Android app reveals hidden spyware

A recent study from the Yale Privacy lab and Exodus Privacy founds dozens of invasive trackers hidden in common Android apps. However, the method the researchers used, which involved writing code to expose the internal workings of the devices they tested, is legally barred under the US Digital Millennium Copyright Act (2000). Apple's iOS operating system is locked with digital rights management (DRM) software, and both the DMCA and the EU's Copyright Directive prohibit circumventing DRM or distributing tools to make circumvention possible. The result is that although these trackers almost certainly exist in the same numbers inside iOS apps and it is in the public interest to establish this, there is no way to conduct research to prove it. The US Copyright Office provided an exemption to this rule in 2016, but it will expire soon and it only allows Exodus to use the tool, not to either make or distribute it, even to other researchers. The right to independently audit such systems is as important as effective regulatory oversight and the power to hold these companies liable for lying to consumers.

Writer: Cory Doctorow
Publication: BoingBoing
Publication date: 2017-11-25