Why does RunKeeper send my information out to marketers?

I’m an ex-RunKeeper user and this is why. Simply, RunKeeper sends out my personal information to kiip marketing, without my explicit consent and I’m not happy about it…

Using basic technical networking skills, I found the XML data being sent out to kiip directly via my iPhone.

The following XML output sends out my precise location, device & OS information, session, timezone, unique ID’S, my carrier, connection type and also the fun loving “is my phone rooted or not”… Beautiful, just beautiful.

{
“location”: {
“lng”: -73.47732282250512,
“lat”: 45.44339274526149,
“time”: “2014-10-13T21:40:28.728″,
“accuracy”: 10
},
“app”: {
“app_key”: “6cd3803ca0c6ea40c80cb77aa9121fb3″,
“version”: “4.9.3”
},
“session_id”: “1BA74D29-BB7E-4418-A608-9DA7F456B1B0″,
“user”: {},
“connection”: {
“carrier”: “Rogers”,
“type”: “WIFI”
},
“date”: “2014-10-13T21:40:28.704″,
“source”: “application”,
“events”: [{
“id”: “session_end”,
“start”: “2014-10-13T21:38:08.409”,
“end”: “2014-10-13T21:40:28.704”
}],
“sdk”: {
“capabilities”: [“real”, “share”, “promos”, “passbook”],
“name”: “Kiip iOS”,
“version”: “2.0.8”
},
“device”: {
“id”: “c1976429369bfe063ed8b3409db7c7e7d87196d9″,
“timezone”: “America/Montreal”,
“locale”: “en_CA”,
“resolution”: “414×736″,
“os”: “8.0.2”,
“rooted”: false,
“lang”: “en”,
“identifier_for_vendor”: “B3248DBE-852C-4088-AC76-61F2BF65D997″,
“kiip_uuid”: “4B9D3CD8-3BB6-4E9B-87F0-A918F02326C0″,
“manufacturer”: “Apple”,
“density”: 3,
“model”: “iPhone7,1″
}
}

Not cool RunKeeper, very “not cool”.

And Apple, what’s up with that?

2 thoughts on “Why does RunKeeper send my information out to marketers?

  • First of all – I don’t use runkeeper, whatever.

    If I was using runkeeper would I give a shit about this? Hell no.

    This is basic information that is sent by any app that is using any kind of advertisements or reward programs – which is what kiip is doing?

    Also, lots of this information could be gathered by services like Crashlytics which is used to help developers collect crashes by an application.

    What information in this do you deem “personal”?

Leave a Reply