More and more “bundled” applications that conflict with data protection regulations

Have you ever wanted to know who blocked you on Instagram? Or how many videos have you watched on TikTok? So-called “wrapped apps” claim to be able to do all this. You collect data from social media and create an overview of, for example, the number of followers, the number of likes and the most viewed stories and posts for the whole year. However, the transmission of data in this context is often not without consequences.

One of the best-known annual bundle reviews are those of Spotify. A few years ago, the music platform first created a list of the most listened to songs and the hours spent on them. This overview is displayed at the end of November or beginning of December each year.

The biggest difference between Spotify and other platforms is that Spotify collects the data itself. By creating an account you agree to the Terms and Conditions. Many other apps on the market are made by smaller, unknown companies rather than the parent companies of Instagram or TikTok.

For example, Wrapped Labs’ Wrapped for Instagram app, which hit the top 10 on the App Store earlier this month. This allows you to see who your “best friends” are and also who has blocked you.

This is dangerous, said social media expert Roos van Vugt on NPO Radio 1’s De Nieuws BV program earlier this month: “When you have to log in and enter your account name and password, you are completely giving away your data. “Hackers can use this to defeat themselves.”

Wrapped for Instagram is no longer available on the App Store, but if you search carefully, Wrapped 2023 will appear. This app offers almost the same concept, but users do not need to enter a password or username.

The company behind the application wants you to download data from your TikTok or Instagram account and then upload it to the application as a zip file. You will then see a video with all the important points.

However, according to technology expert Danny Mekić, information about who is behind the development is not contained in data protection regulations. “It looks very suspicious. It is not clear which company you are dealing with.” Among other things, it refers to the email address with a 0 sign in front of the Instagram brand.

While doing further analysis, Mekić also notices the “Tik Tock” typo in the App Store. To him, this is a reason to be vigilant.

“I cannot say for sure whether they are illegally collecting users’ data as they claim to be. However, I would advise people not to use this app.” The main reason for this, according to Mekić, is data protection regulations that do not comply with the GDPR, the European rules on the processing of personal data.

A spokesperson for the Dutch data protection authority says they have not received any complaints about bundled apps, but warns that users should generally be careful when downloading apps that collect data.

According to social media experts, users who still want an annual overview should check who developed the app and read the data protection terms. “And if in doubt: delete the app and change the password,” says Roos van Vugt.

Source: NOS