Your mobile/cellular phone or smartphone might not be as secure and as private as you think. Here are some ways in which your personal data might be collected by others.
As we become increasingly welded to our mobile/cellular phones, it is readily assumed that because it is such a personal device that all our interactions are private. This sentiment is corroborated by a recent study conducted by the Berkeley Center for Law and Technology, which found that the majority of persons believed that the data stored on their smartphones were at least as private as that stored on there home PCs (Figure 1).
Figure 1: Results from the question “How Private is Mobile Phone Data Compared to Data on a Home Computer?” (Source: Berkeley Center for Law & Technology)
This perception, unfortunately, is not consistent with reality. A number of parties are continually harvesting data you might consider private, and in many instances you are also readily and unwittingly sharing personal information and that which could affect your own safety and security. This post highlights key channels through which valuable personal data is collected through your mobile/cellular device.
Cookies and apps
Similar to websites accessed on your PC, websites accessed on your mobile/cellular phone, along with mobile applications (apps) that you download to your smartphone, frequently track and store information about you, such as:
- your name
- websites visited
- email addresses and other contact details
- your social networks contact list
- your location.
In many instances, and in the case of mobile apps in particular, permission to collect such information is a condition of use. Moreover, many of those apps tend to run in the background, and could thus be collecting and transmitting information even when they are not being actively used.
Hacking and interception
While no device is 100% secure, we, as the owners, often do not take the necessary precautions to reduce the chances of our phone being breached. As the video clip below shows, many of us might not be taking advantage of the security features that our smartphones in particular might offer, such as longer passcodes, which means we could be very susceptible to our phones being hacked and/or our communication being intercepted.
Additionally, the interception of our communication over wireless channels is a real and continuing threat. Although virtually all wireless mediums can be hacked, many of us, especially in the Caribbean, rely on Wi-Fi for Internet access on our mobile/cellular devices, which could make us especially vulnerable. Of particular concern is public or unsecured Wi-Fi, which we might use without thinking, but it can be used to lure unsuspecting users and provide an ideal setting for those devices to be hacked.
It is also highlighted that Bluetooth, while convenient to facilitate data transfers between phones, it can leave those devices open to spying, and even to hacking. Phones are especially vulnerable to Bluetooth attacks when a PIN has not been activated.
Social media
It must be emphasised that although a number of entities may be keen to collect personal data on you, increasingly, we are volunteering considerable amounts of information via our social networks. For example, in addition to sharing details on what we are doing, we might also be providing a constant and automatic stream of information on where we are, e.g. via FourSquare, Soundtracker, Facebook, and other platform that integrates geo-location into their functionality.
Although we might be able to limit the information that is automatically shared on us, e.g. by deactivating the GPS feature and/or opting out of having our location automatically posted to others, we must be vigilant in ensuring that those settings are selected. However, it is also important to recognise that geo-location may be a key feature in a particular social networking platform or an app that includes social networking features, and in order to use them successfully, you must allow such information to be shared.
Device registration
Finally, unlike the about points that focussed on situations through which your privacy might be breached when a phone is in your possession, it is important to highlight that even before you acquire your phone, information has been collected that can be used to track you. However, some of that information, which for example, is contained on your device’s Subscriber Identity Module (SIM) card, is needed in order for the phone to work – in order to make calls, send text messages, etc. through a particular carrier. However, increasingly, countries are now requiring cellular/mobile phones to be registered, usually at the time of sale.
For example, last year, Belize introduced a mobile phone registration drive for current device owners to register their phones. The deadline date was extended twice until 13 July 2012, and as reported in this week’s news Roundup, mobile companies disconnected 60,000 phones that had not been registered.
The rampant theft of mobile devices, and smartphones in particular, is often cited as a key reason for introducing mobile/cellular phone registration. Having a record of the device, which could include serial numbers and its International Mobile Equipment Identity (IMEI), can help it be tracked and identify if it, if it were ever lost or stolen. However and more sobering, that very same information can be used to track you, the owner of the device, should law enforcement and other authorised personnel consider it necessary.
_________
In addition businesses that provide all-inclusive free wifi: you walk into their premises you are not only automatically connected to their wifi, you are also straight taken to their home page. Who knows what information might be taken in teh process!
And certainly if those websites have been hacked!
Nope. Despite using an Iphone and not being automatically connected to any network. I do not use any social network at all on my devices and with all this I know my data is not secure. How many of us have stopped to check what it is that some apps require to work efficiently on our smart phones? I know now but there were times when I would wonder why does a game app need my contacts list to be able to perform? The networked world is deemed a non private one but as alluded to in your article that is of increasing concern is the amount of information we voluntary give on social networks. There are those among us that do not need to be hacked.
Tell me about Moni! We are all walking this tight rope of trying to participate in what all of this new technology has to offer, while at the same time maintaining some modicum of privacy.
Unless or until there are clear policies that help us navigate this, the best we can do, as users, is perhaps exercise greater vigilance…