A research team at the University of Texas at Austin’s Center for Media Engagement have discovered that U.S. President Donald Trump’s re-election campaign app is more of a surveillance tool that collects an incredible amount of data about its users.

For those unaware, the Official Trump 2020 App has been downloaded from Google Play Store and the App Store more than 780,000 times since its launch in mid-April.  

However, it has been found that the Official Trump 2020 app asks for more than twice the amount of permissions in comparison to its competitor and Democratic presidential candidate, Joe Biden’s official campaign app, Team Joe. 

“Purpose-built applications distributed through the App Store and Google Play Store allow the Trump and Biden teams to speak directly to likely voters,” Jacob Gursky and Samuel Woolley, who are members of the center’s Propaganda Research Team, wrote in an article for MIT Technology Review.  

“They also allow them to collect massive amounts of user data without needing to rely on major social-media platforms or expose themselves to fact-checker oversight of particularly divisive or deceptive messaging.” 

Trump’s campaign app is meant to connect him with his supporters but instead, it looks to access user’s information, including Device ID, call information, calendar, location data, Bluetooth pairing, a USB storage as well as the ability to read, write and delete data. 

The app has access to:
Storage
-read the contents of your USB storage
-modify or delete the contents of your USB storage
Phone
-read phone status and identity
Contacts
-read your contacts
-find accounts on the device
Microphone
-record audio
Wi-Fi connection information
-view Wi-Fi connections
Location
-approximate location (network-based)
-precise location (GPS and network-based)
Identity
-find accounts on the device
Photos/Media/Files
-read the contents of your USB storage
-modify or delete the contents of your USB storage
Device ID & call information
-read phone status and identity
Camera
-take pictures and videos
Calendar
-read calendar events plus confidential information
-add or modify calendar events and send email to guests without owners’ knowledge
Other
-receive data from Internet
-Broadcast data messages to apps.
-control vibration
-change your audio settings
-full network access
-pair with Bluetooth devices
-prevent device from sleeping
-view network connections
-run at startup

In order to function, users are required to provide a phone number for a verification code, as well as their full name, email address, and zip code. They are also highly encouraged to share the app with their existing contacts. This is part of a campaign strategy for reaching the 40 to 50 million citizens expected to vote for Trump’s reelection.

Further, the app also has “News” and “Social” tabs that provide curated feeds of tweets and articles that emphasize the campaign’s talking points, but most of the messages, articles, and announcements inside the Trump app have no named author or sources from where they are cited.  

According to Gursky and Woolley, the app itself spreads “highly questionable or entirely disproven information.” Headlines include “Media Continue to Spread Debunked Theory About Tear Gas,” “Media Mask-Shamers Keep Getting Caught Breaking Their Own Rules,” and “Top 8 Moments from Joe Biden’s Embarrassingly Disastrous, Epically Boring Livestream.” 

In addition, Gursky and Woolley also point out about the Trump app’s use of Bluetooth, a request not made by Biden’s app, Team Joe.“The use of Bluetooth is especially notable because it can capture data and target people with political messages as they travel through a physical space,” they wrote.

They call the phenomenon “geo-propaganda.”

“As you walk past a beacon embedded in a campaign sign or some other part of the physical environment, you are recorded and identified through Bluetooth or similar means. This data is then used to build a profile that can be used to advertise to you or people like you,” they added. 

Researchers also found that the Trump 2020 app on the Google Play Store was built on an older version of Android’s operating system which has outdated security and privacy provisions.

On the other hand, Biden’s app Team Joe is designed primarily to get users to campaign for Biden to their contacts through its relational organizing, which consists of obtaining users’ contact lists and asking users to send personalized messages to friends, encouraging them to vote for their candidate.

“The Team Joe app is an organizing tool that allows you to text your friends in support of Joe and get updates from the campaign,” reads the app’s description on the Play Store. “We’ll let you know which of your friends and family members we’re hoping to talk to. You can then text them directly to share campaign updates, ask questions, and gather their thoughts on the 2020 race on behalf of our campaign!”

According to the researchers, the major difference between Trump and Biden’s app is that the former’s app asks for far more privacy permissions than the latter’s. 

“It wants to read your contacts and know your precise and approximate location (GPS and network-based). It requests the ability to read your phone status and identity (a vague permission that sometimes gives access to unique device numbers), pair with Bluetooth devices (such as geolocation beacons), and perhaps read, write, or delete from SD cards in the device,” wrote the researchers. 

Brian Krebs, who writes for the blog KrebsOnSecurity, told Salon, “People should think twice about downloading most apps. I’m not defending anyone’s practice of snarfing up all the data they can with these apps for that, but it’s fairly common and I’d wager that many, many people simply don’t pay attention to what permissions are being requested when they install these things.” 

LEAVE A REPLY

Please enter your comment!
Please enter your name here