Smartphones - Privacy and Security

In this article, we address the concerns of privacy and security of smartphones. We will highlight the issues and opportunities for security and privacy threats, the implications they have and the potential solutions users can make to reduce the impact.

Unfortunately, smartphones/mobile phones were not made with privacy and security at the forefront of importance, whilst they are always elements which have been included, the lack of focus on these elements has led to some significant issues to devices and their users.

As we have discussed in our previous articles focusing on iPhones, smartphones and the incredible technology advancements and positive influences they hold on keeping individuals connected, we cannot ignore the fact that there are some flaws when it comes to security and privacy with the world’s favourite technology device. Smartphones do not offer the best levels of protection in the form of security and privacy for individuals’ communications, thus leaving devices open to risks such as malware, surveillance and location tracking.

It is now more common than not to see the “allow app to use location services” pop up when using a new app for the first time, but do we actually know what we are saying yes or no to?

It has been suggested that the biggest privacy threat from smartphones is one which we do not see but is always present, location tracking. Individuals’ whereabouts can be tracked 24/7 through the signals emitted/broadcasted from their device.

Location tracking or Mobile phone tracking is a process for identifying the location of a mobile phone, whether stationary or moving. Localization may be affected by a number of technologies, such as the multilateration of radio signals between (several) telecommunications (cell) towers of the network provider and the phone or by simply using the Global Navigation Satellite System known as GNSS, Wikipedia.

“Location Services” as known by most from their smartphones, the small little arrow on your phone that is always on, is a way of sharing an individual’s device location, whether through communication services or the use of apps.

Apps can ask the device for its location information and then use this to provide services based on the location, a google example is maps, however, some apps have a more aggressive approach than others asking to use either a combination of location services or GPS.

The apps which adopt this approach will transmit the location over a network or services provider which then provides a path for the app and shared third parties to track the device and individual.

Tracking is not normally a key motive of an app but rather an additional result of its functionalities. The data that can be accessed from this technology is not always related to location either, it can be used for many different things such as people’s activities, habits, attendance to functions etc. This data on users and devices can then be accessed by third parties, governments or data breaches.

Like laptops and computers, phones can get viruses and be affected by malicious software known as malware. This can be done by a device being hacked into or software being installed onto a device normally unknowingly. These viruses and malware can gain access to a user’s personal and sensitive data and information stored on their devices such as messages, photos, documents and active listening.

We have seen a shift in modern malware focusing on using functionalities built into devices to gain access to information not necessarily stored on a device. Malware now uses devices, cameras and microphones to gain access to data and information by turning these functionalities on and using them as a surveillance or listening device.

There is an increasing concern that phones are being used as monitoring devices, even when not being actively used. As a result of this, we have started to be encouraged to turn our phones off when having sensitive conversations or leave them in a separate location.

Certain organisations and governments forbid people from bringing personal devices into facilities due to the sensitivity of the data or conversations within that location. In extreme cases of super sensitive information recommendations have been made to remove batteries from devices as there are some highly complex and rare malware which make users believe their phones are turned off but are still able to be used as a monitoring device. This concept almost sounds like something from a James Bond film, however, such technologies do exist in such extreme and sensitive situations.

Like anything in life, technologies are generally created and designed for a positive outcome, however, sometimes there can be adverse uses for some of the tools made. As we have seen there are some major issues facing smartphone privacy and security but as individuals, we can increase our own protection against threats with small but mindful changes.

Most smartphones now ask the user if they would like to allow the app to use their location while using the application, this allows users to have more control of their privacy. Essentially restricting apps from tracking their location and data.

Users who are concerned about their privacy and location being tracked would be encouraged to make sure that they restrict as many apps as possible to not have access to the device’s current location when being used.

Have you ever noticed your phone battery draining really quickly? Check to see what apps are running in the background and you may find an app you never intended to install and or use.

Make sure your Wi-Fi ‘Auto-Connect’ functionality is disabled. Make sure your phone’s auto-lock is on the shortest time frame possible. Be mindful when browsing and opening sites and email attachments on your smartphone. If not already the default on your phone, consider data encryption. Set up remote wiping functionalities. Keeping your phone updated Clear your phone of unused and unwanted apps. Be mindful of scam emails and texts with malicious links and attachments.

Governments are also looking into how they can better protect individuals from these threats, with updates and amendments of GDPR and Data Protection laws focusing on mobile phone data privacy, the enforcement of large fines for breaches and non-compliance, organisations now face a fine of up to 4% of their annual turnover. Users and individuals now have more rights when it comes to accessing their data, and organisations now face increased accountability for the handling and storing of this data. The internet policy review stated that the changes in third-party tracking had significant improvements in stricter data protection standards, new governance and accountability obligations, and improved enforcement mechanisms.

It would seem that the issues we have discussed within this article are ones which the majority of people are aware of and changes are being made to manage and reduce their impacts, and it is a journey we will continue to follow and review.

There have been increased conversations about the social Dilemma of Phone Security & Privacy and how devices have previously been used. There has been speculation of a theory that devices and phones are listening to their users, and tracking the interactions. From this surveillance, users are then being flooded with advertising and marketing based on conversations or even search history, it is a topic which has caused dividends between organisations, users and tech giants.

Netflix released a documentary called “The Social Dilemma” By Tristain Harris in 2020, which provided information which shocked viewers and provided an insight into one side of the social dilemma phone privacy and security faces.