AccuWeather’s iOS app may be up to something fishy. Security researcher Will Strafach published a warning about the popular weather app’s behavior on Medium and users appear to be paying attention.
According to Strafach’s Medium post, the AccuWeather app requests location permission from users not to provide up customized location-based weather data but to send some quite specific geodata to a third party company called RevealMobile. That includes:
- “Your precise GPS coordinates, including current speed and altitude.
- The name and “BSSID” of the Wi-Fi router you are currently connected to, which can be used for geolocation through various online services.
- Whether your device has bluetooth turned on or off.”
Notably, turning off location data for AccuWeather doesn’t do much to limit the app’s reach. As Strafach’s Medium post notes, “If you do not grant AccuWeather access to your GPS information, it will still send your Wi-Fi router name and BSSID, providing RevealMobile access to less precise location information regarding your device’s whereabouts. This practice by a different company appears to have previously caught the attention of the FTC.”
RevealMobile appears to specialize in mobile revenue and leveraging location data for ad targeting. “The value lies in understanding the path of a consumer and where they go throughout the day,” the company explains in a blog post on its homepage. “Traveling from home to work to retail to soccer practice to dinner is vital to knowing the customer, and represents the new opportunity of mobile location data.”
TechCrunch has reached out to AccuWeather for more insight and will update the story as it develops.
Featured Image: RossHelen/Getty Images