TL;DR: What you should do:
- Openly refuse apps, and vocally advocate for the web instead.
- Try not to install any apps if you don’t need to.
- If a service has a functioning website, use it instead.
- Revoke all permissions by default, including background location, microphone, and camera permissions for anything that doesn’t require them to function.
- Audit your installed apps. Uninstall all apps you don’t actively need.
- Treat every “download our app” prompt with skepticism.
For more information check out my Guide: A Very Basic Framework for Apps to Avoid
Most native apps collect far more data than their website equivalents ever could. They request permissions to hardware, sensors, and background processes that browsers deliberately restrict. The third-party software embedded in these apps frequently transmits your location, device identifiers, and behavioral data to third parties before you even see a consent prompt. This data is in tandem bought, sold, and aggregated by brokers. It has been used to out individuals, track immigrants, and enable prosecution over reproductive healthcare.
The White House App
On March 27, 2026, the Trump administration released an official White House app for iOS and Android. Within hours, two independent security researchers decompiled it and published their findings. [1] The app is a textbook example of everything wrong with the native app model.
Apple requires apps to submit a privacy manifest disclosing what data they collect. The White House app declared an empty array. Zero data collection. Meanwhile, the actual binary contained ten analytics frameworks, including the full OneSignal SDK with a sub-framework specifically for location tracking. [2] The GPS pipeline polled precise coordinates every 4.5 minutes in the foreground and every 9.5 minutes in the background, syncing everything to OneSignal’s commercial servers. A boolean flag in OneSignal’s server responses could remotely enable or disable GPS tracking without an app update and without Apple review.
An Exodus Privacy audit identified three embedded trackers, one of which was Huawei Mobile Services Core. [3] The app’s privacy policy, last updated January 20, 2025, makes no mention of GPS tracking, OneSignal, or background data collection.
Nearly everything in the app is available on whitehouse.gov. The app’s unique additions are push notifications, a pre-filled text message to the President, and an ICE tip button (also available on ice.gov). What it actually added at scale was a surveillance pipeline: 77% of the app’s network requests go to third parties, not whitehouse.gov.
The Software Embedded in Apps
Most people think of apps as products built by a single company. In practice, the average app is a thin wrapper around dozens of third-party software packages, each with its own data collection pipeline and commercial incentives. When you grant an app permission to access your location, every package embedded in that app inherits that permission. A single package can appear in hundreds of apps, feeding location data on millions of people to a single aggregator.
In January 2025, a hacker breached Gravy Analytics and leaked roughly 30 million location records collected from 3,455 apps — dating, fitness, gaming, and health apps among them. [4] The FTC subsequently banned Gravy Analytics from selling Americans’ location data, [5] but by then the data was already circulating on cybercrime forums.
In a separate case, Google paid $391.5 million to settle claims from 40 states for continuing to collect location data even when users explicitly disabled location tracking. [6]
Why Everyone Should Care
Governments are some of the biggest buyers. Military and intelligence agencies purchase location data from prayer apps, dating apps, and fitness trackers. [7] Immigration enforcement uses it to locate and detain people. Police departments buy it to surveil suspects, protesters, and entire neighborhoods — sidestepping warrant requirements entirely. [8] Courts have issued “geofence” orders demanding records on every device near a location at a given time, sweeping up everyone at a political rally, a school board meeting, or a gun show alongside any actual suspects. [9] After Roe v. Wade was overturned, law enforcement used location data to track trips to abortion clinics. [10] None of this required a court order, because the data was commercially available.
It’s not just governments. Employers buy location data to monitor workers. Stalkers and abusive partners exploit family tracking apps like Life360. Insurers, landlords, and advertisers all participate in the same marketplace. Data brokers sell information sorted by sensitive categories: people who visit addiction clinics, people who attend certain churches, people who go to gun shops and shooting ranges. [11] The same data that tracks someone to an abortion clinic tracks someone to a firearms dealer, and nothing prevents a future administration from using it to build an unofficial gun owner registry without passing a single law. Nothing prevents a foreign adversary from buying it either — China, Russia, or any nation-state can purchase American location data through the same brokers that sell to U.S. companies. [12] There are virtually no restrictions in the United States on buying, selling, or weaponizing this kind of data. There is no comprehensive federal privacy law. And there isn’t likely to be one soon. The best we can do is minimize the data we share in the first place.
What Apps Can Do That Websites Can’t
Update (May 22, 2026): This section has been updated with corrections from Alex Russell, who helped design many of the browser APIs that make these capabilities possible. His work on Project Fugu has been instrumental in closing the gap between native apps and the web — while keeping users in control. Thank you to Alex for reaching out and making this article more accurate. His work, and input is incredibly valuable.
