
Despite privacy outrage, AccuWeather still shares location data with ad firms - uladzislau
http://www.zdnet.com/article/accuweather-still-shares-precise-location-with-advertisers-tests-reveal/
======
marksomnian
Classic corporate response. They're sorry because their analytics shows that
brand sentiment will increase by x%, and they don't even need to mean it.

Happy customer of Dark Sky here.

~~~
willstrafach
Dark Sky actually addressed this topic recently with some additional
information. Good read.

[https://blog.darksky.net/location-
privacy/](https://blog.darksky.net/location-privacy/)

~~~
ausvisaissues
Just deleted AccuWeather. I am 100% convinced by the blog post -- but the
DarkSky App is unfortunately not available outside USA.

I really wish that the user could selectively switch on or off what
permissions an app receives -- Instead of a blanket list of permissions at the
install. For instance -- "lie to the App and give location obly within 100m".

~~~
tgb
The problem was actually wifi information (which can be used to infer
location) not location. What OS are you using that you can't choose
permissions individually for an app? I forget which version of Android got
that but it's at least a couple years old at this point. The other benefit
being that it installs updates without having to ask for you permission, then
when the app needs a permission, it asks you if you want to grant that
permission. And you can go to Settings->Apps->[The App]->Permissions to
enable/disable them individually later.

------
rosstex
Yesterday, I uninstalled AccuWeather. This morning, I happily connected a game
to Facebook to play with friends. Then I read this article. I'm such a
hypocrite.

~~~
throwaway2048
Being a hypocrite dosent make you wrong, or your actions meaningless. After
all everyone is responsible in at least a tiny way for most of societies
systematic ills, but that dosent mean that speaking out, and acting out
against them is stupid, pointless or self defeating.

------
Too
Uninstalling the horeshit is easy, trusting the replacement app is the next
problem.

Anyway, there is an easy fix. Both Android and IOS allows you to disable GPS
permissions for specific apps. Just disable it and add your home town as
favorite. 1. Weather reports aren't _that_ local. 2. You rarely travel
frequent enough that this becomes an inconvenience, and if you are traveling
that frequent, you are more likely interested in the weather at your next
destination rather than current location.

~~~
on_and_off
Some apps check their permission at each start.

I recently started dating a chinese gal and she insists we communicate through
wechat.

At this point, I must have at least 10 chat services on my phone, what's one
more ?

Unfortunately, it asks for many permissions at the first startup and checks
them everytime.

Also, it displays an annoying popup over the mic icon in order to make me give
it that permission too ..

I have just stopped using that app. Unfortunately this kind of issue never
gets a lot of attention and I feel like I sound like a tinfoil conspirationist
when I explain that I don't want to give my location and contact list to
random companies.

~~~
pavel_lishin
iOS or Android? On Android, if I tell an app "no" enough times (2?), the
system UI offers me a checkbox: "never ask about this again".

Although I suppose the app itself can show "please enable" messages outside of
the system UI...

~~~
on_and_off
I have not checked on iOS but I guess the app has the same behavior there
since the 2 platforms privacy models are now pretty similar : At each startup
(and also maybe at each screen display, I have not checked that far) the app
checks its permissions.

It first displays a full screen splash (already a big nono for a messaging
app, these must load quickly) during that time. If it misses either contacts
or localization it will ask for these.

Since it checks each time, even if you accept at first and revoke afterward,
it will still ask again the next time you use the app (and revoking
permissions understandably restarts the app).

Of course you can refuse them permanently but then the app will be stuck on
that screen with a popup asking you to activate these permissions.

So far, it is the only messaging app I have seen with such an aggressive
approach to critical permissions.

It can also be argued that the app does not need any of these to offer its
core feature.

------
ve55
If as a user, these types of things anger you, please just stop using the
product.

These practices will continue to get worse as long as users put up with it.

~~~
jacquesm
Then you might as well stop using your smartphone and all 3rd party apps on
it.

The vast majority contain SDKs which tattle your whereabouts, contacts and
other interesting tidbits to advertising networks.

~~~
Silhouette
_Then you might as well stop using your smartphone and all 3rd party apps on
it._

...Is probably the right answer.

Unfortunately, if you want a phone that actually works these days, you're
basically stuck with iOS or Android devices, and all the junk that implies.

If I could buy a modern dumbphone that just works as a phone, with decent
components so it has good reception and reliability, and ignore the whole
smartphone fiasco altogether, I'd do it in a heartbeat.

