Have you ever wondered why some apps ask for access to the microphone on your phone? Be careful: In some cases, the only reason is because the app wants to collect marketing data about your media habits.
On Thursday, the Federal Trade Commission sent a letter to a dozen app developers that warned them not to abuse so-called “audio beacons,” which are capable of picking up secret noise signals embedded in TV shows. The beacon, which relies on your phone’s built-in microphone, can serve to confirm you watched a given program.
It’s unclear to what extent this is currently taking place in the United States. While the FTC shared a copy of the letter, it did not identify the app developers; however, it did refer to the use of “code published .. in the Google Play store,” which indicates the developers are focused on Android devices.
The FTC also describes an underlying technology offered by an Indian company called SilverPush. The letter cites a Forbes article that describes how SilverPush had used “inaudible sound to let brands keep tabs on people’s online lives across TVs and smartphones for more than a year.”
In the letter, the FTC also notes that the app makers have been embedding the SilverPush code and asking for permission to use consumers’ microphones—even though their apps don’t require the microphone to operate.
If you read between the lines, the fuss over SilverPush appears to be a new twist on an old scam: An app maker encourages a user to install an app (typically for free) that is marketed for one task—but whose real purpose is to suck up marketing information.
The most famous example of this scam is an Android app called “Brightest Flashlight.” The developer of the app persuaded over 50 million people to download it, and then harvested their location data and sold to marketers.
While the FTC took action on the Brightest Flashlight issue in 2013, the agency didn’t impose any fine, in part because of rules that restrict the agency’s powers for first time offenses.
In the case of this new microphone ruse, the FTC appears to be sending an early warning shot across the bow of the developers— this could help them crack down harder later on, if the privacy violations materialize.
“These apps were capable of listening in the background and collecting information about consumers without notifying them,” said Jessica Rich, Director of the FTC’s Bureau of Consumer Protection, in a statement. “Companies should tell people what information is collected, how it is collected, and who it’s shared with.”
by Jeff John Roberts for Fortune Magazine