Where were you in 2007? In January of that year there was a revolution in the world of technology: a new product was launched that changed the way we live our lives and how companies collect information about us. The iPhone was released and immediately received a huge amount of hype due to its numerous functions (telephone, music player, web surfing,..). People were enthusiastic about the compact mobile device and due to further developments and more providers, smartphones have become indispensable today: around 80 percent of the world's population now own one.
Mobile phone applications - or (mobile) apps for short - existed before the iPhone, but they only proliferated after the release of the smartphone. An app is a type of software that is mostly associated with running on mobile devices such as smartphones or tablets. Some apps are just copies of popular websites adapted to the smartphone display, other apps are standalone and completely new programs. When Apple opened its App Store in 2008, there were just 500 mobile applications for iPhone users. Today there are more than 2,2 million. In the same year, Google launched its own app marketplace, Google Play, which now offers around 3,5 million apps. More than 90% of these apps are available for free.
Everyone who uses apps pays a hidden price: the price for their own personal data. As we use them in our daily lives, apps collect information about us that they can use or resell. From browser history to phone contact list, little information is usually safe from them here. For example, the Personal Information the Applications collect about us may help third parties better understand their audience and reach them with targeted advertising messages. As data protection experts, the heyData team wanted to find out which mobile apps spy the most and are at the forefront when it comes to gaining access to personal data.
However, apps need to ask permission to access our personal data. However, it is not clear to many app users when this is the case. By accepting an app's terms of service without reading it, you may already be giving permission to access personal information. In other cases, nicely worded pop-ups like "We value your privacy" or "Help us improve" may actually be an app's request for permission to use the personal data. By analyzing hundreds of popular, freely available apps on Google Play, we found out which apps in Germany make the most requests to collect personal data. The result is the list of top spy apps!
The full list of top 100 spy apps can be found here here .
The aim of the study was to find out which apps make the most requests for access to personal data. In April 2022, we examined 250 of the most popular apps freely available in Germany on the Google Play app store, including social media, fitness, dating, music, news and traffic apps. Each available mobile application featured on Google Play has a corresponding landing page on play.google.com. These landing pages provide more information about the app, including the data that the app requires permission to access. This information can be found under the "Permissions" section.
We then recorded all the different permission requests, with the apps making the most access requests counting as the apps spying the most. The list of 250 apps was reduced to a final list of 100 total, which eventually here is available.
With the adoption of the General Data Protection Regulation (GDPR) in May 2018, the European Union set a milestone in the history of data protection that has received great international recognition. With the aim of achieving a common high level of data protection, rules for the protection of personal information have been standardized for the entire European Union for the first time. In a growing digitized world, in which theoretically every activity can be tracked and personal data generates high financial profits, the possibilities of individuals to control their personal information are limited. At this point, the regulation has created a dense network of rights and obligations that give consumers power and control over their data back.
heyData knows data protection from its daily work with companies. Therefore, three years after the introduction of the GDPR, we wanted to use this study to find out how close the European countries have come when it comes to the level of data protection and to discover which points still need improvement. To do this, we examined the majority of the EU member states, Norway, which also implemented the EU GDPR, and the United Kingdom, in which the regulation was in effect until Brexit.
The study focuses on five overarching categories, which we have evaluated in 24 sub-points using data and statistics from well-known sources, such as the European Commission or the Organization for Economic Cooperation and Development. A comparison of the EU countries was made possible by a simple mathematical point system. The result is the following data protection ranking, which shows the nations with the actually highest data protection level - Ireland, Germany and the Netherlands - at the top.
Data Protection Violations
% Increase in Data Protection Violations During Pandemic
Data Protection Strategy
Compulsory Voluntary Training
Fear of Data Abuse
Authority Over Data
The aim of the study is to evaluate the efficiency of data protection measures as well as the data protection competence of consumers in Europe and to compare them at national level. The objects of investigation are all member states of the European Union (with exceptions) as well as the United Kingdom and Norway.
Bulgaria, Croatia, Malta, Portugal, Cyprus, Romania, the Czech Republic and Slovakia had to be excluded from the study due to insufficient data and to enable a fair comparison between all nations.
For the study, all of the named nations were evaluated in the five research fields “Legal Regulations”, “Companies”, “Private Individuals”, “Data Protection Competence” and “Social Mood”. A total of 24 influencing factors contributed to the final result of the study. All influencing factors were selected based on their informative value in relation to the performance of data protection measures or the data protection competence of consumers.
The result is a ranking of the pioneering nations in terms of data protection. The study ended on May 15, 2021.
A complete presentation of the methodology with all definitions, data and sources can be found here (German version, English version)