All apps, especially campaign apps from both sides of the aisle, are usually quite aggressive about getting users to enable all possible permissions. In the Official Trump 2020 App’s case, it has been revealed that developers were actually told to ignore user consent settings and access the user’s contact list anyways. The privacy concern lies in the fact that Phunware may have collected more information than they were allowed. The Associated Press reported:
“Two former employees said Knitowski told engineers to embed invisible tracking software to follow users’ behavior inside each app they built to boost Phunware’s offerings to campaigns.”
One of those ex-employees told AP:
“We were told they needed to be in every app to collect information for whatever we did, and the political vertical was one of those reasons. It would still go in even if the customer said they didn’t want it.”
Estimates vary but it’s very likely that Phunware has at least 27 million phone numbers of Trump supporters and those in the contact lists of Trump supporters. The Trump campaign declined to state what this private information will be used for in the future; however, a senior Trump campaign official emphasized to the AP under condition of anonymity:
“The data is owned by the campaign and limited whatever hit their servers […]”
This is always a possibility when you share information with appsIt’s worth noting that the official campaign app from President elect Joe Biden – Team Joe and later Vote Joe – also collected IP addresses, location information, and even contact lists; however if the user declined to consent to sharing this information, the app would respect that request as opposed to siphoning the information anyways with invisible code. It’s also worth noting that the official campaign app from Biden had orders of magnitude less downloads than the official campaign app from Trump.
MIT Technology Review made a table with a comprehensive list of the permissions requested by both official campaign apps: Access requested Trump 2020 Team Joe Phone identity Yes No Bluetooth pairing Yes No Read, write, or delete data Yes No Identity (find accounts on the device) Yes No Calendar Yes No USB storage Yes No Device ID and call information Yes No Receive data from internet Yes Yes Broadcast data messages to apps Yes No Full network access Yes Yes Control vibration Yes Yes Run at startup Yes Yes Prevent device from sleeping Yes Yes View network connections Yes Yes Pair with Bluetooth devices Yes No Change your audio settings Yes No
Official Trump 2020 App was meant to feed Cambridge Analytica with dataA former Phunware executive, Ian Karnell, explained to CBS News earlier this year that the data from the Official Trump 2020 App is a perfect fit for propaganda machines like that which ran the Cambridge Analytica scandal back when all this information was available from . Karnell recalled that tying all this information together for political purposes was part of the core pitch from Phunware to the Trump campaign. He told CBS News what he told the Trump campaign:
“We have this mobile graph that has years of device ID information that we’ve matched with voter records with some of the biggest voter record databases in the United States at that point. And we’ll be able to share that graph data back with you. You can extract that and leverage that.”
The thing with private information is that if it’s useful for politics, it’s definitely useful for advertising. The fact of the matter is that all of this data, willingly handed over by app users, is now undoubtedly on the market due to Phunware’s flailing financial status. While it’s obvious that this data would be useful in the 2024 election, it’s worth worrying about what all this data could be used for in the meantime. Big data wants its hands on that data, and there really isn’t anything to stop them.