Last week Quartz uncovered that "hookup" app Tinder exposed the physical locations of users. What's more, the breach lasted two weeks, a significant step up from the "few hours" the company's chief executive initially claimed.
Tinder's bug is the latest in a long stream of privacy snafus from apps designed to help users spice up their love lives. A vulnerability in Grindr, the king of all gay male hookup apps, and its less popular straight counterpart Blendr left users vulnerable to their accounts being hijacked. This exposed users to impersonation and the risk of a bad guy snooping through their (possibly explicit) text and photo messages. Lately Grindr has been hit with another problem: Porn spambots.
Last winter it was discovered that image sharing app Snapchat, popular among a certain crowd for sending sexts with an expiration time, stored copies of received messages on a device's memory. That means potentially compromising shots sent over the app could be accessed even after their supposed self destruct time. Of course, recipients could take a screenshot or a photo of their screen.
OkCupid's Crazy Blind Date app launched with a vulnerability that allowed technically adept users to find the birthdays and e-mail addresses of users via the program's API, although it was fixed within hours, and OkCupid said at the time they saw no evidence anyone was exploiting the glitch.
Unfortunately, other issues arising from mobile apps have had far less innocuous results. Last summer The New York Times's Bits blog reported three men were accused of raping children they met through the mobile flirting app Skout. The app already ran a "more protected" service for minors before the assaults, but banned children from the app altogether in the aftermath.
All of these narratives combine to give hookup apps a pretty sketchy reputation. And there's certainly something to that: People trust incredibly personal data to these programs, so when they have sub par security measures, there is more at risk.
But while the data held by hookup apps is particularly sensitive, their promiscuous use of users' data isn't unique to the category. Most free apps derive value from users by collecting data about them or serving them targeted adds. Remember when Jay-Z wanted to know all about you?
That's why a Federal Trade Commission (FTC) report from earlier this year showed 57 percent of all American app users have "either uninstalled an app over concerns about having to share their personal information, or declined to install an app in the first place for similar reasons" while less than a third of them feel like they are "in control of their personal information on their mobile devices."
App developers and advertisers are aware of this issue, and just wrapped up a multi-stakeholder process with the National Telecommunications & Information Administration to set out clear expectations for mobile advertising and data collection. But some consumer advocates are wary the agreement will give consumers any meaningful control over their information.
Mobile malware is also an emerging threat that should cause most smartphone owners, especially Android users, some alarm. According to Cisco's last annual security report, there was an 2,577 percent increase in Android malware encounters over 2012. While only a tiny amount (0.5 percent) of 2012 malware encounters were on mobile devices, some 95 percent of them were on Android.
So, yes, you should be careful what information you share with hookup apps. But you should also be careful about the information you share with all mobile apps.