Snowden's leak about spies tapping apps fires tech privacy debate

If you're not working in the technology industry, it might be a surprise to learn that tech workers are also shocked at the brazen theft of private and corporate data revealed by the Edward Snowden leaks.

The most recent revelation - that the NSA has been targeting analytics data from mobile app developers - is something very close to my heart because I am a mobile developer.

I use analytics to help improve my products and understand how users interact with them. At a basic level, analytics provide developers with the ability to see what sections of their app users access, how long they spend in sections, or how frequently they launch the app. For many developers this kind of benign, anonymous analytical information is crucial, as it helps them improve the functionality of their products. Snowden's leaks have revealed that apps like Angry Birds and others collect far more information about consumers than they would expect. This has been a point of contention in the developer community for some time now, especially with the rise of "free to play" or "advertising-supported" apps.

Obviously, developers would want to see some rate of return from the apps they're developing. Thus, many either collect this data to help target advertising they have in-app, or to on-sell to third parties. But what need does Rovio, the producer of Angry Birds, have for your specific location every time you decide to fling a pig at a bird? Conversely and more worryingly, if producers are making money from the on-sale of that data, what incentive is there to inform the consumer of this collection and to provide them with a mechanism to opt out? What considerations should Rovio be taking regarding the storage and security of that data?

Here's the worst-case scenario: say you download an app or a game that asks you to log in with your Facebook account and accesses your GPS information. If the app silently logs this info to the cloud in a manner that isn't encrypted, the NSA (or any other party for that matter), could easily have access to where you have been when you played the game, along with your full identity.

At a fundamental level, the mobile operating system you use can have an impact on this. Apple iOS applications are forced by the system to ask users for permission to access things like location, address book, photos and the like, and require user consent before the system will grant access. This consent is often given in the terms of service - which realistically, many don't even read.