Five years into the smartphone era, the threats to user privacy have never been higher.
The complex and mostly unregulated privacy concerns of the mobile ecosystem have driven many users to take their privacy into their own hands, whether that means deleting apps that ask for too much information or turning off location services.
However, the fight over mobile privacy is just really starting to take shape. We wanted to get a beat on where that fight is now, and about what – if truly anything – privacy advocates think will change the future of mobile towards a more user controlled experience.
Following a Harris Interactive study (PDF) in 2011 that showed that “98% of consumers expressed a strong desire for better controls over how their personal information is collected and used via mobile devices and apps,” a recent Pew Research Center Internet & American Life Project survey found that more than half (57%) of respondents had at some point either removed or decided not to install a mobile app because of the level of information that it would collect from them. This single stat tells us a lot about the current state of mobile privacy.
First, it shows that a good number of users are concerned enough about their privacy that they are actively checking to see what information an app will collect – and if it is too much, they have no qualms in deleting or not installing the app for that purpose. Second, it points to the pervacity of apps that collect too much information in the minds of users (it’s very doubtful that all 57% of those respondents had only deleted just a few select common apps).
Conversely, it could be that the data collected by those deleted or never installed apps were in fact much more useful to the user than the company or individual behind the app (or a third party for that matter), but as apps by and large do not say how they will use that data, users have to assume the worst and take the appropriate measures to protect themselves from possibly being targeted, exploited, or even robbed.
Pew also found that 19% of respondents had turned off location services on their phones. That this number is much lower than the 57% number above, most likely points to the usefulness of location services on a smartphone – turn them off, and your maps, GPS, or local restaurant suggestions no longer work. Because they are so useful, users may also feel that it is worth the lowered privacy to get that kind of information, whereas other apps may simply ask for permission to access data (and the permission granularity level depends on your mobile OS) where the user cannot make a connection to how that data collection is worthwhile enough to allow.
Even so, location data collection is one of the most hotly debated aspects of mobile privacy, and for good reason. Not only can our phones track us in real-time, but over time that data can be used to to predict our future locations and behaviors (albeit to varying degrees of success, but the technology is getting better all the time). Of course, once the data is collected, the possibility exists that it could be shared out to commercial third parties – or even law enforcement – and could theoretically be used to commit crimes against us. You might remember the controversial PleaseRobMe site that used Foursquare check-ins to say when people weren’t at home – but of course, if you’ve got a job, you are most likely not home during the day during the week, so it was never too revolutionary a concept to begin with.
Regarding law enforcement: in July, in response to a Congressional inquiry, mobile carriers reported that for years they have seen requests for user data from law enforcement agencies increase to a record 1.3 million requests in 2011 alone. Obviously the growth of smartphone users with advanced technologies has increasingly led law enforcement to consider using cell phone data as a primary investigative source (though carriers can track even a basic phone without GPS by following cell tower usage, to a less accurate degree), but just because they can do it, should they have the right to?
Somewhat encouragingly was the report that carriers often did try to fight back against requests when they felt that they were unduly infringing on a users privacy, but countering that was the admission that sometimes – when law enforcement deemed it an emergency – the carriers would turn over data (usually location) to law enforcement without a warrant, court order or subpoena. Troubling to be sure, and as Edward J. Markey, the US Congressman that requested the report from the carriers told The New York Times, “I never expected it to be this massive.”
Of course, there are numerous other privacy issues at play in our mobile lives. We reached out to Rebecca Jeschke, Digital Rights Analyst at the Electronic Frontier Foundation (EFF) in San Francisco about what the EFF considers the greatest threats to our mobile privacy (read our story about the EFF’s proposed Mobile Bill of Rights), and she had this to add:
“When you use your mobile phone all your activities pass through many different service providers. The big question is how those service providers will safeguard your information. How long will your carrier keep your text messages and your voicemails and who can see them?… How about that list of friends?… Could it be subpoenaed in a divorce case or a custody battle? Right now it’s really hard to enjoy the extraordinary functionality of our phones and still protect privacy.”
Jenschke’s last sentence really gets to the heart of the difficult choice (deal with the devil?) both users and privacy advocates are grappling with – is it even possible to maintain our privacy while still getting to keep that supercomputer that fits in our pockets?
While many have given up trying to fight what may seem like the insurmountable tangled tide of the ever increasing attacks on our most private of information – from banking info, to emails; from pictures of family to text messages; from our contact lists to our personal diaries and yes, our every move – thankfully, there are a number of organizations that are working to protect our privacy everywhere we go. We’ll take a look at a few of the most active, but first we should quickly cover the series of meetings being held by the a division of the US Commerce Department, the National Telecommunications and Information Administration (NTIA) on mobile privacy.
