If you install the duckduckgo browser and turn on app tracking protection, you'll see just how much data is harvested from mobile apps, which is genuinely scary.
This is why these sites are pushing the mobile app. It's much harder to prevent trackers through an app than it is through a web browser.
I just installed this and am trying the app tracking protection (it's in beta, for those reading who haven't used it). Shockingly, Candy Crush Soda doesn't come up with a list of junk being tracked. whew or something
Some of that seems unnecessary (device boot time). But it's not all scary spooky tracking. Some permissions/information is required for certain features.
For example, you can't rotate your app UI if you're not allowed to know screen orientation. Or maybe they do a low power mode if device battery is low, or a warning that the app might not function well if the OS or device is old.
Not saying you're wrong or that Discord is right. Just pointing out that a long list of permissions isn't on its own a bad thing, if those permissions are required for specific features, and not just for the sake of data harvesting.
This is why though I appreciate what DDG is doing, it's not informing users about the context of what these permissions are used for, leading to a lot of fear over the wrong things. The data may not even be leaving the device but the implication DDG makes is that it is.
As a side note, I prefer to use DNS66 to filter data and ads by domain, then manually set my Android app permissions as needed.
This is one hundred percent sensationalism. Just because the app pulls it doesn't mean that it's being used to track you down. It's probably just for crash reporting etc.
Lets also not forget the massive amount of OS versions, hardware variants, resolutions, and localisations apps like Discord need to auto-adjust themselves to work with. If it fails it will absolutely need that info in the report so devs can fix it.
A lot of these are just standard things that things like crash reporters pull. In other words, Discord probably included a crash reporter in their app, and it pulls things like memory usage, device state, os version, what orientation the device is in, etc so that when a crash happen, it can tag those to the developers. Those are all useful variables to the developers to understand what is causing the crash.
Tons of apps use crash reporters to keep their app stable. I'm sure most apps will pull the vast majority of this information. That doesn't mean that they're using it to track you.
Device boot time could be used for a user that clears their cookies to track and match sessions. Using that, and matching it with other information could give very reliable ways to fingerprint users.
I don't have specific info on what's harvested, but I have had mine active for a while and I'm at 300k tracking attempts blocked in the last 7 days. It's absolutely wild.
Edited to add - they don't specify what is being attempted, just what each company is known to track generally.
Yeah, don't be shocked. Without the blocker every app makes one successful attempt and just tracks, with the blocker they attempt again and again like a hamster running against a wall.
Some apps won't work with the blocker. I tried to block Chrome and after a while none of the apps I have installed would work, until I unblocked it.
Thank you! I can't believe that. So it basically wants to know literally everything about you. That's so disgusting and creepy. We need privacy laws that protect against stuff like this, yesterday.
I can see them requesting city, but beyond that, this is wayyyy too much.
How is DuckDuckGo Browser able to see what data other apps are trying to collect? I would have expected Android's app sandboxing to block that sort of thing. Does the device need to be rooted or something?
When you turn on app tracking protection, it activates an always-on VPN that funnels the trackers to a deadzone so that they can't actually phone home.