Incogni, a personal data removal service and data privacy company, has released a new report examining how the most popular workplace applications collect and share employee data. The study, “Workplace apps are watching, keeping tabs, and sharing what they learn,” finds that modern work apps gather an average of 19 data points per user and frequently share that information with third parties, often for advertising or marketing purposes. This number is lower than that of Facebook and other major social networking platforms, but the difference is that workplace apps are often mandatory.
Darius Belejevas, head of Incogni, said employers are increasingly blurring the line between the personal and professional by implementing Bring Your Own Device (BYOD) policies and requiring employees to install multiple workplace apps. Many of these tools access a wide range of sensitive personal data, including contact details, financial information, and even precise location. The leading workplace apps have been downloaded in aggregate over 12.5 billion times on Google Play, highlighting just how much data could be exposed if something goes wrong, Belejevas said.
To compile the report, Incogni researchers analyzed a selection of commonly used workplace applications, examining the types of data collected, whether that data is shared with third parties, and the stated purposes for its use. The study also reviewed publicly reported data breaches and security incidents associated with each app or its parent company.
Key findings from the report:
- Gmail is the most PII-hungry app, collecting 26 distinct data types, including approximate location, app interactions, and user IDs.
- Notion shares the most personal data with third parties, passing along eight types, including names, email addresses, user IDs, device IDs, and app interactions.
- Zoom Workplace and Microsoft Teams stand out as the only apps collecting precise location data, one of the most sensitive data types.
- Workday is the only app in the study that doesn’t allow users to request deletion of their data, a notable gap for an HR platform that collects user IDs and location data.
- Todoist is the only app studied that has not been linked to a past data breach.
The report also points to clear differences in how apps handle data. Communication tools and email platforms tend to collect the most information, while productivity apps are more likely to share data with third parties. In both cases, the result is the same: a detailed picture of user behavior, preferences, and activity.
I hope you’ll help support Apple World Today by becoming a patron. Almost all our income is from Patreon support and sponsored posts. Patreon pricing ranges from $2 to $10 a month. Thanks in advance for your support.
Also, check out my daughter-in-law’s “Scattered Words” website if you’re interested in unique, handcrafted jewelry made out of an array of vintage dictionaries, books, and even a few antiques.
