Data scientist here! In addition to the data points others have mentioned, there is actually a lot more data available than you would think in the form of metadata. We call the process feature engineering - essentially building a set of inputs that help determine an output, or prediction. How long you spend in the app, how long you stay on a screen before changing, how long you view a TikTok before swiping, which of the default settings you change, into what, all of this is used in machine learning models to help build a more accurate advertiser profile for you. Even if you don't volunteer data about yourself, your behavior in a way informs on you, even if you don't realize it. Through inference, a machine learning model could accurately deduce your age based on your behavior, for example.

Aside from what everyone else has said, also:

• Location data (your phone might be telling companies where you drive/go to where they know your routine and such.)
• What commercials you watch; even commercials you watch on devices other than your smartphone.
• Search history.
• Call history.
• Audio/video recordings taken without your knowledge or consent.

This app crossed the line

In a report released last month, privacy commissioners said people who downloaded the Tim Hortons app had their movements tracked and recorded every few minutes — even when the app was not open on their phones.

Phone number, email, anything else you put in, plus device and connection data. Also, depending on the app, it could steal passwords, cookies, banking info, etc.

The biggest problem i have with my data being collected, analyzed and used is in the fact that it will almost certainly be used to teach a ML model about how to better manipulate with people like me - the people that are privacy conscious and are trying as much as possible to reduce their fingerprint.

That data is invaluable, and if there does exist a way how to target even people like that, which there probably does since we're only humans after all, the ML model will eventually figure it out. And they have literally billions of people to experiment and learn on.

Now, we already know from a few leaked studies made by Facebook that they cab already pretty well manipulate people into mostly whatever they choose. Take a hypothetical situation where you get a crazy out-of-touch billionaire, who decides to buy a large social network company, and then decides "Hey, I really want this candidate to win. Tune up the algorithms!".

And the ML models will get a clear goal, that has been already proven to just work pretty well at influencing user behavior. And any data you give them, it helps the model to fine tune into influencing people like you . Which would also be really hard to prove, because ML models are by definition black boxes that are really hard to reverse engineer, and proving that it was trained to do this is AFAIK almost impossible.

I don't want no part in that. Thankfully, all the large social networks have CEOs that are reasonable and would never try something like that, right?

And one more thing - you may not think that data about your behavior are of interest to anyone right now. But look at China and their Social Credit. And imagine how would have I.e holocaust turned out, if the government had access to all the data, opinions and profiles of people that are being collected now.

Oh, you mentioned you sympathize with the Jews three years ago in a private message? Well, let's hope the country you live in never ends up in a situation where that could be a huge problem for you or your family.

So, every time any site is offering a "personalized, curated list" for you (I.e the google search result, or YouTube recommended videos), assume you are potentionally being manipulated, and avoid the site altogether- because there's no other way how to prevent it. The ML model knows that you know, and is already trying to figure out how to manipulate people that are taking care not to be. And if there is a way, it will figure it out with some success.

I find the motion sensing and gps tracking to be the creepiest. Using motion sensing they can know when you put your phone down and pick it up, if it was screen down or face up, and knows when you are walking, running, driving, etc. Combined with GPS it can be used to pretty accurately judge when you wake up, where you go, and how you get there. Lots of apps also don't "close" when you swipe it away, they continue running in the background, so if you have the setting "only collect data when using the app" it will still collect data until you close it in the background or force stop it.

Along with what others said, things you are interested in, demographic data, etc. The content you choose to watch on tiktok or products you click on on temu reveals a lot of valuable information about what ads might be most effective on you so they can target ads to you.

Depending on permissions, just about everything.

The more worrisome of these would be all your contacts, your location (even with Location permissions denied it can still be extrapolated up to a point if allowed to access to information on "WiFi networks nearby") - which can be used to derive workplace, living place, hobbies and, when crossed with other people's data, even who you regularly meet with - call history, files in your phone (such as personal photos and stuff you downloaded), sites visited and, even more seriously, actually record what's being said around your phone and even image as well as track something as intimate as how your phone (and hence you, if its in a pocket) move and when.

All of this is beyond the whole tracking of app usage (what do you do, see and for how long in it) which at least makes some sense to track for quality improvement.

That said, what makes it a problem is not that the app can get that infomation from the phone's systems but that it can, without your authorization, send it all to a central server - if it couldn't do the latter all that data capture for processing inside your phone would be absolutelly fine.

simple, valid personal information can be valuable in aggregate. it is accumulated and sold to ad companies.

these apps are often given permission to look through your phone and report back other data.. more than 'simple'. browsing/shopping history at best, account creds at worst.. its mostly for the same reason; advertising.

Everything. Basically, if it's not nailed down, they want to take it.

The short list of most common data taken would be app usage stats, not necessarily just for the app in question (eg, tiktok may pull data on how many hours of screen time other apps get, like YouTube or Instagram or literally anything else), GPS info, data about how often you handle your phone (from accelerometer readings), wifi networks including the bssid (mac address) of your router, which cannot be easily changed or masked, sometimes even data from your mic when you're not using the phone at all.

They know when you're sleeping, they know when you're awake, they know when you've been bad or good.... Oh wait, that last bit is Santa... Isn't it?

Anyways, I wouldn't be surprised if a few are bold enough to upload your pictures regardless of if you are posting the images, your browser history, security, device make/model, storage of your device, the list of files in storage, text messages...

Basically, anything that might help them identify you, what you do, where you work, when you work, how you travel, whether you're in a relationship, how happy you are in that relationship and how long it has been going on... Anything that might lead them to provide more targeted ads. Been in a relationship for a while and you seem happy? Check out these engagement rings. Already married? Here's some ads about parent stuff. Even something as simple as, hey, you're single and it's February, why not try Tinder or Grindr, or (insert app for your preference here).

They want to know everything there is to know so they can get you to buy more crap you probably don't need, for more than it's worth, and keep that economic gravy train rolling.

The basic idea is that you build a dossier on everyone. You discover what kind of food they eat, where they live, The size and makeup of their family, their sexual preferences, pregnancies, what kind of porn they watch, where they shop for groceries, where they shop for electronics. You tie together purchases with their credit card to purchases in other apps or even brick and mortar stores. You figure out where they owe money with their education looks like. You look at these things even altogether at some point in your life and go why the hell do I care.

Then 20 years down the road when Chinese companies start pushing out American banks all of a sudden you can't get a loan for a house or a car . Or maybe you're going for a job at some point in this data is leaked back out now it's part of your indelible history.

Perhaps somebody takes it all and throws it into a large language model, All of a sudden they've got clarity into your post history on all social media even stuff you thought was private because they know your phone serial number or your home IP address.

Corporations and governments don't have any business knowing about your private life. They shouldn't get to make decisions based on your private choices and preferences.

they mostly do it either because they can sell the data, or can display "more relevant" ads to you, so they can charge advertisers more.

apart from all the stuff already mentioned, some apps arise from a really insidious industry: blackmail through personal loan apps.

these apps fetch your contact details and the scumbags behind them exploit this info at your cost.

here's a bbc expose on this with more info: https://www.bbc.co.uk/news/world-asia-india-66964510

and then there's sms. especially when bank balance alerts are sent, that's gold for marketers.