Skip to content

Latest commit

 

History

History
74 lines (53 loc) · 5.25 KB

PRIVACY_MANUAL.md

File metadata and controls

74 lines (53 loc) · 5.25 KB

🕵️ Privacy Examination Manual 🕵️

This manual provides a step-by-step guide for examining Android apps manually in terms of privacy. By following these steps, you can assess apps using the εxodus tracker finder, F-Droid Anti-features, and their privacy policies.

Step 1: Access εxodus Privacy Tracker Finder

You can access the εxodus Privacy Tracker Finder in two ways:

  1. Download and install the εxodus Privacy Tracker Finder from the Google Play Store or F-Droid. Once installed, open the app and allow any necessary permissions.
  2. Alternatively, visit the εxodus using a web browser to access the tracker finder without installing the app.

Step 2: Analyze the App with εxodus

  1. In the εxodus Privacy Tracker Finder app or on the website, search for the app you want to examine.
  2. Open the app's report in εxodus to view its privacy analysis.
  3. Take note of the number of trackers and permissions found in the app.

Step 3: Review F-Droid Anti-Features

  1. Visit the F-Droid website or install the F-Droid app on your device.
  2. Search for the app you want to examine.
  3. Check if the app is available on F-Droid. If it is, view the app's information page.
  4. Look for any Anti-Features listed on the app's information page. These may include:
    • Ads - advertising
    • Tracking - tracks and/or reports your activity to somewhere, even when it can be turned off
    • Non-Free Network Services - promotes or depends entirely on a non-free network service
    • Non-Free Addons - promotes other non-libre apps or plugins
    • Non-Free Dependencies - needs a non-libre app to work (e.g. Google Maps, Market)
    • NSFW - contains content that the user may not want to be publicized or visible everywhere
    • Upstream Non-Free - upstream source code is not libre, and this version has those parts replaced or rewritten
    • Non-Free Assets - non-libre media in things that are not code (e.g. images, sound, music, 3D-models, or video)
    • Known Vulnerability - known security vulnerability
    • Disabled Algorithm - signed using an unsafe algorithm
    • No Source Since - source code no longer available, making new releases impossible

Step 4: Check the App's Privacy Policy

  1. Visit the app's official website, the app's information page on the Google Play Store or F-Droid, or the app's source code repository (e.g., GitHub, GitLab).
  2. Look for a link to the privacy policy, typically found in the app's description, the app's settings, or the developer's website.
  3. Read the privacy policy and take note of the following:
    • What data is collected by the app (e.g., personal information, usage data, etc.)
    • How the data is used and stored
    • If and how the data is shared with third parties
    • Any options for users to control their data

Step 5: Compile Your Findings

Combine the information gathered from the previous steps to create a summary of the app's privacy aspects. This may include:

  • εxodus report: (number of trackers, number of permissions)
  • F-Droid Anti-Features: (list of Anti-Features found)
  • Privacy Policy: (summary of the privacy policy)

By following this manual, you can examine Android apps' privacy aspects manually.

Step 6: Example

VLC

VLC

VLC software does not use any user account, and does not collect any user data, when working. VideoLAN does not collect any data, nor any telemetry, when VLC is being run. However, some limited personal information could be collected or shared in 3 precise cases:

  • during the crash report process,
  • during updates checking,
  • for metadata retrieval.

There is also an archived version of the list of apps that is no longer maintained.