There are plenty of major companies out there recording every triggered event and gesture you make on your iPhone apps. In most cases, you won’t even know about it. They don’t ask for permission either. It’s the latest privacy fiasco that has forced Apple to jump in to protect its customers after several apps were caught using Glassbox.
An Apple spokesperson had this to say in an email:
“Protecting user privacy is paramount in the Apple ecosystem. Our App Store Review Guidelines require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity. We have notified the developers that are in violation of these strict privacy terms and guidelines, and will take immediate action if necessary.”
By “take immediate action”, we presume that Apple basically will remove these apps from its App Store in case they don’t make the necessary adjustments.
Apparently, major companies like Expedia, Hollister, and Hotels.com have been using Glassbox; a third-party analytics tool to record users’ activities on their apps. None of these apps asked users for permission to record their gestures. Shockingly, none of the companies disclosed in their privacy policies that they were recording users’ app activities. And that, of course, is against GDPR regulations.
The Reason Behind Using Glassbox
These companies embed “session replay” technology into their apps. These session replays allow app developers to record the screen and play them back. This is so they can see how users interact with the app. The reason why companies took that approach is to figure out if something didn’t work or if there was an error. Also, companies depend on this kind of session replay data to understand users’ behavior, why things break, and which can be costly in high-revenue situations.
Glassbox – Analytics code
Glassbox, a cross-platform analytics tool specializes in session replay technology. It gives companies the ability to collect data by integrating their screen recording technology into their apps. The screen recording replays and shows how users interact with apps. Glassbox says that it provides the technology to help reduce app error rates. The company, however, “doesn’t enforce its customers” to disclose that they use Glassbox’s screen recording tool in their privacy policies.
Apple has notified many app developers that their apps had violated the company’s rules. A spokesperson for Glassbox said that “the communication with Apple is through our customers” in relation to their knowledge of Apple’s response. Glassbox is also available to Android app developers. However, Google did release a statement on whether or not it’s going to ban the screen recording code. Just like Apple, Google Play prohibits apps from secretly collecting user data.
A company like Glassbox is not likely going to go away anytime soon. If it weren’t for techniques like that, how would app developers follow users’ trail of thinking? Nonetheless, the fact that it is done in such a secretive way goes to show how creepy this recording session is.