Chinese domestic media outlet SYcaijing reported on Monday that after testing Apple products’ new privacy feature, it was found that WeChat, Meituan, Baidu Maps and other popular applications continuously obtained users’ personal information by running in the background, revealing a risk of over-collecting users’ personal information.
On September 21, Apple officially released the official version of iOS 15, adding a feature called “Record App Activity.” Users can view records of apps’ processing of personal information, such as photos and location, by using this new feature and exporting records through third-party apps.
According to the screenshots of records sent by netizens to social platforms, some applications actually continuously obtain information such as photos and positioning when running in the background. For example, WeChat obtains photo information, while Meituan collects user’s positioning information. The public then questioned and worried about whether these internet applications violated personal privacy.
The test model used in the report is an iPhone X, and the system version is iOS 15.0. The test applications include those which Chinese users often use, such as Ele.me, Meituan Waimai, Dianping, Zhihu, WeChat, QQ, JD.com and Taobao.
The test found that in the first case, after opening WeChat, QQ, Baidu Maps and Meituan Waimai several times within a few minutes, they were quickly switched to the phone’s background operations, without using pictures, microphones and other functions. However, the results showed that these apps still read the corresponding information.
Among them, QQ and WeChat constantly require photos, contacts and positioning information; Baidu Maps constantly requires information such as positioning and microphone; finally, Meituan Waimai continuously obtains positioning information.
In the second case, after adding applications such as Ele.me, AutoNavi, Dianping, JD.com, Taobao, and Zhihu, all applications were switched to background operation, and the mobile phone was put aside for about 30 minutes. It was found that WeChat, QQ and Dianping would ask for location, pictures and other information many times during the period.
WeChat and Meituan have already responded to this matter.
WeChat said on October 8 that the iOS system enables developers to notify apps with photo updates. When the photo content is updated, it will notify the app, reminding it that it can prepare in advance, and the preparation behavior of the app will be recorded as reading the photos.
According to WeChat, the user authorizes WeChat to read the premise of “Photo Permission” to facilitate the user to quickly send pictures, that is, whenever the user saves a new picture and takes a screenshot, when entering WeChat to chat with friends and clicking “+” button, the latest stored picture will automatically pop up. WeChat uses this system capability to allow users to send pictures more quickly. This behavior is only completed locally on the mobile phone. The company promised that WeChat’s latest version will cancel this feature and optimize the photo sending function.
Meanwhile, on October 11, a technical engineer of Meituan said in an interview that apps can detect others’ activity and selectively display content after unilaterally reading the system operation log. When the permission is turned on and applications are kept running in the background, most mainstream applications will be detected by the software to frequently read user information, and the monitoring results are highly similar.