Feedback
Tech

ReCon App Watches Your Other Apps for Leaked Private Info

Many apps people use every day occasionally need to check your location, or have to send or request certain personal data — age, gender and so on. But do you really know when this is happening, and how often? A new app called ReCon keeps a close eye on the other apps on your phone, recording when they send personally identifiable information and letting you decide how much is too much.

Related: Snowden-Blessed 'Signal' Encrypted Calling, Messaging App Comes to Android

ReCon is the work of Northeastern University's David Choffnes, an assis­tant pro­fessor in the Col­lege of Com­puter and Infor­ma­tion Sci­ence. On Monday, he also released a study (PDF) showing that about half of the top 100 apps, on both iOS and Android, leak device information, and dozens share user details or location with third parties. The study also noted that there is no easy way for users to track this data or prevent it from being sent.

David Choffnes

Truth be told, ReCon isn't exactly a walk in the park to install or use. And you'll have to install a bit of custom software first over a web service instead of the usual app stores — usually a big no-no when it comes to security, though you can probably trust these computer science researchers.

Apps Allow You to Protect Your Privacy 1:23

Once it's installed, you can use the app or web interface select various categories of sensitive information and see which apps are requesting them, sending them insecurely, or transmitting them to a third party without your knowledge. Once you know, you can OK that behavior (maybe Facebook wants to send your location to Microsoft to request a map) or ban it in the future (another app might send your age and gender to an ad company for better targeting). You can even set it up to send fake information of your own choosing.

Right now ReCon isn't very user-friendly, but it's still in development — new versions could easily streamline things. And once people find out they can exert this kind of control over their private data, it'll be hard to stop them.