Islamic Apps and Data Privacy Scandals

Remember the shocking news that broke in November 2020 about Muslim Pro? If you don’t, here is a quick reminder. Muslim Pro’s maker allegedly sold user location data to a broker who subsequently supplied the data to U.S. military contractors.

Although there are plenty of Islamic apps that respect the privacy of their users, it did not take long before another Islamic app made the news for all the wrong reasons. This time Salaat First was making the headlines for selling Muslim granular location information to Predicio, which is linked to a U.S. contractor that works with the U.S. Immigration and Customs Enforcement (ICE) and the Federal Bureau of Investigation (FBI).

So far, app creators have enjoyed a relatively lax environment when it comes to privacy and data restrictions compared to other online platforms. However, that’s about to change drastically. 

Google Rolls Out Google Play Data Safety for Android Apps

In May 2021, Google announced that their Play Store was going to roll out a “Data safety” section. The new section will be fully functional and available with full developer adoption, set for July 2022.

With the transparency that the “Data safety” section offers end users, issues like the Muslim Pro and Salaat First scandals will be a thing of the past for Android apps. Play Store has made it compulsory to list which data collected from consumers is being stored and for what purpose. 

New Policy Gives Your Customers Control

The best part of this new policy is that consumers can see the data being collected and decide whether the app needs this data to function or not. If you look at the Muslim Pro and Salaat First apps’ functionality, they would need the granular location of the Muslim customer to give him or her accurate directions to Makkah, which is a requirement for the five daily prayers.

However, Google also requires app developers to inform users whether their data is being shared with third parties. App developers must also be transparent with the security/handling practices (e.g. in-transit data encryption) of their applications and inform end-users that they can easily ask for their data to be deleted.

Deadline Day

“After July 20, 2022, all apps will be required to have completed an accurate ‘Data safety’ form that discloses their data collection and sharing practices (including apps that do not collect any user data).”

Source: Google Policy Center

Data types covered in the new section feature:

• Location
• Personal info
• Financial
• Health and fitness
• Messages
• Phones and videos 
• Audio files 
• Files and docs
• Calendar 
• Contacts 
• App activity
• Web browsing
• App info and performance
• Device or other IDs

Data Collection

As the developer or owner of your Islamic app, you must be clear on which of the data types mentioned above are being collected, meaning: transmitted via your app from a user’s device.

Be aware that even data that is not explicitly associated with a specific end-user, but is linked to a unique ID that could be reasonably reassociated to that person, must be disclosed. Any data processed in memory without being stored is exempt from disclosure, under the condition that it is retained for a period that does not exceed what’s necessary to handle the specific request in real-time, and is not used for any purpose other than service the request.

Note that the new policy does not consider data to be collected under two scenarios:

• Data that is accessed and processed locally on the end user’s device, within your app
• Data that is encrypted end-to-end before being sent from the end-user’s device

Advertise Your Islamic App to Muslims Online

Besides your technical and data safety concerns, exposure to the right Muslim audience is paramount to your Islamic app’s success. Muslim Ad Network has more than a decade’s experience in serving ads to Muslim consumers.
We have helped hundreds of organizations reach over 250 million Muslims in 190 countries and served over 1 billion ads. Contact Muslim Ad Network today and let us discuss how we can work together to reach your desired Muslim audience

The post Google Play Store Data Safety – What it Means for Your Islamic App appeared first on Muslim Ad Network.

Muslim Pro User Data Scandal – A Betrayal

On the 23rd of November, 2020, The Los Angeles Times reported “Muslims reel over a prayer app that sold user data: ‘A betrayal from within our own community’

By now, if you are a user of the Muslim Pro app, you already know of the scandal. If not, here is a refresher:

Muslim Pro is the most popular Muslim app in the world. It has features that make it easier for Muslims to practice the many daily rituals prescribed in Islam.

The app’s qibla compass shows mobile devices the direction towards the Kaaba in Makkah, Saudi Arabia, for the daily prayers. Another feature is the in-app Quran which usefully lets Muslims pick up reading exactly where they left off. The app also has a counter that tallies the days of fasting during Ramadan. Muslim Pro even makes listings available to guide users to halal food in their area.

You can easily see why this app has been so popular among Muslims.

Now it turns out that the app’s maker, BitsMedia allegedly sold user location data to a broker called X Mode. They in turn sold that information to contractors. X Mode’s client list has included U.S. military contractors, the tech publication Motherboard (Vice)  first reported last week.

Source: Los Angeles Times

According to Motherboard who broke the news first on November 16th,

The U.S. military is buying the granular movement data of people around the world, harvested from innocuous-seeming apps, Motherboard has learned. The most popular app among a group Motherboard analyzed connected to this sort of data sale is a Muslim prayer and Quran app that has more than 98 million downloads worldwide.

Muslims all over the world are denouncing Muslim Pro and some have put forward lawsuits against the tech company behind the app. However, the damage has already been done.

Muslim Pro Denies it Sold Muslim User Data

The day after the Motherboard report, on the 17th of November, 2020, The Straits Times – an English flagship daily of Singapore Press Holdings – reported that the Singapore-based developer of Muslim Pro, Bitsmedia, denied allegations that it is selling Muslim user data to the United States military.

Bitsmedia explained that it will be terminating its work-relationship with its data partners. Miss Zahariah Jupary, Head of Community  for Muslim Pro explained:

As one of the most trusted Muslim apps over the last 10 years, we adhere to the most stringent privacy standards and data protection regulations, and never share any personally identifiable information.

According to Motherboard, the US military bought Muslim Pro’s user data through a third-party broker: X-mode. The data is reported to include:

• location information
• user Wi-Fi network name
• timestamp
• information about the phone the app was installed on

Miss Zahariah defended Muslim Pro’s position by explaining that they had started working with X-Mode only four weeks prior to the Motherboard report. However, the question is, why would you work with a data broker in the first place?

The Ultimate Lesson Every Organization Needs to Grasp

I know what you are probably thinking. Even if you are not consciously thinking about it, it’s in the back of your mind. You and many others, including us at MAN are thinking: “ Miss Zahariah, didn’t you read the contract that X-mode presented before you signed it; how could you not know?”

When news broke that Cambridge Analytica illegally collected user data from millions of Facebook users, we all asked that same question. Smart  Data Collective explains:

“It’s crucial for other companies to look at Facebook’s example and realize the reactive approach isn’t preferable. Would the social media platform have focused on privacy if the scandal hadn’t happened? Probably not.”

The same goes for Muslim Pro: them cutting ties with X-Mode is futile, the damage has been done, and as mentioned before, why work with a data broker in the first place?

So what’s the ultimate lesson? User privacy should be a priority from the start. As an organization, you can’t just wing it and hope nothing bad happens, because it will and news will come out that will ruin your reputation irreversibly.
Work with third parties that are transparent and clearly define their privacy and user policies. If you are looking to amplify your brand by targeting Muslims online and not have to worry about your user’s personal data being sold, give us a call or send us an email.

The post The Ultimate Lesson From the Muslim Pro User Data Scandal appeared first on Muslim Ad Network.