Zeynep ConkarMost smartphone users know their devices collect some data. What they don’t expect is a hidden system app, tied to a company with a long history in online tracking, one they cannot delete.
Yet this is exactly what users of certain Samsung budget devices across West Asia and North Africa have recently uncovered.
The app, called AppCloud, was developed by ironSource, an Israeli-founded software firm now owned by US-based Unity. Samsung describes it as a “marketing tool”, but it sits deep inside the phone’s system software, cannot be removed, and holds privileged permissions far beyond those granted to regular apps.
For many users, that combination alone raised red flags at a time when surveillance technologies linked to Israel are under mounting global scrutiny.
The issue quickly gained traction online, prompting Samsung to issue a press statement saying it “takes the protection of our users’ data very seriously” and is committed to “providing a secure experience” and “user control”.
But the statement fell short in explaining why AppCloud is non-removable, what data it collects, or whether users will be given more control.
When TRT World reached out demanding further clarification, the company did not respond.
A digital occupation
What worries researchers most is how deeply AppCloud is embedded in the device, far beyond what Samsung publicly acknowledges.
“The app is installed by Samsung on the phone. Even if you disable it, it keeps activating itself after every update,” reports International Cyber Digest (ICD), a newsletter on cybersecurity.
The editor, who requested anonymity, describes the app as “spyware” because it can collect user data and receive updates that expand its capabilities.
Regional digital rights group SMEX was the first to sound the alarm earlier this year. In an open letter, it criticised Samsung for “forced bloatware installations” tied to ironSource, warning that AppCloud is “deeply integrated” into system processes in ways ordinary users cannot control.
Its technical review confirmed that the app cannot be removed without rooting the device – a step that voids warranties, introduces security risks, and is inaccessible to most users.
This is where the digital occupation logic comes into play. IronSource is part of an Israeli tech ecosystem whose tools have long been deployed for population-level tracking, profiling, and behavioural targeting.
The fact that AppCloud is invisible – no icon, no splash screen, no consent prompt – only intensifies perceptions that this is surveillance hidden in plain sight.
Even when disabled, many report seeing it reappear after system updates, resuming background activity without consent.
Consent, consumer rights and privacy
Pre-installed software is a longstanding problem on budget phones, and Samsung is not the first to face criticism.What sets this case apart, is the opacity around AppCloud’s capabilities.
Screenshots circulating online suggest the app can access network information, download files, and even keep the device awake.
IronSource, founded in Tel Aviv around 2010, built its early business around software distribution and monetisation. Its flagship product, InstallCore, bundelled additional programmes into downloads and was widely flagged by security vendors as a Potentially Unwanted Application (PUA) due to stealth instalalltion menthoids and consent issues.
Despite this reputation, ironSource expanded globally, merging with and acquiring other firms before being bought by Unity.
In 2022, Samsung partnered with ironSource for mobile devices in the Middle East and North Africa (MENA), to supposedly “enhance device experience”.
IronSource’s Aura suite – a preloaded app and content distribution system for device makers – had already appeared on Samsung devices in more than 30 markets, including Europe, Russia, Southeast Asia, and India. The partnership made ironSource Samsung’s sole pre-installation partner in more than 50 markets across MENA.
The controversy highlights a broader issue: digital inequality.
AppCloud appears most widely installed on Samsung’s budget and mid-range models – phones marketed in regions with weaker regulation and fewer consumer protections.
In effect, users who can afford higher-end Samsung models still enjoy cleaner software and more control over their devices, while budget users have no choice but to accept whatever ships on their devices.
“They’ve been able to do this largely in regions where privacy laws and regulatory oversight are weaker,” says ICD.
“It’s far more difficult to roll out something like this in places such as Europe, where stronger data protection rules and active regulators make these practices harder to justify.”
