Lumen Privacy Monitor is a free application for Google Android that monitors connections that applications make on a device it runs on to uncover communication with tracking servers and data collecting.

Created as an academic research project, Lumen Privacy Monitor provided the researchers with a large set of data to analyze. The results were published in the paper "Apps, Trackers, Privacy, and Regulators A Global Study of the Mobile Tracking Ecosystem" (access PDF here). One of the key findings was that the research team managed to identify 233 new trackers that were not listed on popular advertising and tracking blocklists.

Lumen Privacy Monitor

Android users need to have a strong stomach during installation and on first run: the app requires lots of permissions, needs to install a root certificate, will monitor encrypted and normal traffic by default, and send anonymized data to the researchers.

The application requires access to personal data on the device to determine leaks. The researchers note that personal data is never submitted. Still, the application is not open source and it is clear that the privileges that it requests are cause for concern.

If you give permissions to the app, install the root certificate and flip the monitoring switch to on, you will get detailed reports about application activity and leaks.

Lumen Privacy Monitors monitors apps while it runs. The main interface displays the three tabs leaks, apps and traffic.

  • Leaks display personal or device information that apps may leak. A severity rating is
  • Apps lists all applications that the monitoring app picked up with options to display a detailed report about individual apps.
  • Traffic offers an overview of the analyzed traffic. It includes information about HTTPS and other connections, bandwidth, and the overhead that ads and analytics scripts and connections cause.

Apps

The Apps group is probably the most interesting as it reveals important information to you. A tap on a monitored application displays interesting information such as the list of domains the application tried to establish connections to, the number of trackers and the overhead caused by them, leaks and traffic overviews, and the list of requested permissions.

The list of connections is certainly useful as you can determine whether these connections appear to be valid or not. While you may need to research domains before you understand why the application may want to connect to it, you'd quickly find out if an app connects to tracking servers or makes other unwanted connections.

The list of permissions includes risk assessments for each permission which you may use to determine whether to keep an application installed or remove it.

Closing Words

What I like particularly about Lumen Privacy Monitor is that it reveals the overhead that ads and tracker connections cause, the connections an app makes, and the data leaks of applications.

It would be better if the researchers would consider releasing the application as open source to address concerns about the application's wide-reaching permission requests and installation of a root certificate.

What you do with the information is entirely up to you. You could consider removing applications or install apps that block connections to trackers to prevent data leaks.