Interviews et Éditoriaux

The World’s Most Invasive Apps

18.10.2024.

Mobile apps have become essential in our daily routines, whether it’s video calling distant friends, ordering food, or tracking a morning run. And with an astounding 257 billion app downloads last year, rising from 141 billion in 2016 their popularity is only increasing.

But while the apps on our phones and laptops offer convenience, they often come at the cost of our personal data with many collecting everything from contact details to real-time locations. But which are the most notorious for doing so?

To find out, we analyzed the privacy policies and fine prints of the world’s most popular apps, revealing what type of data is collected, and which data is shared with third parties.

What data do apps track? #

The iOS app store outlines six key purposes for collecting users' data. First, third-party advertising involves displaying ads from external sources within the app or sharing user data with those advertisers. 57% of the apps analyzed share your personal data for this purpose.

Developer advertising or marketing serves a similar function but focuses on displaying first-party ads, and 79% of apps admit to utilizing your data for this.

91% of apps use our data for Analytics to evaluate user behavior, while 81% use our data for product personalization to customize the user experience, such as recommending specific products. The store also includes an “other” category for any purposes not already specified.

Additionally, data is collected for app functionality, such as user authentication and implementing security measures. Personal data is used to improve the software of the app, reducing the chances of crashing, and 94% of the top apps on the iOS store take your data for this purpose.

The top 20 most invasive applications #

Most invasive apps

1. Facebook/Messenger and Instagram/Threads #

Facebook/ Messenger and Instagram/Threads take the joint top spot as the most invasive apps when it comes to personal data collection. Owned by Meta, the U.S. technology conglomerate founded by Mark Zuckerberg, these social media apps have grown to be some of the most popular social media apps, but also the most intrusive.

These apps share a staggering 68.6% of your personal data with third parties, often for targeted advertising purposes. This is the highest percentage on our entire list and means that nearly seven out of every ten pieces of information users provide, from contact details to location, is shared with external companies.

In addition, Facebook/Messenger and Instagram/Threads both collect 91.4% of your data so their apps can run smoothly - ranging from app functionality to product personalization. This gives users the impression they are interacting with an app that knows them intimately. Furthermore, a whopping 85.7% of your data is collected for analytics purposes, allowing developers to continuously gather insights into your behavior and fine-tune their advertising strategies to make them more tailored to you.

2. LinkedIn #


Ranking as the second most invasive app is LinkedIn. While many users turn to the app for job hunting and career networking, the app is also taking and using your personal data for multiple purposes. A whopping 74.3% of user information is collected for app functionality including photos or audio data, and contact information such as your email and home address.

Meanwhile, 68.6% of personal data is used for analytics and 65.7% of your data is leveraged to create content and recommendations tailored specifically for you.

Though LinkedIn shares less personal data with third parties compared to social media giants like Facebook and Instagram, it still discloses a striking 37.1% of your information to external entities. This includes your location—an approximate indication of where you are—and contact lists, which can be utilised by advertisers and other third parties to target you more effectively.

3. Amazon #

With an estimated 200 million users worldwide, Amazon has become the go-to online shop for everything from daily healthcare products to household essentials.

Being an online shopping platform, it might come as a surprise that Amazon only uses 25.7% of your personal data to make your shopping experience unique to you, and 25.7% of data is used to personalize advertising.

Once again, however, app functionality appears to be the biggest absorber of your data, with 68.6% of your personal information being taken for this purpose. According to the privacy terms and conditions, this includes data such as your payment information, product interaction data, and sensitive information. However, with only 5.7% of data being given to third parties, one of the lowest percentages in the ranking, most of the data stored by Amazon stays within the app.

The most invasive business apps #

The most invasive business apps

Check out out the full list in PDF here.

While LinkedIn ranks as the third most invasive app behind social media giants Facebook and Instagram, it claims the title of the most invasive business app globally.

All three business apps in our study take the most data primarily for app functionality, with LinkedIn capturing a staggering 74.3% of user data for this purpose. Gmail and WhatsApp Business both utilize 57.1% of personal information for app functionality, including storage of user content like emails and text messages.

Gmail and WhatsApp Business are much less likely to share your personal information with third parties with only 8.6% and 5.7% of data being shared. Furthermore, 0% of your data shared with Gmail will be collected for ‘other’ purposes, and just 5.7% of data collected by WhatsApp Business is used for advertising purposes and product personalization.

The most invasive entertainment apps #

The most invasive entertainment apps

Entertainment apps have become essential for keeping commuters entertained and children engaged, but can equally be as data-hungry. The entertainment giant, YouTube claims the top spot and uses almost two-thirds (65.7%) of your personal data, including payment details and user IDs, for app functionality. Meanwhile, 31.4% of your data is shared with external parties.

Amazon Prime Video comes in second as the most intrusive entertainment app with 40% of your personal data being collected for ‘other’ purposes and 42.% being used for analytics. Despite this, just 8.6% of your personal data will be shared with third parties. Spotify comes in third with 57.1% of data being collected for app functionality and 28.6% being collected for product personalisation.

