Pandora has long been under the microscope for its unsual list of permissions it requests of users who download their applications. Some things – like the need to read contact data and your phone identity – just don’t seem necessary for a simple streaming music service. What are they doing with this sort of power?
One security firm – Veracode – did their own analysis of the application and pulled together some interesting results. Pandora takes your birthdate, gender (these are given whenever you sign up for a Pandora account), and more sensitive information such as your Android ID and your GPS location and sends it all to what looks to be advertising agencies.
It seems to be some sort of ploy for better ad targeting. We’ve never been mad at that – we love when Google does it, in fact – but why does Pandora feel the need to hide this from everyone? I personally don’t mind that having access to and sending that stuff to advertisers to better target ads, but at least say you’re doing it.
Covering your intentions up with black tarp just makes you seem guilty and shady. (Note: Pandora has openly admitted to collecting this data, but when questioned why the company only said it was to better personalize the music experience for the listener.) What do you folks think? Do you even care? [via Ars Technica]
Personalize the music to me based on my location and my contacts?!? Great! I’ll just rename all of my contacts Kenny G and Barry Manilow and see what happens. (I’m being totally facetious.)
Not sure how much you may travel but what plays on the radio or what people like does vary from location to location no matter what you listen to, so it’s still a real possibility that it is used for this
Not such a big deal by todays industry standard, I guess. As we all know, many other companies sell that and even more….I dont like it, but doctors,software companies, phone companies, internet providers…etc…etc…do it and dont even lay out disclaimers in regard to privacy…At least not in the readable print
I will say this, I really appreciate Google for being so open about it and I like the way Google does it.
this whole thing of privacy is seriously blown out of the water. I’m pretty sure someone could get more info about my “personal stuff” off facebook. every one gets scared shitless when something asks for too much permissions. QQ moar.
It’s like Yelp. Why does Yelp need access to my contact data?
So that’s why Pandora wants me to buy a Tempur-Pedic when I’m listening before I fall asleep.
Clever.
This is no big deal. So what if the ads know my location and Android ID, at least this means that Pandora will have enough money to better improve their apps.
Plus, this is probably almost nothing when you compare it to some of the other apps, such as Angry Birds wanting even more personal information.
It would be nice if Google would provide tools in Android to control apps and your privacy better. . . instead of the XDA community coming up with it.
Did anyone really think they were collecting data to start up the next haulocaust? No… well except for all those idiot conspiracy theorists. To this very day I don’t see why GPS data is such a big deal. It isn’t sending a pinpointed location of where you are anyway, just your viscinity (ie city). People need to get over this invasion of privacy kick here in the states.
But they ARE planning the next holocaust. Pandora plans to numb our minds with annoying 80s pop songs, then blast us all to oblivion with the GPS controlled lasers they’ve attached to the various satellites orbiting Earth!
*puts on tin-foil hat*
I have to agree with some of the above commenters. There’s no reason Pandora needs to have my phone’s contacts or anything other than what I gave it on the site, the radio station info I set up, and I can see needing GPS (although it’s not too good a service on the GPS — it keeps giving me ads that are from a large city about 1.5 hours south of me!!) for ad rev. But what information related to my musical tastes do they gain from seeing my phone’s contact list??
I don’t know if they actually do this or not, but my guess would be to use your friend’s musical tastes to further influence your stations. If a friend has a similar station set up with slightly different songs thumbed up I can see them trying those songs on you as well based on your friendship.
for the record your android id isn’t sensitive information.
+1
“People need to get over this invasion of privacy kick here in the states. ”
You need to get educate yourself about privacy in the states.
Some folks just can’t grasp the concept of privacy.
Even if you don’t want it for yourself, don’t get upset because other people do value their privacy.
I’m willing to bet that if an organization was so interested in personal information there’s mountains of discreet shady ways they’d go about doing it without the risk of the populous finding out.
I personally don’t mind if a company collects my information…so long as they tell me why they’re doing it and what it’s for.
…and give me an option to say no if I don’t agree with their motives.
yeah i read the response and deleted the app. everyone knows you can not hide but to throw out such a shady response was lame and an insult to a situation that is bad enough for the consumer as is it.
Until they start sending my rough GPS coordinates to HK bots and sending letters of condolence to all my contacts i’m not that fussed.
To del…lmbo….getting my tinfoil ready too…
Sigh i just wish i could install Pandora.
This all comes back to the basic “buyer beware”. If you’re installing an app and the permissions it requests seem unreasonable to you, don’t install it. Instead, ask the developer why the permissions are needed. If you don’t get a satisfactory response… don’t install it.
When I flashed a third party ROM onto my Droid, one of the things I missed from the stock installation was QuickOffice. I went looking for alternatives in the Market and found ThinkFree. For some reason, ThinkFree wants permission to read my Gmail. When I asked the developer about this, I got this as a response: “Thank you for contacting ThinkFree Support. We will respond shortly with an answer to your question.” That’s the last I heard from them on the subject. Needless to say, ThinkFree never made it onto my phone.
If you willingly install an app from a developer who claims to use your contact information to better personalize your listening experience, they’re not the only one at fault if your privacy is violated.
This is not a pandora thing but an industry thing. Nearly all the useful apps capture certain data. Same goes for websites. Pandora is above board about it… They ask you to register and for the other info. They provide a free service that rocks (literally). How else would they use the data but to target advertising and make sure to know it’s you so they can deliver you your stations.?
Unacceptable to use my location without asking explicit permission. Uninstalled.
Couldn’t care less if some ad company knows where I live…It’s not like they are going to be raping me in a dark alley……yet.
Lol it asks for permission before you install it you retards
Your privacy when out the door when the internet when on line ……….
How great is it that Phandroid pust a download link for Pandora at the bottom of this article? :D