Following the Obama administration’s larger call for a consumer bill of rights for online privacy (not to mention a sharp letter by Senator Al Franken earlier this year) the NTIA has been holding a number of meetings that include numerous participants from different sectors of the mobile ecosystem, including privacy advocates and organizations. To this point, the widely held view is that the best these meetings have accomplished has been that all of these different stakeholders are actually talking to each other, but beyond that, the meetings have mostly comprised of how to even frame the discussion, including questions like “how is an app defined?”
The privacy advocates that we spoke to for this piece echoed what Jeff Chester, the Center of Digital Democracy’s executive director stated at the last round of meetings in August. “We need to discuss what’s happening now, how [the data is] being used, what does it mean for the user.” In other words, they need to get moving and discuss something that actually matters. As Jules Polonetsky, director of the Future of Privacy Forum bluntly put it to TNW over the phone, “the NTIA process has ground to a halt.”
That said, it seems that these NTIA meetings around creating a “code of conduct” to protect mobile users’ privacy are currently where the best hope lies in progress being made on an industry-wide scale. As Pam Dixon, executive director at the World Privacy Forum which has been involved in the NTIA meetings said to the TNW, “I really think something is possible here,” and that all of the ”really big players in the room” were “there in good faith”. And despite how the GSMA characterizes the global challenges of mobile privacy on its website, “services and data flows are increasingly global, and geographically bound data privacy laws appear unable to keep pace.”
Dixon said that she felt that even though the meetings were hosted by a US government agency, potential outcomes and agreements could (and most likely would) be ported globally. Beyond the NTIA reach, Dixon also mentioned that “the multinational companies are in the best position [worldwide] to add some stability to this problem [i.e. privacy].” So for now, the NTIA – while not really a battleground (more a campfire) – is where a good chunk of the action around mobile privacy is happening.
As we said, we had a chance to speak in-depth about the current state of mobile privacy with Pam Dixon of the World Privacy Forum over Skype (she is an avid user of Skype, which shouldn’t be too surprising for a privacy advocate). Dixon, who is also a co-chair of the California Privacy and Security Advisory Board and a former research fellow at the Privacy Foundation at Denver University’s Sturm School of Law, founded the World Privacy Forum, which covers a wide range of privacy issues, including medical identity theft, mobile and even cloud computing privacy issues.
Regarding mobile, Dixon said that “this has been a really challenging area for us… we were having trouble figuring out what the policy [approach should be].” We pointed out the Pew Internet numbers above (57% of people had either gotten rid of an app or not installed it altogether when they learned what information the app would collect) and asked if the message should be something akin to “just don’t do it” to consumers. Her response was quite funny: “Just saying no doesn’t work. It didn’t work for drugs and it isn’t going to work for privacy.”
“Most users want control over their data,” said Dixon, but there is data and then there is data: what users really care about are their personal data such as pictures, biometric info, notes, banking info, etc – they care much less about when their data is being used to target advertising to them. “There is a global consensus that we have rights [regarding our mobile data]. No one wants a contact list sucked out of their phone without their knowledge, permission and willingness,” Dixon stated. But while there is global consensus that users have rights, “defining sensitive information is culturally sensitive,” which makes it harder for privacy standards and norms to be adopted worldwide.
Finally, Dixon said that the privacy enhancements that both iOS and Android have continued to roll out were very encouraging, noting that iOS 6 will have many new features and privacy safeguards in place when it launches on September 19 (which also happens to be the date of the next NTIA meeting, coincidentally). She also praised Apple’s sandboxing of apps as “a great thing.”
Overall, Dixon said that “the privacy dialogue has had to mature on all sides… I don’t know anyone that wants to give up their phones to safeguard their privacy.” Regarding law enforcement activities (and the chance that innocent people might get inadvertently caught in a larger dragnet) one thing Dixon believes would certainly would be needed are “limits on retention needs to happen, flush that data out,” referring to how long a user’s data is stored by an app, company or carrier.
She also said that when she travels she tries to store important data locally on her device (she says she takes notes using Penultimate for this very reason) so that it isn’t sitting in the cloud and, as she put it, “factory reset is a very good thing to have,” meaning that if your device is about to get seized for whatever reason when you travel, hitting factory reset will wipe your data locally.
When asked what the fastest and surest path might be to get to a much more solid state of mobile privacy, Dixon responded that, “this is going to be a fruit bowl and not a piece of fruit,” meaning that a number of different approaches working together are going to be required.
