Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Status
The first post of this thread is a WikiPost and can be edited by anyone with the appropiate permissions. Your edits will be public.

TheColtr

macrumors 6502a
Original poster
Feb 1, 2014
619
904
California
I’m starting this thread to call out all the bad apps that show up in app privacy report.

Starting with Verizon app with a whopping 58 trackers, and 68 total domains contacted.

Next is the Bible app by LifeChurch using 13 trackers and a total of 43 domains contacted. Facebook graph being the top domain contacted.

Walgreens has 29 trackers with a total of 41 domains contacted. It too has contacted Facebook graph the most.

What are your bad apps, and what domains are they contacting?

Wiki Update:
APPS

AT&T - 73 however a lot are AT&T itself
Costco - 71 and it is all over the place
Spark - 53 but that depends on the number of accounts added
Apple Store app- access Contacts
YouTube: contacting 173 domains. One of them 806 times.
Instagram: contacting 115 domains, one of them 1581 times.
Amazon: not even opened yet, already contacting 23 domains

WEB
Amazon - 227 most being various Amazon trackers
CNET (via Reddit) 165 - never accessed the site directly just in a Reddit post
 
Last edited:
I’m far more interested in apple’s first party apps tracking record than any third party app tracking record. Apple is notorious to hold double standards, so it would be interesting to see how much double standards they have.

Btw, maybe first post becomes wiki so everyone can edit? Tho if iOS beta thread is of any indication, I don’t see it being that useful.
 
I’m not much worried about that. It’s an interesting feature. All apple apps are having access to the contacts. Even Safari, TV and the App Store. It should be able to restrict that for Apple apps too.

Most „toxic“ apps:

YouTube: contacting 173 domains. One of them 806 times.

Instagram: contacting 115 domains, one of them 1581 times.

I think these are only domains of theirselves.
 
Since I installed the update, MR been contacted 16 times and I have barely done anything on my phone. I don’t even use google. Looking over 1Blocker again to make sure I block this tracking crap.
 

Attachments

  • 2ED8834B-48BC-4539-8ADB-F1E8E3D76366.png
    2ED8834B-48BC-4539-8ADB-F1E8E3D76366.png
    871.9 KB · Views: 499
  • CD17109C-DEFE-4059-BC0C-57FE808A362D.png
    CD17109C-DEFE-4059-BC0C-57FE808A362D.png
    852.6 KB · Views: 667
  • Like
Reactions: Samdh90
By the way, it appears certificate revocation checks count as a contacted domain, seeing lots of ocsp subdomains.
 
I’ll add another call out. The Apple Store app accessed my contacts six days ago, yet it has never “asked” me for access to my contacts nor is there a toggle to turn that off.


Checked the privacy report:


To my surprise, a local e payment app by HSBC contacted graph.facebook.com

Same surprise for the Facebook backed WhatsApp did not contact graph.Facebook.com


It looks to me the most obvious tracking domain are graph.Facebook.com
and app-measurement.com

The report also revealed that some apps would contact the internet via mask.iCloud.com which I though would be restricted to safari web browsing via iCloud relay.
 
  • Sad
Reactions: katbel
The Times newspaper (UK) looks horrific with lots of Google activity. It has double the activity of the next app down.
 
But… where do you find these info? Under settings > privacy and then…?

I haven’t been able to find anything but I also per default asks apps not to track.
 
  • Like
Reactions: Nermal
So do I assume keeping tracking setting on iPhone is not so useful and it's tracking all my experiences?
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.