The advent of mobile apps has led to new forms and combinations of
user- and device-related data that create systems beyond our control,
posing new risks to privacy and security through out-of-your-hands data
real danger is the gradual erosion of individual liberties through the
automation, integration, and interconnection of many small, separate
record-keeping systems, each of which alone may seem innocuous, even
benevolent, and wholly justifiable.
U.S. Privacy Protection Study Commission, 1977
Can you believe the comment quoted above is almost forty years
old? Have we learned from the 1977 Commission report? Almost
all of us now carry handheld computers – our smart phones, tablets,
smart watches, fitbits – that entertain us, guide us, remind us, warn
us, and serve us. They also gather information about us from our
heart rates, purchases, and locations, to banking transactions,
information about our family and friends, text messages, email addresses
and our personal preferences. In short, these always-on,
always-ready and always-with-you devices pose privacy challenges that
were not likely even pondered in 1977.
It is safe to assume that anything you do on your mobile device, any
information you store on it, any app you utilize, is being snooped even
if you are taking precautions. Despite the amount we use and depend upon
our mobile devices, approximately 62% of smartphone users do not
password-protect their phone, and smartphone users are 33% more likely
to become a victims of identity theft than non-users.
We must remember that our new “best friends” (or as my friends refer to
the smart phones “our precious”) are the “small, separate
record-keeping systems” contemplated in 1977, albeit multiplied by
billions. They store our electronic lives and, to varying degrees,
share our lives with the highest bidder.
What Data is Being Collected?
Taken together, your cellular service provider, search engine, and the
developers of the apps you use collect the following:
- Incoming and outgoing calls: the phone numbers you call, the numbers that call you, and the duration of those calls;
- Incoming and outgoing text messages: the phone numbers to which you send texts, and the numbers from which you receive them;
- How often you check your e-mail or access the Internet;
- Any photos or video you take on your phone;
- Details about the text messages and e-mails you send and receive, including the content;
- Financial data;
- The information on your calendar; and
- Your location, age, and gender.
Who is Collecting the Data?
As mentioned above, the collectors of your data begin with the company
providing your cellular service. A second collector, of course, is your “search engine” of choice: Google, Safari, and so on.
But still another purveyor of your personal data are the folks behind
the innumerable “apps” of which we have become fond whether we use a
navigation app to find our way to a new friend’s address or play Angry Birds™ to stave off boredom on a long trip.
Finally, the ability to collect data on where a person has gone and
what they have been doing is valuable information for law enforcement
officers. For example, if you are the subject of an investigation,
or even if you have just been pulled over, police may want to see what
you have been doing and where you are going – things your smartphone may
be able to reveal. Depending on your jurisdiction, they may just be
able to do that despite the Constitution's Fourth Amendment prohibition
against unreasonable searches and seizures.
Advertisers Love Data – and Apps
Aside from law enforcement, the foregoing collectors are interested in
collecting your personal data so that they can package and sell it to
Advertisers want to market to the people most likely to buy their
products. The more information advertisers collect about you, the
better they know the types of products and services you purchase and
those in which you might be interested.
Advertisers pay app developers to get access to you. In fact,
advertisers even supply code to the app developers to build into the
app. The code not only makes an ad appear when you use the app, but also
collects data from your phone and transmits it back to the advertiser.
It is also possible that the app itself collects data that is shared
with ad networks. The data collected and shared builds a detailed
profile about you and is re-packaged and sold to the highest bidder.
For example, in December 2010, the Wall Street Journal investigated 101 apps
to see what data the apps were sharing with advertisers. It found that
56 apps shared the phone’s unique ID number, 47 transmitted the phone’s
location and 5 shared the user’s age and gender and other personal
details (like phone number or contacts list). That study was six years
ago. During the 2012 presidential campaign, apps created by both
major candidates to promote their election campaigns gathered (or sought
permission to gather) large amounts of personal information including
GPS location data.
Although Federal privacy laws exist, they have not kept up with the
pace of technology and courts are unclear on the issue as to how easy it
should be to gain access to your smartphone and its data --
especially where law enforcement is concerned.
A list of federal laws as well as tips to enhance your cellular data
security may be found in an expanded version of this article on our website.
Other Recent Articles