~~~
arca_vorago
I do cyagenomod(lineageos) with all the Google stripped out. A terminal, ssh,
Firefox mobile, and a YouTube apk with ads stripped. This is why privacy
respecting Foss and the four freedoms are important. Eventually people will
wake up as the surveillance state becomes more abrasively obvious to even the
lay-user.

~~~
kogepathic
_> and a YouTube apk with ads stripped_

Doesn't the YouTube app still rely on Google Play Services?

Anyway, if you still want to watch YouTube without Google, I'd recommend
NewPipe on F-Droid. [0]

It's awesome. You can download videos to local storage for later watching,
play music headless in the background, and there are no ads!

[0]
[https://f-droid.org/packages/org.schabi.newpipe/](https://f-droid.org/packages/org.schabi.newpipe/)

------
Spooky23
Well, yeah. This is the company that lobbied hard to restrict release of
public research (ie NOAA mapping data). Of course they are scum.

------
lettergram
Although, I like their service - just uninstalled. Peace.

Didn't even realize this was happening until this article. But seriously, we
should consider enacting laws against this. For advertising purposes they
shouldn't need anything more than a city location. Even then, there should be
an option to turn it off.

~~~
hex-m
EU GDPR: "Valid consent must be explicit for data collected and the purposes
data is used for."

~~~
Silhouette
But the GDPR doesn't come into effect until May next year.

------
jasonkostempski
No one ever needed the location feature of weather apps in the first place, we
can't even travel fast enough for it to be worth the extra battery
consumption. Put a link on your home screen to search "Weather <zip>" in a
search engine you're not logged into and make sure your browser isn't sharing
it's location. Go someplace new, type in the new zip or, if you don't know the
zip, city. Staying for a while? Make a new link on your home screen.

~~~
bandang
best option is to just learn to read metar/taf.

------
fencepost
What I'm curious about is the best way to test this in other apps - the stock
weather app on my phone pulls data from AccuWeather, but do they also have the
problem features?

Pretty sure I can monitor what IPs my phone is connecting to with some of the
routers I have access to, monitoring the actual packet data itself is a bit
more troublesome - and may not be useful if it's encrypted.

------
JustSomeNobody
I have avoided AccuWeather since they worked with Santorum in 2005 to try and
avoid "competing" with the NWS.

------
whitepoplar
This might be a good time to share what is (in my opinion) the absolute best
weather app for iOS: Hello Weather. It's minimal, functional, and beautifully
designed.

------
qzervaas
Maybe there needs to be an extra level of compliance for apps that are
straight-up. (Like PCI compliance)

Opt-in, but you get a special badge on your App Store listing.

------
notadoc
Deleting such an app seems like a reasonable solution.

The iPhone has a built-in Weather app, why bother with another that is sharing
location data?

~~~
ddinh
The iPhone does. The iPad does not. Why Apple hasn't made an official weather
app for the iPad yet, I have no clue.

~~~
jerrre
Same with the calculator app

------
sccxy
iOS and Android should offer location precision setting for each app.

If GPS location is: [47.49233343443, 19.05412443234]

Then it should offer to round it [47.5, 19.1] for some apps.

~~~
danpalmer
Alternatively, the OS could allow you to set your city (or region/state/county
perhaps) and just return this as the GPS location for certain apps. i.e.
choosing London could return a fixed 51.5073509, -0.1277583 for all users who
chose London.

------
gramakri
Worries me that the request is made with http and the screen cap has some
items blacked out.

~~~
willstrafach
That was just to redact sensitive information.

~~~
gramakri
Of course. I am worried that sensitive information is being sent via HTTP.

~~~
willstrafach
Oh for sure. This ad provider uses plaintext in other apps as well, definitely
not good.

------
edwhitesell
I really hope this helps drive privacy laws in the US to favor the consumer.
Please share these articles with everyone you know.

------
redthrow
Why not just search "weather _city_ " on Duckduckgo and bookmark the page?

------
nerd7473
Why can't we all use FOSS? Oh yeah, people are greedy...

------
Buge
>the cost-per-mile metric for advertisers.

So advertisers pay more the further I travel? Do they factor in MPG and gas
prices?

------
known
I prefer wttr.in