The most invasive game apps #

The most invasive game apps

Interestingly, gaming apps appear to be one of the least invasive app categories, with two of the top three (Roblox and Monopoly Go) sharing no personal data at all with third parties.

However, the most invasive gaming app in our study is Candy Crush Saga, which takes 8.6% of data such as device ID and advertising data to give to external parties. The highest percentage of data to be collected for any purpose is by Roblox, which claims to take 42.9% of your information such as crash and performance data for analytics.

The most invasive dating apps #

The most invasive dating apps

In order to find love online, users are expected to give a decent amount of personal information for dating profiles.

However, Bumble takes the top spot for the most invasive dating app, with just over half (51.4%) of your data being collected for the app to function, and almost a third (31.4%) being taken for product personalization.

Tinder takes second place, and it also takes the highest quantity of data being sent to third parties at 5.7%. Furthermore, 28.6% of your data is taken for product personalization and 17.1% for advertising and marketing.

Hinge rounds off the top three with no data shared with external entities and only a third (31.4%) of your data is needed to help the dating app function, the lowest in the top three.

The safest apps for keeping your data private #

It can be scary to know that the apps we use on a daily basis are utilising our data in so many different ways. With this in mind, we’ve revealed the safest apps for keeping your data safe and secure.

The gaming app Subway Surfers, the Fitpro health app, and Booking.com all take the crown for the safest apps. On all three privacy policies for these apps, no ‘data linked to you’ section existed on the apps’, suggesting no personal data is stored at all.

The friends-making app LitMatch comes in second, with small quantities of data being collected for third parties, advertising or marketing, and app functionality. This is followed by Telegram Messenger, a social app that doesn’t require a phone number to function and heavily encrypts any messages or content sent via secret chats.

How can businesses protect customer data? #

The quantity of personal data taken by apps can be concerning, and many of us will feel confused about where our data actually goes and what it’s used for. Businesses need a zero-tolerance approach to data security, starting with minimizing data collection—only take what’s essential and make it clear to customers. Encryption is a must for both storage and data transfer, ensuring sensitive information stays safe even if there’s a breach.

Frequent penetration tests and audits are non-negotiable to stay ahead of vulnerabilities, while access should be tightly controlled using a zero-trust model. Ultimately, transparency about data usage and storage is key; customers should know exactly what’s collected, why, and how it’s protected.

Sources and methodology #

To identify the most invasive apps on the iOS App Store, we analyzed the privacy terms and conditions of the most downloaded apps in 2023. Each app had its own set of privacy terms and conditions on the store under ‘App Privacy’. For this study, we focused on the ‘Data Linked to You’ sections.

We counted how many instances each app collects personal data, focusing on the six specific purposes for data collection identified by the App Store:

  • Third-Party Advertising

  • Developer’s Advertising or Marketing

  • Analytics

  • Product Personalization

  • App Functionality

  • Other Purposes

Each of these purposes collected the following 16 specific data types:

  • Contact Info

  • Health & Fitness

  • Financial Info

  • Location

  • Sensitive Info

  • Contacts

  • User Content

  • Browsing History

  • Search History

  • Identifiers

  • Purchases

  • Usage Data

  • Diagnostics

  • Diagnostics

  • Body

  • Other Data

We totaled the amount of data collected by each app to calculate the percentage for each purpose. This helped us determine which app collected the most data, with the app having the highest percentage labeled as the most invasive.

Tags:

Marin Marincic

Marin Marinčić

Responsable de l'Infrastructure

Marin a rejoint NSoft en 2016 et apporte plus de 15 ans d'expérience en IT. De la banque aux opérations, il a été à l'avant-garde des solutions technologiques. Diplômé en informatique, Marin est la force motrice derrière l'excellence de l'infrastructure de NSoft.

Articles Connexes

Actualités / Interviews et Éditoriaux

20.12.2024.

Which scams are the hardest to spot?

The nature of a scam has evolved as quickly as the technology around us. Scams are no longer limited...

En savoir plus

Actualités

16.12.2024.

Étude de Cas : Mise en œuvre de NSoft Boost chez Sima Casino

Discover how Sima Casino leveraged NSoft's Boost to transform player engagement, increase revenue, and reduce churn. A six-month success story!

En savoir plus

13.12.2024.

Pourquoi les Opérateurs misent sur l’Intégration Multi-Plateformes (Et Vous Aussi !)

Les joueurs attendent une expérience de pari fluide entre les points de vente, le mobile, les terminaux et les plateformes en ligne. Découvrez pourquoi l'intégration multi-plateformes est incontournable, en boostant la fidélisation, les revenus, et l'efficacité tout en préparant votre activité pour l’avenir.

En savoir plus

Vous n'avez pas trouvé ce que vous cherchez ?

Notre équipe se fera un plaisir de vous guider à travers nos produits et services.

Contactez-nous
Essayer la démo