica.

6. Weather Apps

Back in 2019, the city of Los Angeles sued The Weather Channel App for breaching and violating people’s privacy by tracking and selling user data – specifically location. According to the allegations, the application “collect[ed]  location data on where users live and work, as well as the places they visit throughout the day and night … It also gathers info on how much time users spend at each place … [which] can allegedly be analyzed to understand a specific user’s daily habits, shopping preferences and even unique identity.” While the lawsuit has been settled, users should still take caution when approaching third-party weather apps.

7. Strava

Surprisingly enough, health fitness apps, such as Strava, have made the list. While the allegations on whether they sell personal data are not concrete, it is important to note that their security and privacy protocols are weak – allowing hackers and other parties to easily access these databases which contain user data such as height, weight, and location. Furthermore, Strava ran into some problems when they released their global heat map back in 2017. After further analysis, users were able to see running activity in areas that had secret military or government facilities


Daniel Shin is a contributor to Identity Review from the University of Southern California. Do you have information to share with Identity Review? Email us at press@identityreview.com. Find us on Twitter.


Get Involved with
Identity Review

Connect with us

Keep up with the digital identity landscape.

Apply to the Consortium

Bringing together key partners, platforms and providers to build the future of identity.

Submit a Press Release

Be a Guest Writer

Want to write as a guest writer for Identity Review? Send us your pitch or article.

Picking an Identity Solution?

Picking an Identity Solution?

Make an informed decision on the right provider from in-depth reviews and feature comparisons.