Your favorite apps may be collecting more than you imagine. Many overreach—tracking location, search history, and usage habits unnecessarily. Some build unauthorized databases of personal data, while others have been caught spying on users even after logouts. Across the world, major app developers have been fined, sued, banned, or investigated. In today’s data economy, information is gold—and the next privacy scandal is never far away.
Apple’s Privacy Paradox
Apple has long branded itself a privacy-first company, but its App Store remains a wild frontier. Every day, millions of apps operate there—some barely toeing, others boldly crossing, the lines of acceptable data practices. Apple’s automated malware screening doesn’t guarantee privacy once an app is installed. In fact, a 2025 NowSecure report found that 75% of iOS apps tested contained both sensitive data and tracking domains—a chilling statistic for privacy-conscious users. From system apps to third-party downloads, the temptation to push data boundaries runs deep.
Siri
Siri illustrates how Apple’s own privacy promises can falter in practice. In 2019, contractors revealed they were reviewing Siri audio recordings—including private conversations and intimate moments—to “improve performance.” After public outcry, Apple apologized, introduced an opt‑in process, and restricted reviews to employees.
But Siri’s troubles didn’t end there. Accidental activations still occur, sometimes recording without consent. In 2025, Apple paid $95 million to settle a U.S. lawsuit over these recordings. Meanwhile, French investigators have launched a criminal probe into possible eavesdropping—threatening Apple’s hard-won privacy image.
Google Chrome
Apple devices aren’t immune to privacy issues when you use Google apps. Chrome, the world’s most popular browser, has drawn scrutiny for its misleading “Incognito” mode. Despite the name, data from private sessions was still collected, as confirmed by a 2024 class-action settlement requiring Google to delete billions of records.
Then, in September 2025, a federal jury ordered Google to pay $425 million for unlawfully tracking devices—including iPhones—even when users opted out. For a company built on advertising and analytics, “private browsing” remains a murky term.
Facebook and Instagram
Meta’s dual giants, Facebook and Instagram, remain frequent offenders. Their “consent or pay” model, forcing Europeans to either share personal data or pay to avoid tracking, was deemed unlawful in 2025. Meta was fined €200 million, only one of several penalties the company faced that year.
The violations stretch back years: mishandling minors’ data, exposing contact details publicly, and ignoring consent rules. Across multiple continents, Meta’s data empire continues to face backlash for treating user privacy as a negotiation point, not a right.
TikTok
TikTok’s explosive growth has been matched by persistent privacy concerns, especially over its links to China. In 2025, it was fined €530 million for allowing staff in China access to European user data. Several Western nations now ban the app from government devices, fearing state surveillance.
Even beyond geopolitics, TikTok’s data collection practices—recording keystroke patterns and behavioral signals—raise concerns. While marketed as user “experience optimization,” these measures blur the line between safety and surveillance.
DoorDash
DoorDash’s data appetite rivals its food delivery speed. The app requests access to location, contacts, browsing history, and even financial data—far more than necessary to deliver your dinner. California fined the company $375,000 in 2024 for sharing users’ personal details with marketers without proper consent.
Though DoorDash later agreed to improve privacy disclosures, lawsuits have continued, highlighting a troubling industry pattern: trading convenience for personal exposure.
VPN Apps
Free VPNs may appear to protect privacy but often do the opposite. Research from Zimperium zLabs in 2025 found that many free iOS VPNs logged sensitive data, lacked valid privacy manifests, and requested unnecessary permissions. When you route all traffic through such a service, the provider essentially sees everything.
Instead, Apple’s Private Relay offers basic IP-hiding for iCloud+ users, while reputable paid VPNs like Norton or ProtonVPN deliver true anonymity without selling user data.
LinkedIn markets itself as a professional platform—but behind the résumé polish lies aggressive data gathering. It collects contacts, device identifiers, and behavioral data to target ads. In 2024, the Irish Data Protection Commission fined LinkedIn €310 million for illegally profiling users through behavioral analytics and training AI models on personal data without consent.
For professionals seeking opportunity, this underscores a modern truth: even career networks can capitalize on your clicks.
Cleaner Kit and Other “Utility” Apps
Cleaner apps promise optimized storage but often double as data harvesters. A 2025 Surfshark study found that 70% of top cleaner apps on the App Store shared user data—including identifiers and location—with advertisers and brokers. Cleaner Kit, Cleanup, and similar apps request permissions that far exceed their basic functions, showing how even simple utilities can compromise privacy.
Protecting Your iPhone Data
Absolute privacy on any smartphone is unrealistic, but users can limit exposure. Review every app’s permissions in Settings, revoking access to anything not essential for functionality. Enable Advanced Data Protection for iCloud backups to maximize encryption.
Ultimately, the tradeoff between convenience and privacy persists. As long as personal data remains a commodity, apps will keep pushing boundaries to collect it—often faster than regulations can respond.