The core argument for using the website instead of the app comes down to what each platform is technically capable of doing without your knowledge.
| Capability | Native App | Website / PWA |
|---|---|---|
| Background location tracking | Yes, can poll GPS continuously | No |
| Run at device startup | Yes | Yes (PWA, with user permission, never in background) |
| Access biometric hardware | Yes | Limited (WebAuthn, user initiated) |
| Modify or delete device storage | Yes | Limited (File System Access API, explicit user permission per file/folder) |
| Embed invisible third-party software | Yes, all inherit granted permissions | No, scripts visible in page source |
| Transmit data before consent prompt | Yes (common with third-party software) | Restricted by browser policies |
| Push notifications while closed | Yes | Yes (PWA, user opt in required) |
| Access contacts, call logs, SMS | Yes (if permitted) | Contacts only (Contact Picker API, explicit per-selection) |
| Prevent phone from sleeping | Yes | Yes (Screen Wake Lock API, with user permission) |
| Camera and microphone | Yes (persistent if granted) | Yes (per session, prompted each time) |
| Offline functionality | Yes | Yes (via service workers) |
The pattern is clear: where the web has closed the gap, it has done so with explicit user permission, visible indicators, and no silent background operation. Native apps inherit permissions across every embedded third-party package and can operate without the user’s awareness. The browser is the security boundary. Websites operate within it. Native apps bypass it.
The Access Provided by Default is Enough to Do Real Harm
The moment you install an app, before you allow a single permission prompt, it can:
- Reach any server on the internet
- Read your IP address, device model, OS version, timezone, country, carrier, and network type
- Generate and persist a unique identifier tied to your device
- Run code at device startup (Android) and wake up in the background
- Fingerprint your device by combining the above into a signature that follows you across sessions
- Grant all of this same access to every third-party software package embedded in the app
- Compare this data to other datasets to infer your identity, demographics, interests, and habits
The runtime permission prompts you actually see (location, camera, contacts) are helpful while annoying, but the majority of the default access permissions do not require your consent.
A website, by contrast, starts with almost none of this: no persistent identifier, no background execution, no third-party software inheritance, no startup hooks.
Some Things Need to Be Apps, But Most Don’t
Some things need to be apps. AR and VR, real-time games, anything talking to NFC or Bluetooth hardware, serious audio and video work, accessibility tools. These are legitimate cases where the browser sandbox is the limitation. In these circumtances, I personally use a full computer as opposed to my phone.
Almost nothing else qualifies. Your banking, your travel, your grocery store, the restaurant down the street — none of it needs an app. And rewards be damned. No rewards are worth the data you are willingly giving them.
Same goes for hardware. If a thermostat or a fitness tracker can’t be set up without a proprietary app, that’s a flaw in the product, not a feature. I immediately avoid such products. You’re buying an ongoing relationship with someone else’s servers and guaranteeing that you’ll forget that corporations are watching everything they can.
Conclusion
I avoid most apps. It turns out this is easier than most people assume, because the app is almost never the only option. It is just the option the company wants you to take and not enough people question.
We are at a very specific time in humanity right now. Where aggregating data is a currency, and it is actively being utilized at a scale never before seen. I recommend you at least take stock of what you’re freely giving away.
References
1. I Decompiled the White House’s New App (Thereallo, March 28, 2026) and Security Analysis of the Official White House iOS App (atomic.computer, March 27, 2026). Two independent researchers decompiled the app on Android and iOS within hours of release.
2. Security Analysis of the Official White House iOS App (atomic.computer). Documents the empty privacy manifest, OneSignal SDK with ten sub-frameworks, and the remote GPS toggle via server response.
3. Exodus Privacy Report: gov.whitehouse.app. Automated audit identifying three embedded trackers including Huawei Mobile Services Core. Additional context in Fedware: 13 Government Apps That Spy Harder Than the Apps They Ban (Sam Bent).
4. A breach of Gravy Analytics’ huge trove of location data threatens the privacy of millions (TechCrunch, January 13, 2025). For the specific 3,455-app figure, see Gravy Analytics leak: How to protect your location data (Kaspersky, February 18, 2025).
5. FTC Finalizes Order Prohibiting Gravy Analytics, Venntel from Selling Sensitive Location Data (FTC, January 14, 2025).
6. Google to pay $391.5 million in location tracking settlement with 40 states (TechCrunch, November 14, 2022).
7. Location Tracking Tools Endanger Abortion Access. Lawmakers Must Act Now. (EFF, December 6, 2024). Documents military, ICE, and law enforcement purchase of commercial location data.
8. Fog Revealed: A Guided Tour of How Cops Can Browse Your Location Data (EFF, August 31, 2022). Documents how Fog Data Science purchased billions of location data points from apps and sold access to local law enforcement agencies without warrants or public oversight.
9. Tracking Phones, Google Is a Dragnet for the Police (New York Times, April 13, 2019). Documents the Sensorvault database and geofence warrants sweeping up bystanders.
10. A mom and son are charged in Idaho after a teen is taken to Oregon for an abortion (NPR, November 2, 2023). Police used cellphone geolocation data to track the trip to a Planned Parenthood in Bend, Oregon.
11. Facebook Promised to Remove “Sensitive” Ads. Here’s What It Left Behind (The Markup, May 12, 2022). Documents how sensitive ad-targeting categories (race, religion, health, sexual orientation, political causes) persist in the ad-broker ecosystem despite stated removals. See also The Markup’s Blacklight tool for real-time third-party tracker inspection.
12. Data Brokers and the Sale of Americans’ Mental Health Data (Joanne Kim, Duke University Sanford School of Public Policy Tech Policy Lab, February 2023). Researchers purchased sensitive data on U.S. military personnel and mental health patients from data brokers, demonstrating that foreign adversaries could do the same. See also GAO: Internet Privacy — Additional Federal Authority Could Enhance Consumer Protection and Provide Flexibility (GAO, January 2019).