A timely Android reality check
Using an extension to the Android operating system called TaintDroid, created by the team, they logged what the applications did.
This revealed that 15 of the apps sent location information to advertisers but did not inform users that data was being shared. Some apps gathered and despatched location information even when an application was not running and some sent updates every 30 seconds.
One application gathered data and sent it as soon as it was installed but before it was run for the first time.
TaintDroid also found that seven of the apps shared unique identifiers, known as IMEI numbers, when sending data. Others despatched phone numbers or SIM card serial numbers.