Amount of trackers in the app - are you serious?

Ever since I’ve installed a firewall on my device, I have been shocked to which extent most apps send your data around.

When I look at the trading 212 app, I’m really stunned. I mean are you guys serious?

The firebase stuff is at least partially required for push messages. But the rest is just spyware like stuff because the app works fine without it.

This can not be legal in the EU.

3 Likes

Which ones are used by 212 app?

Most of those wont be by t212 in the first place.

The image shows all addresses the trading app is trying to contact. However all except the 2 green ones are blocked on my device.

Maybe they aren’t adding all by themselves directly, but then they should better consider which libraries to import.

What app are you using - I’m curious now. Perhaps it’s an App Store generically trying to track data. I have time tomorrow to play about and kill background apps to see what’s doing what :upside_down_face:

It’s the regular Trading 212 app from the Play Store.

If it’s the firewall you’re talking about - that’s Netguard from F-Droid.

There’s Google (android obviously), amazon (database), crash reports, trust pilot, Facebook, cloudfront.

Where is the issue? Those are all legitimate contact requests to ensure the app runs properly and when it doesn’t, they can figure out why.

1 Like

Parts of the Google addresses are for delivering push messages to the user. That was the one thing that I did not criticize.

I develop apps myself. Logs, crashdumps, etc. mostly contain user related data. Sharing that with 3rd parties is totally unnecessary. It just has become “normal”.

appsflyer
From Wikipedia: AppsFlyer is a SaaS mobile marketing analytics and attribution platform.
That doesn’t not sound like error fixing, but like collecting data.

That goes for Google Analytics as well. If it was not collecting user data, most EU websites wouldn’t need to ask you if it’s alright for you. Not even Google would allow you to opt-out to some extent if they knew it wasn’t collecting data.

With one exception that leaves us with those:
jsdelivr.net
trustpilot.com

I can again only emphasize that the app is running fine with seemingly ALL features working while blocking contact to ALL addresses from this post with the exception of *.trading212.com.

And this brings us to the last address: facebook
In what universe is this a legitimate destination for a financial app?

Most of these behaviours have just become normal nowadays. I can imagine the old days with shareware stuff when it was a common approach to either not transfer anything or to at least ask the user for his permission.
Hiding something in terms that have the size of a book is not really appropriate.

5 Likes

I had a vague recollection someone has raised this question before, unfortunately cant find the post.

3 Likes

To allow apps to keep working you need more than just ‘functionality’, T212 need to understand their clients usage of the app to determine where to go with improvements and bug fixes. Free app, free service, you provide usage data in return. Facebook also runs usage data to provide metrics for marketing to new potential clients.

To be fair, if something is in the terms, it’s not really hidden is it? Doesn’t matter how long the terms are, if you didn’t read it to check that’s on you as the user. Page 1 or page 101 it’s all the same.

Making an issue where there really isn’t one IMO.

2 Likes

Yep. Internet was simple, accessible and without tons of cookies and other trackers, data privacy wasn’t an issue, because we weren’t spied (besides the sporadic malware, e.g. trojans). Now, tons of hidden trackers for collecting our data to be sold to unknown third-parties, usually under of “analytics” label. It’s the IT and data scientists wet dream, data collecting at any cost, even without the user consent or at least inform him about the data collecting.

As most younger people and millennials only know the public info sharing reality with or without consent, they think it’s normal that their info and data are collected, usually by hidden/nontransparent schemes. That why the GDPR and other legal initiatives were created, and EU, US and other countries are becoming more stringent with the Big Techs, specially after the several Facebook scandals (e.g. Cambridge Analytica, a British “analytics” company).

1 Like

I think the opinion part here is what is ok and what’s not. I don’t want my data to go to facebook or other companies.

After all the trade app is not free. The company behind it makes money with the financial products, probably especially with CFDs and so. That pay for the app as well.

3 Likes

Nothing is free. If you don’t pay a monetary value, you pay in another kind of value. Data is an important commodity/asset.

Yep, we have seen the scrupulous business strategy from Facebook, with several scandals about their users’ data handling, the most visible is the Cambridge Analytica, under the excuse of “Analytics”. They have targeted and attempted (and achieved ?) to manipulate elections & referendums in several countries.

2 Likes

You realize that by using Android you literally give almost all of your data to Google? Google is gathering even more data than Facebook. Both companies are the horror when it comes to privacy. Just saying.

3 Likes

Why on earth does Trustpilot need my data?

There are some that’re ‘nice to have’ for the company, others are baffling and no doubt slow the app down, too.

That may be true for an off the shelf device. The operating system itself is open source and not spying. It only becomes an eavesdropping device through the stuff that’s installed on top.

That’s why I’m not using an off the shelf one, but a LineageOS flavor without any Google services installed and further tweaks to get out even the last remains of Google, like resolving an incoming call’s number to a city name.

I’m a bit astonished as to how many people even defend this data collection practice.

1 Like

Ok, so how do I limit that unnecessary data transfer (e.g. through t212 platform) ?

I don’t think there is an opt-out. At least I have not seen one.

In my case I’m using a firewall like Netguard. Find it on F-Droid or Google Play.

It costs 5 bucks, but to me it’s worth every penny. Without paying you cannot decide which traffic to allow or deny, but only choose if an app gets internet access or not in general.

1 Like

Which is fine if you know what you’re doing and blocking. Not so great if you don’t and block something necessary.

The majority of the internet (and include apps within that) will call on some of the same libraries if they use any of the common e-commerce/web storage/cloud hosting etc etc sites or even just some of the libraries for common bits of script/fonts/graphics/analytics. Or social media for logins etc.

Sure you can lock things down if you’re really that bothered…

there isn’t any cliche vagueness when it comes to apps

free app = you didn’t pay to download or install

free service = you are not charged to create an account or perform actions with the app.

most “free apps” contain microtransactions as standard, still a free app. so the platform fee’s regarding fx, exchange-side fees et cetera don’t make it anything special since they apply regardless of mobile app or web platform.


it was never the case that people “weren’t spied on” you simply had no way of knowing that you were. data collection before cookies, were accomplished by hardwired connections directly into the lines that transmit data, poor encryption practices and standards meant that data could be collected and later decrypted should someone care enough to process it.

as for FB royal screwup with CA, that’s irrelevant IMO, it has nothing to do with the processing of usage data and everything to do with their failure to restrict CA’s access to unwilling third parties. T212 isn’t trying to sway the next presidential election :rofl:


downloading and installing the app is giving your consent, additional permissions are then requested by the app when it reaches out to other services on your device and you are fully aware of whether or not you allow the connections via the popup requests and your access permissions in settings. opting out is simple, uninstall the app.