I Know My Phone’s "Spying" on Me, But How Bad Is It?
With all the hullaballoo about Carrier IQ spying on all those phones, I’m left wondering what else is my phone gathering about me? Should I be concerned, and if so, what should I do about it?
Not Trying To Be Paranoid
A healthy dose of skepticism is, well, healthy, and you’re definitely not alone in wondering what kind of private information your phone is gathering and what’s being done with it. The CarrierIQ rootkit is the most recent of many mobile privacy and security concerns that have been raised (though particularly worrisome because it comes preinstalled on your phone, and removing it can be difficult). The truth is, yes, your phone is tracking your location, and you may be surprised by which mobile apps are recording information about you. But it’s not always a big cause for concern. Here’s an overview:
Your Cell Phone Knows Where You Are
It’s no secret that our smartphones are location aware. The location technology that triangulates your position using GPS or cell tower information is behind many of our smartphones’ most useful features, from finding great places nearby to geotagging your photos to automatically delivering discounts based on the store you’re in.
The main concern for some about this location tracking is that Google and Apple (and the other major mobile OS makers) may be collecting and storing your very specific location data (for example, with the iPhoneTracker Maps collected on iOS). Google, Apple, and Microsoft have all said that they use this data to maintain their location databases and that the data is all anonymous or anonymized.
It’s unlikely these companies are gathering your info in order to track your every move like in some spy thriller, but if you’re worried or rather not send your location data to Google, Apple, or anyone else, location tracking can be turned off. In Android, go to Settings > Location and Security, and uncheck "Use Wireless Networks". On your iPhone, you’ll need to to jailbreak your device and use an app like previously mentioned Untrackerd. See our previous guide to stopping your smartphone from constantly tracking you for more considerations before you turn off location tracking.
Mobile Apps Can Collect Your Location, Phone Number, and Other Personal Details
It’s easier to put a little trust in large companies like Apple, Google, and Microsoft—they’ve got too much at stake to risk spying in a way that would really freak most people out. But your phone’s operating system is just one consideration. Apps may be collecting and transmitting even more details about your phone usage and other information. The most obvious reason is so marketers can use that data to sell you more stuff or send targeted ads, but with some apps, what’s being collected doesn’t immediately make a lot of sense.
The Wall Street Journal analyzed 101 popular apps
to show in an interactive database what each app collects and how it’s shared. Some apps access more data on your phone than what they transmit to either the app makers or to third parties like marketers or Google. Here’s what the database looks like (there’s also a useful chart in that WSJ article):
Foursquare, for example, collects your phone number, phone ID, location, age, gender, contacts, and Foursquare username and password, but only sends location data to two third parties: Google and Twitter. Angry Birds collects your phone ID, location, and contacts and sends them to Google or your phone ID and location to another company called Flurry.
You may be surprised by Angry Birds’ need for and transmission of your location data, but it’s most likely so the app developers can get more insight into its users (not really to see where you’re flinging birds at any point in time): Flurry is a mobile analytics company. The collection of your contacts is so the app can find your friends.
Another head-scratcher is Bejeweled 2, which sends your Bejeweled username and password as well as phone number to Facebook. And Dictionary.com sends your phone ID to multiple third parties (it’s one of the apps, along with Pandora and Best Alarm Clock Free, that transmit the most data; filter to see those in the WSJ database by clicking the dropdown on the right). Those kinds of sharing definitely raise some concern.
What does all this mean? For most apps, there isn’t all that much cause for alarm. Location tracking is most often used for the developers’ analytics, much like online advertisers use your IP address to target ads to you. However, if this kind of location tracking makes your cringe, you should carefully review the permissions of each app you install to make sure you’re comfortable with its permissions. On Android, previously mentioned PermissionDog can help you easily review all your installed apps’ permissions settings.
A mobile security app like previously mentioned ESET Mobile Security (Android) or Lookout (iPhone and Android) can also watch your back when installing apps or check which apps access your location data.
What Else Is Gathered By Major Cellphone Providers
Beyond built-in location tracking settings on your device and mobile apps’ access to your info, wireless providers may also gather and keep other information, such as your call records, text message content, and cell towers used. The ACLU published this chart from the US Department of Justice of what each cell phone provider collects and for how long.
If you take issue with any of those practices for your provider, the only thing you can do right now is switch to another one and wait as the debate on mobile security continues (law-makers and mobile privacy experts are calling for more transparency on what’s collected and shared).
P.S. What are your thoughts on mobile "spying"? Sound off in the comments.
Photo remixed from an original by Yurchyks/Shutterstock.