Is your smart phone too smart?
Consumer Federation of California
What Information Does Your Service Provider Collect And Store?
Service providers (like AT&T, Sprint, Verizon, and T-Mobile) collect data but are not forthcoming in detailing exactly what data they collect, the reasons they collect it, and their data retention policies. At the very least, smartphone service providers collect the following:
- Incoming and outgoing calls: the phone numbers you call, the numbers that you receive calls from, and the duration of the call;
- Incoming and outgoing text messages: the phone numbers you send texts to and receive texts from;
- How often you check your e-mail or access the Internet;
- Your location.
Data retention policies vary among service providers, and certain records are kept longer than others. For instance, as of September 2011, Verizon, T-Mobile, AT&T and Sprint all differ when it comes to how long they store any combination of cell tower history records, text message detail, text message content, IP session information, IP destination information, and bill copies.
In addition to the data collected by your smartphone service provider, you should also be aware of the possible privacy issues surrounding the collection or disclosures of:
- Any photos or video you take on your phone;
- Details about the text messages and e-mails you send and receive, including the content;
- Who is calling you, who you are calling, and details about the phone call such as when it was placed and how long it lasted;
- The contacts you have stored in your phone;
- Financial data;
- What you store in your phone’s calendar;
- Your location, age, and gender.
Criminals Can Physically Gain Access To Your Smartphone
A person who gains access to your smartphone can physically install surveillance spyware. An online search for “smartphone spy” pulls up software that promises “it doesn’t matter if the user tries to delete their tracks by deleting their data. This flexible spy software records the activities instantly after they happen and stores them to a small hidden file on the phone. The file is then uploaded to your web-based account.”
Even scarier, certain spyware can “turn on” your phone’s microphone and camera, using it to listen and see what’s going on around you. Spyware can also track and record your location. Unfortunately, it can be very difficult to detect spyware on your own.
- Password protect your phone. As always, make sure you use a strong password.
- Do not allow your smartphone to automatically remember login passwords for access to email, VPN, and other accounts.
- Use your phone’s security lockout feature. Set the phone to automatically lock after a certain amount of time not in use.
- Also install security software that allows you to remotely lock your phone and wipe the data. Never leave your phone unattended.
Through Public Wi-Fi Networks And Bluetooth
When your smartphone uses a public Wi-Fi network to connect to the Internet (for example, in an airport or coffee shop), it may be possible for others to “see” the data being transmitted by your smartphone unless the data has VPN or SSL protection. This data could be what you are typing (worst-case scenario: your bank account log-in information) or it could be information being collected by an app you are using.
Similarly, when you use Bluetooth, make sure you know and trust the connection. Turn off your Bluetooth function when you are not using it.
- Use Wi-Fi networks cautiously. Do not conduct activities that use sensitive information such as mobile banking.
- Before connecting to any network, make sure it is one you trust. Bad actors can set up fake public networks that are only used for malicious purposes.
By Tricking You Or Exploiting Your Trust
Often, cybercriminals work by exploiting consumer trust and convincing them that their links, URLs, applications or files are safe. However, they may also infiltrate legitimate software. Therefore, we recommend that you install your choice of mobile security software.
- When clicking on links, downloading files, and downloading apps, make sure you are aware of and trust the source.
- Look into installing security software on your smartphone.