Many of us rely on weather apps for travelling, but a security researcher, discovered that AccuWeather iOS weather app is potentially sending out the identifiable user and device information to a third-party company even when location data sharing is denied.
In Will Strafach’s research, he discovered that AccuWeather is collecting data through a third-party company’s SDK. This SDK, provided by RevealMobile, is marketed as a way to “help app publishers and media companies extract the maximum value from their location data.”
If a user were to deny the iOS location sharing request,
As of AccuWeather’s latest 10.5.2 version, a user could deny sharing their location and yet still be sharing unknowingly.
RevealMobile will still receive potentially identifiable information. Specifically, they would know the user’s Wi-Fi network SSID and could then track geolocation using Bluetooth beacons.
This practice by a different company appears to have previously caught the attention of the FTC.