How does it work?
Your data is accessible to developers as it is stored in your device’s memory. This file contains information about the device’s unique identifying signatures, including things like MAC address, Android ID or IMEI number.
So there are protocols in place to protect against mining data.
Here’s the complete breakdown:
Google allows the collection of certain data, but developers are restricted from combining that data without prior knowledge and consent of the user. In addition, Google restricts developers from using those unique identifiers in the process of ad targeting. As a side note, more than 2 in 3 are known to collect more than those individual unique identifiers.
On the matter, “We take these issues very seriously,” Google says. “And we will take action when [apps] do not comply with our policies.” However, enforcing privacy policies that are not within its own networks has proven difficult for Google.
So, what’s to gain?
For a Google user, their individual data cost an average of nearly $200. Facebook users’ data is worth a little less, but still highly valuable. Furthermore, advertising finds iPhone users more valuable than Android users and subsequently will require a higher cost to reach the latter, which has led to documented cases of fraud.
The question is what type of fraud can be done through collecting the information stored in the Advertising ID of the average American?
Researchers identified 13 apps in a 2018 study, which were available in the app store, that only existed to install click fraud malware on users’ devices. Each app had over 500,000 downloads. The icons for such apps are hidden, making them harder to detect.
These researchers also found a similar situation in the Google Play store in which 22 apps with over 2 million downloads were undetected by routine security measures and firewalls.