Why you can trust ZDNET : ZDNET independently tests and researches products to bring you our best recommendations and advice. When you buy through our links, we may earn a commission. Our process

'ZDNET Recommends': What exactly does it mean?

ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.

When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.

ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.


Big tech is actually doing all this with your personal data. True or false?

Every app you use and every website you visit collects data from you. But do you know what data they take? Let's find out.
Written by Jada Jones, Associate Editor
using a phone

Your personal information is most at risk when data is pieced together from multiple sources.

d3sign/Getty Images

The internet makes life a lot easier. You can ask your Alexa-enabled device to order Panera, use ChatGPT to build your resume, and have any item delivered to your doorstep with a few clicks. However, all these luxuries come at a price more lucrative and valuable than anything money can buy: your data. 

Also: The US government buys your user data. Here's what it does with it

Yes, your data is very valuable. It helps companies target you with ads, allows the government to track your digital footprint, and makes a lot of money for third-party data brokers. 

Your data is collected by every app and website you frequent. The collected data can be information that you knowingly divulge, like your name, date of birth, and shipping address; or it can be data you indirectly disclose, like your IP address and your contacts. 

Your personal information is most at risk when data is pieced together from multiple sources. For example, data brokers can combine public data like DMV records or your credit history with other data purchased from social media apps and retailers to identify you. Once brokers have your full identity, their databases become a target for hackers, who can sell all of your information on the Dark Web. From there, identity theft becomes a real possibility.

Also: The best identity theft protection and credit monitoring services

Okay, enough with the scary stuff. As I said, every app you use and every website you visit collects data from you. But do you know what data they take? Let's play a game and see what you know. 

Below, I'll present scenarios taken from the privacy policies of popular apps and websites, and you'll decide if it's true or false. Let's go! We'll start out easy first.

Round one:

TikTok may provide your name, phone number, password, or metadata associated with when, where and by whom your content was created to third-party payment processors and transaction fulfillment providers.

young person using TikTok
Matt Cardy/Getty Images


TikTok can provide some of your personal information to payment processors and transaction fulfillment providers, like PayPal and Stripe. Because TikTok does not have a payment processing feature, it uses a payment gateway.

These gateways take your credit card information, account number, and the cardholder's name and send it to the bank to which your card is connected. Then, a payment processor notifies the bank that the transaction is occurring. 

The bank will confirm if you have enough money to make the purchase, and your purchase will be approved or denied. This is the same process used by TikTok and your bank to detect fraudulent transactions.

Round two:

When you enter a physical store, Walmart may collect your biometric information such as your face geometry, fingerprints, or retina and iris imagery.

Bloomberg/Getty Images


When you visit some of its stores, Walmart may collect biometric information from you. You know those security cameras around the premises? Retailers can use in-store cameras or digital try-on software to collect your face and retinal scans.

Some retailers like Walmart say biometric data is collected to fulfill a business purpose, such as identifying shoplifters. But many experts say that collecting biometric data on American citizens can lead to wrongful convictions and increased identity theft.

Also: Were you caught up in the latest data breach? Here's how to find out

Last year, Walmart settled a class action lawsuit in Illinois that alleged the company violated the state's biometric privacy laws by collecting biometric data from current and former employees without their consent or knowledge. The lawsuit charged that Walmart unlawfully uploaded the biometric scans to a third-party biometric database.

Less than half of US states and municipalities have laws protecting citizens from tech and retail companies unnecessarily collecting their biometric data. 

Round three:

Amazon may collect and store voice recordings when you speak to Alexa.

amazon alexa
Thomas Trutschel/Photothek via Getty Images


For years consumers have felt uneasy about Amazon hoarding their voice recordings when they speak to an Alexa-enabled device. You can request a copy of your data from Amazon and recover audio files from all your Alexa-enabled devices.

However, according to research, Amazon collects voice recordings in a manner inconsistent with its privacy policy

The same research concluded that voice recordings are sold to third parties that target consumers with personalized ads and that advertisers pay more for voice recordings than other kinds of data.

Also: ChatGPT now allows users to turn off chat history but there's a catch

Last month, the US Department of Justice and the Federal Trade Commission charged Amazon with violating US child privacy laws by keeping voice recordings of children and ignoring parental requests to delete them.

In another instance, a voice recording caught by Alexa was given to authorities by Amazon to convict a man of killing his wife. And Alexa recordings have served as key witnesses in several criminal cases around the world.

Round four:

By turning off location tracking, apps cannot know your smartphone's location.

John Lund/Getty Images


Turning off location tracking services is not a surefire way to stop apps from tracking your mobile device's whereabouts. Although turning off tracking services may prevent an app from accessing your precise location, most apps utilize other tracking methods.

Aside from GPS tracking, your location can be tracked by your phone's signals when you access a public wifi network, even if your device is not connected to that network. Apps can also access your location via pings from local beacons and cell towers. 

Also: The best secure browsers for privacy in 2023

Last year, Google paid nearly $400 million to settle a class action lawsuit alleging that the company continued to track users after they disabled the Location History feature on their devices. Google obtained users' locations via weather apps and Google web browsing, and experts say Google is not the only company that secretly tracks users.

Round five:

Apple does not sell your data.

Future Publishing/Getty Images

Sort of true and false.

Gotcha! This one is tough, and if you've read Apple's privacy policy, you'll understand that the answer to this question is a bit convoluted and a testament to the lax and loophole-laden data privacy laws in the US.

A big part of Apple's allure is its commitment to privacy and how its commitment is much more serious than any other Big Tech company. Apple's data policy, under the legal jargon found in the California Consumer Privacy Act, does not "sell" your data.

Also: The best password managers of 2023

That means that Apple does not offer any data that can be linked to you to a third party in exchange for money. But that does not necessarily mean Apple does not allow third parties to use your history on its platforms to target you with ads.

In the App Store and the Apple News app, third parties can access your user behavior to deliver personalized ads. Although Apple says the data it supplies to third parties cannot be used to identify users and was not exchanged for money, there is always monetary value in a company possessing any kind of user data.

Researchers concluded that the data collected when users visit Apple apps like the App Store, Apple Stocks, and Apple Music are linked to their iCloud accounts and can be used to identify them.

Round six:

When you request to delete your data from an app or website, it is deleted immediately.

Meta logo in background with Facebook logo on phone
NurPhoto/Getty Images


Some companies, like Google, say the deletion process begins as soon as you put in a request, but it can take up to six months for your data to be removed from all systems. Facebook says it can take up to 90 days for all of your posts to be permanently deleted from its servers.

Also: Do you use Snapchat's AI chatbot? Here's the data it's pulling from you

Most companies take a few days to respond to your request to access or delete your data. Then, they can take even longer to delete your data.

Final thoughts

If you answered more than three questions correctly, you've probably spent some time reading through your favorite apps' privacy policies. Congratulations: You ought to know what data is being collected from you.

You should also know that there are some ways to prevent companies from collecting data from you. But there's usually a consequence for not sharing important data with an app or website: Your experience can be less personalized or significantly decrease in quality. Many app and website experiences remain seamless, all-encompassing, and convenient because of how much data you allow that site to pull from you.

Also: How to protect and secure your password manager

These are some things you can do:

  • Keep an eye on your personal information to make sure none of it has been compromised. Regularly check your bank account to monitor fraudulent activity. 
  • Consider freezing your credit to avoid identity theft.
  • Consider using a Visa or Amazon gift card when purchasing online to not link your bank account or credit card information to online stores. 
  • Finally, check if your email address has been involved in data breaches and if your information has been sold on the Dark Web.

Stay safe out there!

Editorial standards