In recent months, we have received numerous reports from users across West Asia and North Africa (WANA) expressing alarm over a little-known but deeply intrusive bloatware application—AppCloud—pre-installed on Samsung’s A and M series smartphones. Without users’ knowledge or consent, this bloatware collects sensitive personal data, cannot be removed without compromising device security, and offers no clear information about its privacy practices.
AppCloud, developed by the controversial Israeli-founded company ironSource (now owned by the American company Unity), is embedded into devices sold in countries where such affiliations carry legal implications. Despite the serious privacy and security risks, Samsung has offered no transparency on how AppCloud functions, what data it collects, or why users cannot opt out.
This open letter, addressed to Samsung, calls for immediate transparency, accountability, and dialogue. Users deserve to know what is installed on their devices and how their data is being used, especially amid Israel’s espionage campaigns in the region.
_________
To Whom it May Concern,
We are writing to urgently request that Samsung be transparent regarding the pre-installation of AppCloud on its A and M series smartphones, particularly in West Asia and North Africa (WANA). We ask that Samsung provide information about AppCloud’s privacy practices, opt-out and removal options, and that Samsung reconsider future pre-installations in light of privacy rights. We also request a meeting with Samsung teams to discuss these concerns further.
Since the expansion of Samsung’s partnership with ironSource in 2022, AppCloud has been embedded by default on new A and M devices distributed in this region.
According to our analysis, this intrusive software is unremovable, deeply integrated into the devices’ operating system, making it nearly impossible for regular users to uninstall it without root access, which voids warranties and poses security risks. Even disabling the bloatware is not effective as it can reappear after system updates.
The privacy policy is opaque, there is no accessible and transparent privacy policy for this bloatware and users are in the dark about what data is collected and how it is used. There is also no straightforward opt-out mechanism. The bloatware collects sensitive user data, including biometric information, IP addresses, device fingerprints.
The installation of AppCloud is done without any consent from the user, which violates GDPR provisions in the EU and relevant data protection laws in the WANA region states.
AppCloud is developed by ironSource, an Israel-founded company (now acquired by American company Unity), raising additional legal and ethical concerns in countries where Israeli companies are barred from operating, such as Lebanon. ironSource is notorious for its questionable practices regarding user consent and data privacy.
Samsung’s terms of service mention third party applications but do not specifically address AppCloud or ironSource, despite the significant data access and control granted to this bloatware app.
The forced installation of AppCloud undermines the privacy and security rights of users in the MENA region and beyond. The lack of transparency and control over personal data is particularly alarming given Samsung’s significant market share in the region.
In light of these concerns, we respectfully request that Samsung:
- Disclose the full privacy policy and data handling practices of AppCloud, making this information easily accessible to all users.
- Offer a straightforward and effective method for users to opt out of AppCloud and remove it from their devices without compromising device functionality or warranty.
- Provide a clear explanation for the decision to pre-install AppCloud on all A and M series devices in the WANA region.
- Reconsider the continued pre-installation of AppCloud on future devices, in line with the right to privacy as established by Article 12 of the Universal Declaration of Human Rights.
- We also request a meeting with the relevant Samsung teams to discuss these issues in detail and to better understand the company’s approach to user privacy and data protection in the WANA region.
We look forward to your prompt response and to working together to ensure the privacy and security of all Samsung users.
