Trump's 'America First' App Puts Users' Data at Hacking Risk, Experts Warn

The Trump app's privacy policy says that users who agree to share their contact data can rescind that consent later, however, users do not have a way to know if their data will be deleted from the campaign's servers.

by Hannah Wise, The Dallas Morning News / August 29, 2016

(TNS) -- Donald Trump's new campaign app "America First" may be putting its users' personal data at risk, experts say.

The smartphone app, released last week as a free download on the the Apple App Store and Google Play store, requests access to users' phone address books. Electronic privacy experts told ABC News that such a request provides the campaign vast amounts of personal data about users, but also information about those users' contacts.

The collection methods, while legal, leave data including phone numbers and email addresses susceptible in a data breach if the campaign is hacked.

The app's privacy policy, ABC News reports, says the Trump campaign "may access, collect and store personal information about other people that is available to us through your contact list and/or address book."

The Clinton campaign launched an app in July. Both the Trump and Clinton apps collect information about who is using the app, including the user's mobile network provider and phone manufacturer.

Trump's app requests access to a user's contacts during the initial registration process. Clinton's app requests contact book access when users choose to activate a sharing feature.

A phone's contact book often contains more than numbers and email addresses. Some include notes about a person's health, excerpts of emails, security codes, passwords and Social Security numbers.

"Trump's is asking to collect significantly more data, and not just data about you, but data about anyone who might be in your contact list," Nicole Ozer, technology and civil liberties policy director at the ACLU of Northern California, told ABC News.

Users often don't realize the extent of the information they are allowing a company, or in this case, a campaign to access.

"[Neither] the individual nor the app is making sure individuals in those contact lists knows their information is ending up in the hands of the campaign," Ozer said. "Just because you choose to use an app, doesn't mean that all the people you come in contact with want information about them shared with that campaign or that company."

However, the practice is legal.

"That you may betray your friends' privacy in doing so is a matter of your ethics, not the site's," Albert Gidari, director of privacy at the Center for Internet & Society at Stanford Law School told ABC News.

The Trump app's privacy policy says that users who agree to share their contact data can rescind that consent later, however, users do not have a way to know if their data will be deleted from the campaign's servers.

"The more data, the longer its retained, the more likely that something can happen to it," Ozer said. "That it ends up being used in a way that the individual did not intend or could end up being hacked or breached at some point down the line."

The Clinton privacy policy says that the campaign "takes reasonable measures to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction." No such language exists in the Trump app's privacy policy, ABC News reports.

©2016 The Dallas Morning News. Distributed by Tribune Content Agency, LLC.

Platforms & Programs