No free app is really free. This is the larger point to take home from the brouhaha over app security; if you're not paying for the app, the app will most likely be trying to make money off you in other ways.
A new study of 250,000 apps by Cambridge University confirms this; of the free apps they randomly tested, 70% of them were collecting data that weren't relevant to the apps themselves. For example, the team at Cambridge found that in the comics category, 35% of free applications requested access to a user's location. Other comics apps collected user's phone number and contacts, messages, calendar and IMEI.
But the problem doesn't lie just with free apps. Even paid apps were snatching up user information; of those tested, 40% of them were collecting information that wasn't needed for the app to work.
So what's a feasible solution? How can app developers continue to make money off their apps without violating the privacy of their users? Well, Cambridge thinks that there needs to be two separate permissions granted when you download an app; one for the app itself and the other for the ad network. The problem with the current model, they say, is that developers are responsible for everything, including location, demographics and the rest, which they susbequently forward to advertising networks. However, while there are over 52,000 developers, there are only eight big ad networks. Regulations should clearly start with them, not the developers.
Source: Tech Crunch