Apr 7th, 2011

Pandora has long been under the microscope for its unsual list of permissions it requests of users who download their applications. Some things – like the need to read contact data and your phone identity – just don’t seem necessary for a simple streaming music service. What are they doing with this sort of power?

One security firm – Veracode – did their own analysis of the application and pulled together some interesting results. Pandora takes your birthdate, gender (these are given whenever you sign up for a Pandora account), and more sensitive information such as your Android ID and your GPS location and sends it all to what looks to be advertising agencies.

It seems to be some sort of ploy for better ad targeting. We’ve never been mad at that – we love when Google does it, in fact – but why does Pandora feel the need to hide this from everyone? I personally don’t mind that having access to and sending that stuff to advertisers to better target ads, but at least say you’re doing it.

Covering your intentions up with black tarp just makes you seem guilty and shady.  (Note: Pandora has openly admitted to collecting this data, but when questioned why the company only said it was to better personalize the music experience for the listener.) What do you folks think? Do you even care? [via Ars Technica]