Back when I was a web producer at morning-times.com, my morning routine wasn’t just coffee and headlines. It was a chaotic dance of checking ad-tech tags, ensuring the Trinity Audio player was firing correctly, and troubleshooting scripts inside the BLOX Content Management System. I spent 11 years managing the gears that power local news, and let me tell you: the plumbing of the internet is much "leakier" than most people realize.
We’ve all been told to "just read the terms and conditions," but let’s be honest: that’s a joke. You’d need a law degree and a decade of free time to decipher them. Instead, let's talk about how you can actually spot when your data is being treated like a commodity.
What Exactly is Your Digital Footprint?
Think of your digital footprint as the permanent trail of breadcrumbs you leave behind every time you tap your screen. It isn't just what you post; it’s what happens in the background. Your footprint is generally split into two categories:
- Active Footprint: This is the intentional stuff. You post a photo on Instagram, search for a recipe, or subscribe to a newsletter. You are knowingly putting information into the system. Passive Footprint: This is the invisible stuff. It’s the data collected without you clicking "submit." Your IP address, your location, your device type, and—most importantly—the list of other apps installed on your phone.
When you use a news site powered by something like the BLOX CMS, the publisher is using those tools to keep the lights on. They use ad-tech to show you relevant local ads. But the line gets blurred when that data moves from the publisher to app permissions a third-party data broker. That’s where the "selling" happens.
Data Collection for Ad Targeting
Why do apps want to know your location or your contact list? It’s rarely because they need it to function. It’s because your data is a piece of the puzzle for advertisers. If an app knows you visited a car dealership, a gym, and a high-end grocery store in the same week, they can build a profile of your spending power.
In my days working within the TownNews/BLOX Digital ecosystem, I saw how granular the targeting could get. We wanted to provide relevant experiences, but the industry standard is to share anonymized chunks of user data with advertising exchanges. If you’re wondering if an app is selling your data, you’re really asking: Is this app making money off my behavior instead of just my subscription or my attention?
Permission Red Flags: What to Watch Out For
Apps love to ask for permissions that make zero sense for their function. I keep a running list on my phone of apps that ask for "weird" access. If a flashlight app wants access to your contacts, delete it immediately. Creepy, right?
Here are the biggest red flags to look for:
Permission Request Why it’s a Red Flag Microphone Access Unless it’s a voice recorder or a social video app, it shouldn't need this. Contacts/Address Book Commonly used for "social discovery," which is code for "harvesting your friends' data." Precise Location (Always Allow) This is the holy grail for data brokers. It tracks your movement history. Device ID/Advertiser ID This is how they stitch your activity across different apps.How to Check Your Privacy Toggles Today
Before you download another app, or even to audit the ones you have, spend five minutes in your phone’s settings. I do this every time I update my OS because sometimes those "updates" reset your privacy preferences to default.
For iPhone (iOS) Users:
Go to Settings > Privacy & Security. Look at Tracking. You should see a list of apps that have asked for permission to track you across other companies' apps and websites. Turn these OFF. Check Location Services and ensure you only have "While Using" selected for non-essential apps.For Android Users:
Go to Settings > Privacy > Permission Manager. Look for the permissions that look fishy, like "Body Sensors" or "Call Logs." Check Ads > Delete Advertising ID. This is a huge step in preventing your app usage from being linked to your profile.The Truth About App Privacy Policies
Stop looking for a document titled "We Sell Your Data." You won't find it. Instead, companies use corporate-speak. Look for these specific phrases in the "Data Sharing" section of the privacy policy:
- "We share data with our trusted partners to provide personalized experiences." "We may disclose information to third-party service providers who perform services on our behalf." "We share information with our affiliates for marketing purposes."
When you see "trusted partners," that usually means an ad exchange or a data broker. The Trinity Audio player and other embedded tools are generally used to serve content, but if a third-party SDK (Software Development Kit) is bundled into the app, that SDK might be collecting data independently of the app you actually think you're using.
What Should You Actually Do?
Don't panic and delete everything. Fearmongering doesn't help you actually use your devices. Instead, take these proactive steps:
1. Use the "Minimalist" Rule
If an app asks for permission to track, hit "Ask App Not to Track." If it forces you to accept tracking to use the app, consider if the app is actually worth the cost of your personal information.
2. Audit Your Permissions Monthly
Once a month, go into your settings. If you haven't used an app in 30 days, delete it. If you have an app that you rarely use, revoke its permission to access your location or photos.
3. Use Privacy-Focused Browsers
When browsing websites like morning-times.com, use a browser that blocks cross-site tracking by default (like Brave or Firefox). Even if the publisher is using standard tools like BLOX CMS, your browser can act as a shield against the third-party trackers trying to "tag" you as you move from site to site.
Final Thoughts
Data privacy isn't about hiding in a bunker; it's about setting boundaries. You are the customer, not the product. By double-checking your toggles and staying skeptical of apps that ask for the keys to the kingdom, you take back control. The internet is built on ad-supported models, but that doesn't mean you have to be an open book for every company with a login screen.
Check those permissions. Keep your list. And if an app feels "off," trust your gut. You’re usually right.