Weather Apps Under Fire for Collecting, Selling User Data

Weather Apps Under Fire for Collecting, Selling User Data

Several weather apps have been found to harvest and use data from its users.

A China-Made Smartphone weather app has stolen private data from over 10 million global users according to new research from a London-based security firm.

Upstream Systems found that the app's creator, TCL, was collecting users' geographic locations, email addresses and International Mobile Equipment Identity, a unique ID assigned to each authenticated cell phone and keeps the data on TCL servers in China.

The security firm also discovered that the weather app, called Weather Forecast—World Weather Accurate Radar, surreptitiously subscribed users of TCL's low-cost Alcatel smartphone in Brazil, Malaysia, Nigeria and other developing countries to its paid virtual-reality services. About 100,000 Alcatel phones were automatically subscribed, which would have billed the users more than $1.5 million had the firm not discovered it.

Wall Street Journal made inquires to TCL last November and the company updated the weather app that month. The app stopped automatically subscribing users, according to Upstream, but the data collection continues.

This isn't the only weather app to make data privacy headlines recently, The Weather Channel App has also been accused of using location data to make a profit.

The city of Los Angeles announced it is suing the Weather Channel, claiming it collects, shares and sells users' location data without their content. The lawsuit claims this data has been collected and sold for years under the guise it is being used to personalize forecasts. 

 In addition to the Weather Channel App and Weather Forecast—World Weather Accurate Radar, WeatherBug and Accuweather also sell their location data.


About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

Featured Cybersecurity

Webinars

New Products

  • XS4 Original+

    XS4 Original+

    The SALTO XS4 Original+ design is based on the same proven housing and mechanical mechanisms of the XS4 Original. The XS4 Original+, however, is embedded with SALTO’s BLUEnet real-time functionality and SVN-Flex capability that enables SALTO stand-alone smart XS4 Original+ locks to update user credentials directly at the door. Compatible with the array of SALTO platform solutions including SALTO Space data-on-card, SALTO KS Keys as a Service cloud-based access solution, and SALTO’s JustIn Mobile technology for digital keys. The XS4 Original+ also includes RFID Mifare DESFire, Bluetooth LE and NFC technology functionality. 3

  • FlexPower® Global™ Series (FPG) from LifeSafety Power

    FlexPower® Global™ Series (FPG) from LifeSafety Power

    The FlexPower® Global™ Series (FPG) from LifeSafety Power—designed to provide DC power for access control systems in international applications—is now PSE listed for Japan and compatible with the country’s 100VAC applications. 3

  • HID Signo Readers

    HID Signo Readers

    HID Global has announced its HID® Signo™ Biometric Reader 25B that is designed to capture and read fingerprints in real-world applications and conditions. 3