Pandora, a free Internet radio service that streams and recommends songs, recently announced the company has been served a subpoena as part of a federal grand-jury investigation over how personal data is shared among smartphone applications. Although results from the Federal investigation aren’t in yet, Internet security firm Veracode decided to conduct its own research.
VeraCode says “your personal information is being transmitted to advertising agencies in mass quantities.” Veracode puts its allegations into context, saying, “consider for a moment that your current location is being tracked while you are at your home, office, or significant other’s house. Couple that with your gender and age and then with your geolocated IP address. When all that is placed into a single basket, it’s pretty easy to determine who someone is, what they do for a living, who they associate with, and any number of other traits about them.”
Veracode claims that its own tests revealed that the Pandora app for Android is tied to advertisement libraries for AdMarvel, AdMob, comScore (SecureStudies), Google.Ads, and Medialerts. The study also took at look at what kinds of data Pandora is storing in these libraries. GPS system locations, user birthdays, genders, and postal codes were among the types of information the app has been giving away.