A new app called Neon Mobile shot up on Apple’s US App Store charts last week, briefly ranking as the second most popular free app in the social networking category, according to Appfigures data cited by TechCrunch. The app promised to pay people for recording their phone calls and then sold the audio to AI companies for training purposes.
The company claimed users could earn “hundreds or even thousands of dollars per year” by making calls through the app. Neon said it paid 30 cents per minute for calls between two users and up to $30 a day for other calls. Referral bonuses were also part of the pitch.
“Phone companies profit off your data. Now, you can too,” read a message on Neon’s website.
The privacy trade-off
To get paid, users had to agree to Neon’s terms of service, which granted the company a sweeping license to their recordings.
TechCrunch highlighted the policy, which grants Neon a “worldwide, exclusive, irrevocable, transferable, royalty-free, fully paid right and license (with the right to sublicense through multiple tiers) to sell, use, host, store, transfer, publicly display, publicly perform (including by means of a digital audio transmission), communicate to the public, reproduce, modify for the purpose of formatting for display, create derivative works … and distribute your Recordings.”
Legal experts told TechCrunch that recording only one side of the conversation may have been a way to avoid violating wiretap laws in states requiring two-party consent. However, privacy lawyers also raised concerns that anonymized voice recordings could still be misused for fraud or impersonation purposes.
Security breach brings it down
The app’s viral success was short-lived. On Thursday, TechCrunch discovered a security flaw that let any logged-in user access other people’s phone numbers, call recordings, and transcripts. During its test, the publication found that Neon’s servers produced “data about the most recent calls made by the app’s users, as well as providing public web links to their raw audio files and the transcript text of what was said on the call.”
After being alerted, Neon’s founder, Alex Kiam, shut down the app’s servers. In an email to users, Kiam wrote: “Your data privacy is our number one priority, and we want to make sure it is fully secure even during this period of rapid growth. Because of this, we are temporarily taking the app down to add extra layers of security,” per TechCrunch.
Notably, the email did not mention the specific flaw that had exposed users’ sensitive data.
Kiam later told Business Insider the app will remain offline until a security audit is complete and new protections are added. He also admitted the app’s growth was faster than expected: “Honestly, I did not expect this to grow this fast. I did expect us to reach this level and beyond, but I certainly didn’t expect everything to be this fast.”
Meanwhile, Neon remains available for download in the App Store, but without functioning servers, it’s effectively unusable. Whether it makes a comeback and whether Apple or Google weighs in on its compliance remains unclear.
Unusual data activity also occurred last month, when Meta’s contractors were found to have viewed explicit photos and personal data from AI chatbot users.
The post Neon Pays Users to Record Calls, Goes Dark After Security Flaw appeared first on eWEEK.
No Responses