Stop foreign-owned apps from harvesting your personal data

You might not think twice about that flashlight app you downloaded or the cute game your grandkids recommended. Yet with a single tap, your private data could travel halfway across the world into the hands of people who profit from selling it. A growing threat is emerging as foreign-owned apps quietly collect massive amounts of personal data about you, and older Americans are among the most vulnerable.

The hidden cost of “free” apps

We all love free apps. Whether it’s a shopping deal finder, a weather tracker, or a photo editor, they make life easier. But many of these “free” tools aren’t really free; they just don’t charge you money. Instead, they collect your personal information and sell it to make their profit.

A recent study revealed that over half of the most popular foreign-owned apps available in U.S. app stores collect sensitive user data, including your location, contacts, photos, and even keystrokes.

Some of the worst offenders are apps that seem completely harmless:

• Flashlight and weather apps that track your GPS location 24/7.
• Shopping apps that collect purchase history, payment preferences, and home addresses.
• Casual games that request access to your camera and contacts for no logical reason.

These apps often share data with data brokers and ad networks overseas, where privacy laws are weaker and accountability is nearly impossible.

Foreign-owned apps collecting your data

Recent studies have flagged a number of popular foreign-owned apps for collecting far more data than users realize. Many of these come from China or other countries with weak privacy laws, where U.S. oversight is limited. Apps like Temu,Shein, AliExpress, CapCut, Alibaba, and DramaBox have all been cited for accessing broad information such as contacts, photos, and precise location data, sometimes sharing it with third-party networks. Even messaging platforms like Telegram and photo-sharing apps like ABPV (America’s Best Pics & Vids) have been found to gather user details that go well beyond what’s needed for their features.

TikTok has faced the most scrutiny of all. Its parent company, ByteDance, is based in China, which led to questions about foreign data access. In response, TikTok launched Project Texas, moving U.S. user information to Oracle-run servers on American soil and adding more internal controls. While these changes improve transparency and limit overseas access, TikTok still gathers plenty of behavioral and device data for ads and recommendations. If you use it, follow these steps to adjust your privacy settings.

Why retirees are prime targets

If you’re retired, you may already be on dozens of public databases like voter rolls, real estate listings, and charity donor lists. Combine that with information harvested from apps, and scammers can build a frighteningly detailed profile of your life.

They can see:

• Where you live and who lives with you.
• What medications you search for.
• What causes you support or charities you donate to.
• What devices you own and which banks you use.

From there, they can craft highly convincing scams like fake donation requests, Medicare scams, or phishing texts that look eerily personal. Some even use your social media photos to mimic family members in “grandparent scams.” And it all starts with what you allowed that “harmless” app to access.

Signs your data might already be exposed

You don’t need to be a tech expert to spot the warning signs. Here’s what to look for:

• Unfamiliar charges or new accounts in your name.
• An increase in scam calls or texts, especially with personal details like your city or bank.
• Emails from foreign domains claiming to offer rewards or urgent account updates.
• Ads that seem to “read your mind,” which show up right after you talk about something offline.

If you’ve noticed any of these, your information is likely circulating through data brokers who purchased it from app networks.

How to stop the data drain

You can take back control of your data starting right now.

1) Audit your apps

Go through your phone and delete any apps you don’t use regularly, especially free ones from unfamiliar developers.

2) Stop data brokers from trading your info

Even after deleting risky apps, your personal information may already be circulating online. This is where a data removal service can make a massive difference. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice.  They aren’t cheap, and neither is your privacy.  These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites.  It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet.  By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

A service like Incogni can help you remove all this personal information from the internet. It has a very clean interface and will scan 420+ websites for your information and remove it and keep it removed. Plus Incogni has received third-party assurance from Deloitte validating its entire data removal process.

The longer you wait, the more data brokers spread your personal information online. I recommend Incogni to help you remove that data automatically (and they make sure it stays removed) without any effort on your part.

Exclusive Deal for CyberGuy Readers (60% off):  Incogni offers a 30-day money-back guarantee and then charges a special CyberGuy discount for all annual plans only through the links in this article for as low as $6.39/month for one person (billed annually) or $13.19/month for your family (up to 5 people) on their annual plan. This fully automated data removal service provides ongoing protection from 420+ data brokers, and if you choose the Unlimited plan, you can also request removals from specific sites where your personal information appears.

I recommend the family plan because it works out to only $2.64 per person per month (or $4.80 per person per month if you get the Family Unlimited plan) for powerful year-round privacy protection. It’s an excellent service, and well worth trying to see how much of your information is being exposed and how effectively it can be removed.

Get Incogni here

Get Incogni for your family (up to 5 people) here

Is your personal information exposed online?

Run a free scan to see if your personal info is compromised. Results arrive by email in about an hour.

3) Check permissions

Open your settings and review which apps have access to your location, contacts, or camera. Revoke any unnecessary permissions immediately.

4) Avoid “foreign-owned” apps that request extensive access without a clear reason.

Always read the privacy policy (yes, it’s tedious but eye-opening). If an app asks for permissions that do not match its purpose, like a calculator wanting your location or a flashlight needing camera access, that is a major red flag. Many foreign-owned apps hide behind vague privacy terms that allow data to be transferred to overseas servers where U.S. privacy laws do not apply.

5) Use official stores only

Stick to the Apple App Store or Google Play Store for downloads. Avoid third-party sites that host cloned or tampered versions of popular apps. Look for verified developers and check privacy ratings in reviews before installing anything new.

6) Keep your device and apps updated

Updates close security holes that hackers exploit through malicious apps. Turn on automatic updates so your phone and apps stay protected without you having to remember.

7) Turn off ad tracking

Limit how much of your activity is shared with advertisers. 

On iPhone:

Go to Settings → Privacy & Security→ Tracking and toggle off “Allow Apps to Request to Track.” 

On Android: 

(Settings may vary depending on your Android phone’s manufacturer) 

Go to Settings → Google → Ads (or Settings → Privacy → Ads) and choose “Delete advertising ID” or “Reset advertising ID.” This action removes or replaces your unique ID so apps and advertisers can no longer use it for personalized ad tracking.

This step stops apps from following you across other platforms and building data profiles about your habits.

Related Links: 

• 5 Privacy terms everyone needs to know
• Lawsuit targets Chinese tech in home security cameras
• Don’t use your home Wi-Fi before fixing these security risks

Kurt’s key takeaway

Foreign-owned apps are the new front line in data harvesting, and retirees are the easiest targets. But you don’t have to accept that your private life is public property. It’s time to take back control. Delete the apps you don’t need. Lock down your permissions. And let a data removal service erase your data trail before scammers can use it against you.

Have you checked which of your apps might be secretly sending your personal data overseas? Let us know in the comments below. 

FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

This article was created in partnership with Incogni

Copyright 2025 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.