close

Onavo Data Shrinking App May Pose Privacy Concerns


Apr 30, 20119809Views10Comments

Onavo Privacy

Yesterday TechCrunch author Roi Carthy hailed a new app that he claims is a “must-have” for every iPhone data user: Onavo, a data shrinking app for iOS. But the obvious potential privacy issues with Onavo went right over his head.

Carthy goes so far as to suggest Onavo is “the very first app one should install” on an iPhone because of its remarkable ability to shrink your data and save you money on your wireless data bill.

But is there a catch to using Onavo? Yes.

Onavo Privacy

While Onavo’s ability to shrink your data is certainly impressive, remember that if something is too good to be true, it probably is, and Onavo is no exception.

Onavo iPhone Data Shrinking App

While Onavo does a fantastic job of shrinking your data — my own tests showed that Onavo reduced my data usage as much as 75 percent in some apps — it comes at a cost.

There is no monetary cost to using Onavo, as it is currently free, but you use Onavo at the expense of your privacy. To use Onavo requires you to route all of your data and personal information through a proxy so that it can be compressed.

Are you prepared to trust that Onavo, a previously unheard-of company, will handle all of the information you manage on your iPhone — your mail, your passwords, your credit card numbers — in a secure and responsible manner?

Although Onavo states in its privacy policy that it “will not store any content that you upload or download, such as message text, filled-in forms, and data that a website retrieved,” there nevertheless remain privacy concerns with Onavo.

Onavo still reserves the right to use certain “data in a manner that is attributable to you for a period of 6 months and will anonymize the data thereafter.” And they “may also share personally identifiable information with companies or organizations connected, or affiliated with Onavo, such as subsidiaries, sister-companies and parent companies.”

Given the recent outrage over Apple’s use of location data, you would expect iPhone users to be similarly concerned about sharing so much of their personal information with a small, relatively unknown company like Onavo.

Are you willing to trust Onavo with all of your important data?

Update May 1, 2011: Dvir Reznik, head of marketing at Onavo, replies in the comments: “We take our user’s privacy very seriously and store only the bare minimum necessary to support the service – all aggregated and anonymized. This is so that the app can report your savings, app usage, etc. We do not store any content such as messages, passwords, etc. Additionally, any sensitive content that is encrypted (HTTPS) can not and will not be processed by Onavo.”

Best iPhone Jailbreak Apps

Foursquare: Should a Company Owner Be the Mayor of His Own Venue?

7 Comments

  1. Can you please post the letters you have sent to your investors explaining how your company plans to make a profit for them?

    You public information shows you have some heavy hitter venture capital of the same companies that invested in google, facebook, etc. I’d like to know how they plan to make money. My preference is to pay for your service and have none of my data shared in any form.

  2. Even with the best Onavo’s intentions a breach of security could be an issue. This is why I stopped using google and moved to Bing. With the OS I already have no choice with Microsoft, why introduce my privacy to a second point of possible breach.

    Curious, how has a company of 16 employees managed to develop software since 2010 with no apparant source of income? I’d have a difficult time working for 3 years without a paycheck. Maybe Onavo needs to explain. I chatted with Motorola, one of their backers mentioned on their website. The person I spoke to was unable to verify and association with Onavo. I don’t know if that means anything, but you’d think if I did a search on their site for “Onavo” I might get a hit. The other companies mentioned? Well I have no idea who they are or if they are real.

  3. Hi,

    My name is Dvir, head of marketing at Onavo. Thanks for the review, glad to read you saw 75% savings on your data! Allow me to address some of your concerns, I’ll be happy to answer any other questions from you or the readers.

    Onavo is a VC-backed startup, aimed at helping users take back control of their phone’s data usage, understanding what’s costing them and helping to reign in these costs. You can read about our team here – http://blog.onavo.com/2011/02/meet-the-onavo-team/.

    Indeed, upon installing Onavo, it sets up your iPhone so that data you receive from the Internet is streamed through our cloud-based compression servers, which are located in datacenters operated by Amazon Web Services. The techies here will notice that the second step after installation prompts you to install a Configuration Profile – this includes a proxy setting, which is how this works.

    As to our business model, Onavo is currently free, a special time-limited offer following our launch on April 29th. In the future, the app will come at a cost. We will never sell the data or introduce ads into Onavo.

    With regards to data and privacy, we take our user’s privacy very seriously and store only the bare minimum necessary to support the service – all aggregated and anonymized. This is so that the app can report your savings, app usage, etc. We do not store any content such as messages, passwords, etc. Additionally, any sensitive content that is encrypted (HTTPS) can not and will not be processed by Onavo.

    If you have any additional questions or concerns, I’d be happy to answer, either here or on our support forum.

    Dvir.

    1. Thanks for your reply, Dvir. I can tell that Onavo is a well developed and worthwhile app, but I am just personally skeptical about sending all of my data through any one company’s proxy server. It’s nothing personal.

      I still currently have unlimited data from AT&T, however. I am sure that iPhone users who see real savings in their limited data bills will be pleased, and will hopefully be willing to trust you. But I think data privacy concerns could be a hurdle you will need to overcome with some people.

      I trust that your company is well intentioned and I wish you good luck.

    2. The question is, why should I trust your application? What guarantees do I get as a user that my privacy will not be invaded?

Leave a Reply to Dvir Reznik Cancel reply