Skip Navigation

How does an app like Threads get access to financial, political, health, religious or browsing info through your phone's OS. What is the actual source of that data?

I'm trying to understand how an app would even get that info in the first place, how that's classified and why a mobile operating system even has a way to provide that data.

Am I correct in assuming that if an app is used without play store / play store framework that it would not be able to get access to that data?

Thanks!

44
44 comments
  • From what I know having worked in adtech,

    • they collect as much information as they can from the device such as location from GPS, interests from follows, likes dwell time on posts, and other information you knowingly or unknowingly provide. This includes scraping information from photos and videos you upload to the app. Eg, you upload a picture of an expensive bag with the caption "my new bag" - the bag brand can be determined and assessed algorithmically.
    • the above extends to websites you visit with in-app browsers and the actions you take while on those pages
    • deduce what they can't eg where you live & work based where you spend time during the day vs night,your real life interests based on places you visit eg gym, fast food places, church etc. Also they apply complex algorithms to relatively accurately deduce anything you don't directly provide. Eg if you disable accurate location, they can figure it out based on the ip address(es) you connect to the app from (geolocation algorithms) .
    • and what they can't deduce is bought from third parties. Those are companies normal people don't know exist whose sole purpose is scraping and categorising information - sort of similar to credit agencies but different. In this case, they take what they know about you and send it to this third party which then returns eveything they have that's related. Eg the app (threads) might send your email and username and get a response containing your previous home address (say scraped from some insecure government website)

    With the above, even without knowing your name (this can easily be determined) , they are able to know enough about you to determine the kind of person you are, with whom you interact, where you go, your political affiliations, job, salary estimate etc and sell it to advertisers. This is usually sold as "audiences" but given the tools provided to advertisers, it's easy to create hyper targeted ads and recommendations (remember Cambridge Analytica).

    We voluntarily give up a lot more information than we realise.

    And remember, the smartest people on the planet work at these companies, so the above is nothing in comparison to what behemoths like Facebook, Google, Tencent, etc are capable of.

    157
  • All due respect to my fellow lemmings, but the ones in these comments are vastly over complicating this. It's extremely simple - you give that info away, and you do it happily. Here's an extremely simple example of every single one of your questions:

    Financial

    • you explore job postings on linked in. You upload your resume to Google drive. You say where you work/what you do on your social media. Your bank statements get emailed. You check your credit through an email reminder.

    political

    You subscribe to websites with particular political leanings. The content you engage with on social media falls in certain political camps. You interact primarily with people that also have those leanings. You block or avoid content that is not to your politcal liking. Every like and subscribe is your personality and political affiliation.

    health

    You searched "symptoms of (insert thing here)." You ordered a next brace on Amazon. Your doctor sends your invoice to your Gmail account. Cvs emails you your receipts.

    religion

    See politics.

    browsing info

    Google literally sells everything you do. It's their business model. Every time you're signed in with Google it's tracking what you do. Every email you receive. Everything you click on. Every item you purchase. Every review you fill out. Google sells it all, and you'd be amazed how fast they do it. Fun experiment, go buy something - jeans, a shirt, shoes, drums, and guitar, whatever from a new place you haven't shopped before. Go buy it and have the invoice go to your Gmail account. Then get on Instagram...time how long or far you scroll before you see an ad for a similar product. Perhaps even a brand you comparison shopped.

    You tell it all these things. Whether you realize you're doing it or not, you tell it everything it wants to know just by using your phone. Google sells it, instametathreads buys it, learns more, and then sells what it learns back to Google and advertisers. Rinse, repeat.

    58
  • I think your asking the right question but it's hard to articulate because you don't understand the right question to ask.

    Say you use google email and google apps to schedule appointments. The information is put into a database and all sorts of data points are collected. The information can be made into a profile and then sold.

    If you use an app to record your diet. That could start to show medical information if you're able to put it with the google information and so on.

    This is by no means how it's done but something to help you understand what you should be asking.

