The word "app" is frequently used, but these sound more like computer viruses with a friendly UI, no?
I think that's a pretty profound way to look at it, but under a broader rubric -- perhaps "User-friendly malware" would be a better euphemism. It's also an ideal way to describe things like Windows Update.
It's easy to imagine some of history's most notorious virus authors going straight, working for Facebook and Microsoft. More money, more respect, and the retirement plan beats going to prison.
In this case, we're specifically dealing with spyware - a common sort of malware where the malicious activity is invading the user's privacy.
Malware for sure. Like phishing: "fraudulent attempt to obtain sensitive information ..... by disguising as a trustworthy entity in an electronic communication."[0]
Provide first party services, intermediate between apps and ad networks and/or white list a handful of companies to provide these services that are audited and have separate contractual relationships with Apple.
I think a good idea would be to stipulate to Facebook, Google, and every purveyor of "analytics" SDKs that they need to serve iOS app developers and their users from EU subsidiaries that are subject to GDPR.
I am surprised that we don't have a FW on a phone - or an app that can be installed which I can force all traffic from the phone to pass through, with source-app and destination IP/App/Service - and choose to block the traffic we would like.
Are the devices capable of this?
If not rooted then use NetGuard (as mentioned in another comment). It sets up a local VPN on your phone to filter traffic.
Other apps also use the local VPN approach for different reasons, e.g. DNS66 allows you to specify your own DNS servers. You'll only be able to use one VPN app at a time.
Check out Exodus Privacy[1] to see what trackers are inside a certain app.
One could use F-Droid and Yalp Store[2] to try and have a bit more privacy on an Android phone and make it work without a Google account.
[1] https://exodus-privacy.eu.org/en/ [2] https://github.com/yeriomin/YalpStore
The law was clearly designed to deal with them. They continue to violate its principles. GDPR delivered tremendous collateral damage to raise these gates. But where is the pay-off? Is there preliminary footwork deploying? Or is Europe distracted by Italy et al?
But there is also the problem of developers that just don't care. Or, developers that think they care but can't even be bothered to research what a library they include in an application actually does. This is is something that the death of facebook will not solve.
GDPR has already been paid off, every day for every user both in the online and offline world is a victory, and examples of it was shown in the talk as well. How GDPR pushed developers to discover this issue and demand solutions for their own apps. How facebook improved the ability for developers to be privacy conscious etc. (hardly by choice, but even they didn't think they could get away with less)
[1] https://www.theregister.co.uk/2018/05/25/schrems_is_back_fac...
[2] https://www.ft.com/content/86d1ce50-3799-11e8-8eee-e06bde01c...
[0] https://media.ccc.de/v/35c3-9941-how_facebook_tracks_you_on_...
I find it insane how I can visit Agoda in a private tab. Search for hotels. Visit 2 of the hotels. Then switch to Facebook and almost immediately get adverts for exactly those 2 hotels...