“I’m not sure we’re going to get to a solution without some kind of regulation.” And when it comes to tracking you behind your back? “[Companies] have to make opting out very, very easy – there really can’t be any secret tracking anymore – that’s really old fashioned.” You could still have legitimate tracking, however, and keep privacy, as Dixon suggested you could have “[a] health app that wouldn’t opt you out of the tracking, but [that allowed you to] delete the data afterwards.” And if you couldn’t opt out, what could be a possible consequence? “You could possibly get your health insurance denied because of a health app that reports your health stats.”
In a related development in California, the state legislature this month passed a bill that was sponsored by EFF and the ACLU that would require law enforcement agencies to obtain a warrant before requesting user location data. State Sen. Mark Leno was quoted as saying that users, “are rightfully concerned about mobile privacy and the rate at which their location information is being shared with law enforcement.”
We asked Jeschke what the EFF considers to be the weakest link in the mobile ecosystem chain and her answer wasn’t all that encouraging (especially considering progress is obviously being made in California at least, which could hopefully, one would think, become a model for the rest of the country):
“They are all weak links, I’m afraid. Developers should go the extra mile and actually engineer in strong privacy protections from the start. We should not have to give up the cool new tools of the future in order to protect our privacy. I don’t want a future where if I’m not constantly super-vigilant, then I lose all my privacy and it’s my fault. Right now, users seem to be cutting back on apps because of privacy concerns [she cited the Pew Internet report here] – there is a real market for privacy-protective technologies, and start-ups should rush in and fill it.”
One such upcoming technology that might appeal to many users is encryption service spearheaded by the creator of PGP, Phil Zimmerman (along with the co-founder of the PGP Corporation, and a couple of ex-Navy Seals who happen to be privacy advocates as well). The service – called Silent Circle (sounds very appropriate for a company co-founded by ex-Seals, doesn’t it?) portends to encrypt all communications over mobile phones, and even works if only one user has the software installed. That user’s data will be encrypted as far as Silent Circle’s servers, which could be especially beneficial for people such as overseas military personnel that are in hostile environments – which is actually exactly the use case that the project started out trying to solve.
We’ll have to wait to see how well it works, but considering Zimmerman’s reputation (he’s in the Internet Hall of Fame), it’s a pretty good bet it will work as advertised. Here’s the intro video they have on the site:
As we mentioned, we spoke with Jules Polonetsky, director of the Future of Privacy Forum (Polonetsky is also a former politician and was chief privacy officer at both AOL and Doubleclick) who told us that “given the number of developers and the data available, [developers on the whole] are actually doing a good job” of staying on top of privacy issues. He said, however, that unlike other industries where privacy is something corporations strive to ensure because of compliance (i.e. the lawyers tell them to do it), mobile developers and companies are looking at privacy as a way to protect a valuable asset: user data. In other words, they have a business motivation to protect users’ data so that those users will not only keep their apps on their phones, but also by promoting that the data is secure and in the control of the user, the developers may not have to limit what data their app collects.
“Drawing the policy lines take generations to develop,” Polonetsky told us, saying that the speed of technology change “puts societal norms under strain.” He pointed out that a century ago, Teddy Roosevelt temporarily banned Kodak cameras from parks in Washington DC because he was shocked that just anybody could walk around with a camera and violate people’s privacy. When we asked Polonetsky if society would ever get ahead of technology privacy concerns, he responded, “I think we are going to fall further behind – the pace of change has limited society’s ability to catch up… we’re [still] struggling to catch up to social media and what supercomputers can do,” never mind newer emerging technologies. However, he did offer a glimmer of hope: “I think that [kids that are growing up with smartphones] get that technology changes… the adoption curve is getting quicker.”
Which brought us to our final question for Polonetsky, Dixon of the World Privacy Forum, and Jeschke of the EFF: For the most part, mobile phones are a well known quantity at this point, but what about wearable mobile connected devices such as fitness monitors, watches, and even as yet-to-be-in-the-public devices such as Google’s Project Glass?
Jeschke of the EFF had this to say:
“The same issues are at play here. When we carry technology around with us, more and more intimate details of our life are gathered and aggregated. When you use a connected device at a particular location, you are disclosing not only where you are, but what you are thinking about while you are there. These are very telling details that many of us want to keep private.”
Polonetsky of the Future of Privacy Forum told us that “mobile is showing us the way to other devices,” while Dixon of the World Privacy Forum told us, somewhat in awe, “I’m equally horrified and facisinated by [Google’s Project] Glass… this kind of technology will irrevocably change the world… it’s going to be like going from buggies and whips to Fords.” And if that doesn’t make you take pause about what our future world of mobile privacy will be, Dixon’s final statement most certainly will:
“You could seriously hurt someone’s reputation [with a device like Project Glass]… the law is so, so beyond even catching up with this one.”