Spyware present on many iPhone Apps in a service offered to iPhone devs to a 3rd party company for statistics collected in the background from iPod touches and iPhones, including unique device ID, usage time and longitude and latitude.
* Every time you quit an application that integrates Pinch Media, the following data gets transferred to Pinch Media: iPhone UUID (the unique ID of your iPhone), Iphone Software release, iPod/iPhone version, a timestamp when application usage started, a timestamp when application usage ended and (if you allowed it) the longitude and lattitude values of your position. You can see the detailed data that gets send out to Pinch Media in the graphic to the left.
* If no active internet connection is detected, the usage data gets saved to an sqlite database for every session. The next time there is an internet connection available all that data gets send out to Pinch Media servers (beacons.pinchmedia.com).
* This all happens in the background. The user has no clue that data is send out to Pinch Media.
The co-founder of Pinch Media, the service in question, is quick out of the gate to respond to the post:
You might wonder if the data we collect is ‘personally identifiable’. There’s two pieces of data worth discussing – the UDID and the latitude/longitude coordinates. The UDID is tied to a specific phone, but can’t be traced back to a user’s identity – we’ve got no way to get your name or address from it, even if we wanted to, which we most certainly do not. The latitude/longitude coordinates are used only to provide high-level aggregated geographic reporting. So the application developer might learn that he has nine users near Berlin, but never anything about any individual. We also don’t let application developers send back personally-identifiable information using custom actions – in fact, we’ve turned people away who’ve wanted to do this. There’s not a single user’s phone number, name, or e-mail address stored in our system, and there never will be.