Security Concerns Raised Over Presidential Campaign Apps

• By Sydny Shepard
• Apr 26, 2016

An independent analysis by Symantec, one of the world’s largest software companies, has determined that the “Cruz Crew” and “Kasich 2016” phone applications could allow third parties to capture personal data from the device user.

Symantec discovered that presidential candidate Ted Cruz’s phone app for his campaign could lead a hacker to the unique identifying number and other personal information of the device user while the application for GOP candidate John Kasich could show a cybercriminal the users’ location data and information about other apps installed on the phone.

Cruz data director has denied the claims that data could leak from the application. Chris Wilson said that the app requires the data that Symantec found, but makes sure that the data is never sent anywhere. Kasich’s data team declined to comment on the app’s security.

AP had previously reported on the vulnerabilities of the apps in March when a separate computer-security firm, Veracode, performed detailed reviews of the phone apps released by presidential campaigns from both parties.

AP reported Veracode found that the Cruz app is designed to gather detailed information from users’ phones – potentially tracking their physical movements and harvesting the names and contact information of friends. The information is fed into a database containing intimate details about nearly every adult in the United States in order to help target potential Cruz supporters.

The Cruz campaign says that users voluntarily share information and how that information is collected and shared is available online.