Video chatting app Houseparty has boomed in popularity in the last two weeks, but experts say users could inadvertently be sharing more personal data than they realize.
“Anybody who decides to use the Houseparty application to stay in contact during quarantine needs to be aware that the app collects a worrying amount of personal information,” Ray Walsh, digital privacy expert at the U.K.-based ProPrivacy, said in a statement to Digital Trends. “This includes geo-location data — which could in theory be used to map the location of each user.”
The app, which launched in 2016, reported 2 million downloads last week alone and has become particularly popular among teenagers, who use its informal structure and games to socialize while socially distancing to stop the spread of coronavirus, officially known as COVID-19.
But many users don’t realize how much information Houseparty gathers on its users, Walsh said. He was particularly concerned about what kind of data would be collected if a user were to link a Houseparty account to any other social media accounts that could further collect data from users.
It’s also possible that the U.S. government could begin surveilling the app because of its use of geolocation and popularity, he added.
“If the pandemic continues for any prolonged period, the chances that apps like this could be placed under surveillance to monitor how COVID-19 is spreading is a very real possibility,” Walsh wrote.
Gehan Gunasekara, an associate professor in commercial law at the University of Auckland, told Radio New Zealand that Houseparty was a “Trojan horse.”
“You’re essentially allowing this app to access your smartphone and your smartphone tells a lot about you, your movement, your locations, your contacts, how often you contact people, who you communicate with, and they’ll be able to basically track your every move,” he told the site.
Data and privacy expert Suzanne Vergnolle said in a Twitter thread on Houseparty’s privacy and permissions that the app was also likely not compliant with the European Union’s General Data Protection Regulation (GDPR).
Vergnolle added the app was tracking users by default and said requests for data deletion may or may not be honored.
Houseparty hasn’t updated its privacy policy since June 2018, two weeks after GDPR was implemented.
Houseparty did not immediately respond to a request for comment from Digital Trends.
Epic Games, the makers of the massively popular online game Fortnite, bought Houseparty in June 2019.
The CEO of Houseparty, Sima Sistani, at the time said in a statement that Houseparty and Epic “have a common vision to make human interaction easier and more enjoyable, and always with respect for user privacy.”
But Epic Games has previously been under the microscope over privacy concerns of its own.
According to the open-source privacy tracking website PrivacySpy, Epic Games has a dismal 2.3 out of 10 rating for its privacy practices, including allowing third-party access to personal data, and not notifying users in the event of a data breach. The Epic Games store also ran up against the European Union’s then-newly implemented GDPR rules in 2018.
Fortunately, it’s not hard for users to mitigate Houseparty’s lax privacy settings. ProPrivacy noted that users can simply turn location data off and make any and all chat rooms private.