Across West Asia and North Africa (WANA), growing concerns about digital surveillance have placed Israeli cybersecurity firms and their software under intense scrutiny. Among the most alarming cases is AppCloud, a pre-installed application on Samsung’s A and M series smartphones.
The app cannot be uninstalled easily because it runs on the device’s operating system. Uninstalling it requires root access (the highest level of control in a computer system) of the phone to remove the AppCloud package. Its privacy policy is nowhere to be found online and opting out is not always available.
But the real concern lies in who owns AppCloud. When investigating further, we discovered that AppCloud’s privacy policy can be traced back to ironSource, an Israeli founded company based in Yafa (“Tel Aviv”). ironSource is notorious for its questionable practices regarding user consent and data privacy.
The implications for Samsung users in WANA are particularly severe. Not only does AppCloud silently harvest user data, but its ties to an Israeli firm raise serious legal and ethical questions in a region where Israeli companies are legally barred from operating in several countries. Despite these concerns, Samsung continues to install AppCloud by default, offering users no clear way to remove or even fully understand what data is being collected.
A Sordid History
ironSource frustrated users, cybersecurity experts, and tech communities with its invasive and questionable practices. One of the company’s most critiqued programs is “Install Core,” advertised as a third party cross-platform installer and advertisement-technology platform (also known as adtech). However, the program was found to be quietly invasive as it allows the installer to install programs on the user’s device without permission. It circumvents the user validation process and successfully bypasses multiple security checks, including antivirus programs, according to investigations by MalwareBytes and Sophos (a British cybersecurity firm).
Game developers for the Unity Engine were so concerned that they even submitted a collective ultimatum to Unity, ironSource’s parent company. They cited its use as malicious adware and its former installer Install Core, particularly on mobile apps and games.
IronSource has even been a part of a class action lawsuit settlement alongside fellow adtech firms from Israel’s Download Valley for tracking and targeting children with predatory purchases in games. It is even more troubling that Israeli tech firms focusing on advertising intelligence are often associated with spyware and surveillance.
AppCloud in WANA
AppCloud may be unlisted on the ironSource website, but it is preinstalled in Samsung M and A models of the Galaxy smartphone line in the WANA region, following an expanded partnership between Samsung MENA and ironSource in 2022. This bloatware is installed without the explicit permission of the consumer during the purchase or phone set up. While it has been found on other devices and in other regions, Samsung M and A models are the most consistently infected devices in our region. This is made even more nefarious given that uninstalling the app is not possible without root access and a bit of technical work. Since AppCloud seems to be built into the system by Samsung, there is no way to purchase a new model without it.
SMEX’s Tech Unit explained that many Android device providers have their own custom version of Android OS, which is optimized for their chipset. This customized Android OS comes with some additional software, which are not necessary for the functioning of the device. They are commonly referred to as “bloatware.” Bloatware is hard to remove and requires mostly flashing the device, breaking the warranties. This is especially concerning given that Samsung is the lead smartphone in terms of device usage in the WANA region, sitting at around 28% market share according to Canalys.
Additionally, both ironSource and Samsung do not present users consistently nor sufficiently with AppCloud’s privacy policy to WANA users. Since AppCloud is unlisted online there is no copy of its privacy policy or terms of service available to the wider public. It is also not a traditional application in the sense of being able to access and open it from the regular android operating system menu. Instead, AppCloud is basically buried in the backend of the phone making its terms of service inaccessible from the phone without a prompt.
While Samsung’s terms of service includes agreements to third party applications, there is nothing specific to AppCloud or ironSource. Which is concerning given the significant amount of data the application collects such as biometric data, IP Addresses, and more. On top of all of this, there is no clear opt-out option made available to all users. They are essentially stuck with the application if they wish to use their phone. An application that is given an unprecedented level of control and authority over their smartphones, especially for an application that is pre-installed on the concerned Samsung smartphones.
Call to Action
Given the invasive and likely illegal nature of AppCloud’s data harvesting, we call for Samsung to immediately halt pre-installing the application on its series M and A smartphones. It potentially violates a number of data privacy laws in the region. Egypt, UAE, and Saudi Arabia are three examples of countries with data protection laws that necessitate explicit user consent and transparency. Additionally, Israeli companies are legally barred from interacting with citizens of many countries in the region. Lebanon, for example, bars and boycotts Israeli companies products starting with the Lebanese Anti-Israel Boycott Law of 1955.
Samsung must also make AppCloud’s privacy policy and terms of service easier to access and read. This can be done by making the application more visible. This means making it accessible with a clear and easy method of opting-out of its services entirely.
Users can also limit how much AppCloud harvests data from them. Users can access the apps list in their settings to disable AppCloud, but this does not uninstall it from the device. While this should prevent the app from running, some users have noted that the application reappears after system updates. The only way to fully remove AppCloud requires rooting your phone and voiding the warranty.