    18
  • Online purchases, stuff you've shared, monitoring your IP across the internet, your ISP, your "free to exploit me" email, the tracking id you use at the grocery store for discounts, pretty much everything you do and pay for that is not cash, is farming data to stalk you. These are also the places suggesting new content and generating search results when you look for new information. The two are entirely related, and there are no limits in place to remove manipulation from this feedback loop. You have no way of knowing that places like Amazon are designed to make direct searches impossible. The category options are ambiguous and several techniques are used to obfuscate results. This makes plausible deniability for any case against them for price fixing, but you are seeing the products and prices tailored to what they believe you will pay. It hasn't been about dumb banner ads since internet 1.0. Everything you encounter is tailored to promote certain profitable or convenient behavior.

    Stalking people looking for opportunities to exploit them is not only legal, it is encouraged as an industry by US political ineptitude in the most positive tint, and corruption in the most negative. It's digital imperialism where everyone is a slave with no rights of ownership of individual identity and privacy; so long as it is restricted to the person's digital identity. Proprietary hardware and software is a battle for a new age of feudalism. Neglecting ownership of one's digital identity and property is a submission to serfdom. It is like stepping back one thousand years in human progress and development.

    13
  • Let say you comment somewhere that you make minimum wage, their algorithm picks up on it and now they have you as a low wage earner in their database.

    This is a massive over simplification but illustrates the point.

    8
  • https://infosec.pub/post/400702

    Threads app itself is a privacy nigtmare

    and YSK : Because of Threads app that makes Meta a threat to the privacy of fediverse users, if there are fediverse instances that remain federated with Meta.

    Ross Schulman, senior fellow for decentralization at digital rights nonprofit the Electronic Frontier Foundation, notes that if Threads emerges as a massive player in the fediverse, there could be concerns about what he calls “social graph slurping." Meta will know who all of its users interact with and follow within Threads, and it will also be able to see who its users follow in the broader fediverse. And if Threads builds up anywhere near the reach of other Meta platforms, just this little slice of life would give the company a fairly expansive view of interactions beyond its borders.

    https://www.wired.com/story/meta-threads-privacy-decentralization/

    5
  • They infer it through your activities online. If you're constantly visiting the Mercedes Benz website they can determine that you're likely in the upper middle class. They use information like that, combined with an evaluation of your approximate education level based on the way you type, combined with what you say, to figure out your income bracket. Then they scan all of your comments, location history, pictures, contacts etc., and put together a profile on your likely interests, political affiliation, and other relevant information for advertisers. It is all very sophisticated and creepy.

    4
  • I could be wrong but i believe the image that's making the rounds re what permissions the app CAN use, are just that, potential things it can do, not things it constantly does. Facebook (and so i assume Instagram and threads since its the same system) supports methods of payments like google wallet and linking a credit card. Its kinda like how when you sign up for these things you give them "permission" to use your pictures etc, because obviously they need that permission in order to actually show your images, it doesn't mean they can just do whatever they want with photos you upload, same for financial info.

    2
  • People are so worried about this information and I'm over here like, yeah... if I could have something I want today, ordered for me yesterday without me having to even do it.. that'd be great.

    Like, oh, I need a size 10 6.0mm tunisian crochet hook that imma use to make an afghan tomorrow for my niece. I want to have that size 10 6mm tunisian crochet hook at the ready. Ain't nobody got time to mess around. 😂

    0
    • That’s the attitude that gets people hooked in the first place.

      Now see if you can extend that further and see how a company having intimate knowledge of your behaviour could be a problem.

      Think about manipulation. Is there a reason you want to buy that crochet hook? Does it have to do with Meta knowing you just had a niece and were browsing on Pinterest, and already have a size 8 and 12 hook but no 10, so then they stuck a child oriented project in your feed that just happens to use the hook you don’t have?

      4
  • As long as you use iOS (Apple) or Android (Google) services you will never have any kind of privacy.

    First, using Gmail is not a good idea if you care about your privacy. Google is known to being reading email contents.

    Second, you buy the device, not the OS. so both Apple and Google will try to profit from you using their OS.

    Apple looks like is good for privacy, but I am afraid with iOS closed source there is no way to know. On iOS, app like TikTok can track the sh#t out of you even if you ask not to.

    And Android is focused around Google, so using it means give up on privacy. However, you can install GrapheneOS (Android ROM), which is much more secure and privacy focused.

    -2
You've viewed 44 comments.