There was a time when your phone was just a phone, when we were more concerned about losing it than worried about what it contained. However that ship sailed a long time ago. Nowadays our mobile phones contain an almost inconceivable concentration of personal identifying information (PII); data that is coveted by all and sundry. The mobile phone has become the target of a veritable assault on our privacy, a kiss and tell-all spy, that monitors our every move and gesture and then lets us share everything, not just with those with whom we wish to share information but also to those companies who have made us agree to share everything in return for using the phone and who then provide that information to various agencies, domestic and foreign, who deem it necessary to know everything about you, to protect the free world. It’s complicated!
The last year has seen revelation after revelation originating from the former NSA contractor and whistle-blower, Edward Snowden and many of these disclosures concern the targeting of mobile phone users, both the high and mighty like Angela Merkel and the Brazilian President Dilma Rousseff, and the more average users like you and me. It is estimated that the NSA alone gathers some 5 billion cellphone records every day according to the Washington Post. Of course it’s not just listening in on our phone calls and knowing exactly where and when we went that is available. By tapping into our smartphones ‘they’ also get to see our email messages, social contacts, diary items, on-line purchase details, social network posts, internet search records and history, private photographs, musical tastes and much more!
The new baddies: Data Brokers
While the scale and indiscriminate nature of the NSA’s surveillance practices is staggering, a number of observers have commented on the fact that, by and large, a great deal of the PII data is already harvested by a new breed of marketeers, the data brokers. On NBC’s 60 minute programme Data Brokers that aired in March 2014, the practice of collecting together with the subsequent sale of personal information gathered from 3rd party mobile applications was highlighted. As one of the contributors to the programme explained:
Julie Brill: It’s the kind of information that really talks about who you are on a day to day basis. Where you go and who you might be visiting with, what shops you may frequent. What time you come home. What time you leave.
Such information — our information, is a valuable source of income for companies that specialise in providing data to major industries like financial service providers, high street retailers and pharmaceutical companies. Data companies, like Axciom, Epsilon and Experian pull all the data together and then offer packages to companies who seek to adapt their sales offers to present and future consumers by providing the best and most appropriate service possible.
Or not! While shopping habits culled from an analysis of shop loyalty card purchases which are routinely sold on to brokers, could indicate a future baby they might also signal potential alcoholism! So as you might imagine, insurance companies are avid purchasers of lists of people which might indicate health issues. How much is someone’s personal data worth? According to the Financial Times not very much, about 1 euro. (You can calculate your own worth here)
Getting back to mobile phones, as explained above, one of the ways that personal information can been gathered is through applications. People rarely take a close look at the permissions granted when they install a free ‘app’ however these apps routinely asks for access to your contacts and location information. A typical case in point was The Brightest Flashlight App, a phenomenally successful torch app which secretly gathered and sold information on users without their permission. The terms and conditions of on line click agreements in general is coming under increasing scrutiny. The 2012 documentary film Terms and Conditions Apply explains very well how user data is exploited by the the really big data companies, Google, Facebook and Yahoo.
So is it time to take mobile phone security issues seriously? To be fair Google Play has tightened up security associated with Android apps and is even starting to offer scans of phones to detect malware. Both Apple and HTC have added fingerprint recognition to unlock phones but it remains to be seen whether that is any more than just a gimmick. Apple has also recently got together with a number of other tech companies to offer a kill switch for lost and stolen phones. This will allow the user to disable the phone and prevent access to any personal information that it contains. However this does not address the real problems of eavesdropping on calls and messages, the tracking and tracing of phones through geolocation and unauthorised access to contact and other personal information.
Enter the BlackPhone
In the light of all the concerns mentioned above it is hardly surprising that a number of companies are hoping to capitalise on the situation; Blackphone is one of them. The Blackphone, built by the Spanish company Geeksphone, offers a middle of the road smartphone with an ‘enhanced’ Android OS, (without Google) called PrivatOS, bundled together with security software especially developed by the Swiss firm Silent Circle. Founded by security Guru and creator of PGP, Phil Zimmerman, Silent Circle offers a security suite, it says is worth up to €1500, ready-installed on the BlackPhone. Some of these tools are available as applications on Google Play or in the iStore but for them to work you will need to take out a subscription with Silent Circle. On the BlackPhone however everything is ready installed, calls, text messages, contacts, video conferences and data storage are all encrypted with no subscriptions to pay for at least 2 years. Moreover any downloaded 3rd party apps can be fine-tuned security wise, and the usual tracking and tracing of the phone is switched off. There will also be a firewall and the possibility to remotely to wipe and disable the phone when it is launched in June 2014. Applications from other developers are available to encrypt communications and protect sensitive data but they do not work in such an integrated way as they do on the BlackPhone.
By the way if you are interested in buying this phone you are out of luck; all the initial production run has sold out!
Useful follow up links
- See how people search sites gather information. http://www.zdnet.com/photos/gallery-how-people-search-sites-get-your-information-and-what-you-can-do-about-it/6278878#photo
- You can protect your web browsing with Cocoon https://getcocoon.com/
- See some screenshots of the apps in action https://play.google.com/store/apps/details?id=com.silentcircle.silentphone
- The Silent Circle site is here https://silentcircle.com/
- What happens in France? Recently Thales was given exclusive rights to spy on French phones.
See http://www.liberation.fr/societe/2014/03/18/ecoutes-judiciaires-thales-au-bout-du-fil_988143 - Promotional video from BlackPhone below