WASHINGTON — When it comes to protecting your privacy online, both websites and smartphone apps leak information to third parties. But the type of information that’s shared can vary by platform, according to a Northeastern University study.
Both websites and apps have been found to leak information such as email addresses, names, a person’s sex, location and phone numbers.
Apps typically leak just one more identifier than websites, according to the study.
While websites tend to leak locations and names more frequently than apps, they never share a device’s unique identifying number, the researchers said. Apps, however, do share those IDs.
However, in 40 percent of cases studied by the researcher, websites leaked more types of information than apps, according to the study.
The study also found some businesses allow their websites and apps to share user passwords with third parties.
The study’s authors said JetBlue’s app does it for authentication purposes. “Identity management” is the reason given for third-party password sharing by the NCAA website, the Food Network app and the Food Network website, according to the study.
“My goal is not just to tell people a scary story, but to issue a call to action,” said David Choffnes, a mobile systems expert assistant professor at the College of Computer and Information Science, in a release. “Part of that action could be that users start requesting or even demanding the privacy and transparency considerations they want from the companies they interact with.”
