Technology > Mobiles, Cell phones, Smartphones
How iPhone and Android smartphones spy on you and how to stop
them Video Guardian Animations 16 July
about the detailed location records
including iPhones and Android devices,
indicates just how much
companies including Apple and Google
are able to gather.
But it's not just the phone-makers
-- apps on your phone are
hungry for your personal info too.
So is your phone snooping on you?
Here, we reveal what you need to know
-- and whether you can
do anything about it.
Is Apple Right in Defying the F.B.I.?
By EMMA COTT and BEN LAFFIN
NYT | Feb. 19, 2016 | 1:33
Apple has said it will not comply with a federal court order
to unlock the iPhone of one of the San Bernardino attackers.
Commenters online weigh privacy versus security
in an age of
smartphones, apps > digital
WhatsApp > privacy
The Apple-FBI Debate Over Encryption
privacy > enhanced data encryption
The phone encrypts
emails, photos and contacts
based on a complex
that uses a code created by,
and unique to,
the phone’s user
— and that Apple says
it will not possess.
iPhone address book privacy UK
iPhone > encryption > privacy
- Feb. 19, 2016
cellphones, mobile apps > privacy
smartphone tracking industry
GPS tracking USA
tracking someone 24/7
with cellphone location technology
Android > privacy UK /
privacy-tips-for-android-phone/ - April 28, 2020
smartphones > tracking software
running Google's Android software
collect data about the user's movements
in almost exactly the same way
bins with 'cookie' technology track smartphone users
Corpus of news articles
Technology > Phones
Mobiles, Cellphones, Smartphones
the Next Lock to Pick
The New York Times
By CLAIRE CAIN MILLER
FRANCISCO — Hackers have broken into the cellphones of celebrities like Scarlett
Johansson and Prince William. But what about the rest of us, who might not have
particularly salacious photos or voice messages stored in our phones, but
nonetheless have e-mails, credit card numbers and records of our locations?
A growing number of companies, including start-ups and big names in computer
security like McAfee, Symantec, Sophos and AVG, see a business opportunity in
mobile security — protecting cellphones from hacks and malware that could read
text messages, store location information or add charges directly to mobile
On Tuesday, McAfee introduced a service for consumers to protect their
smartphones, tablets and computers at once, and last week the company introduced
a mobile security system for businesses. Last month, AT&T partnered with Juniper
Networks to build mobile security apps for consumers and businesses. The Defense
Department has called for companies and universities to come up with ways to
protect Android devices from malware.
In an indication of investor interest, one start-up, Lookout, last week raised
$40 million from venture capital firms, including Andreessen Horowitz, bringing
its total to $76.5 million. The company makes an app that scans other apps that
people download to their phones, looking for malware and viruses. It
automatically tracks 700,000 mobile apps and updates Lookout whenever it finds a
Still, in some ways, it’s an industry ahead of its time. Experts in mobile
security agree that mobile hackers are not yet much of a threat. But that is
poised to change quickly, they say, especially as people increasingly use their
phones to exchange money, by mobile shopping or using digital wallets like
“Unlike PCs, the chance of running into something in the wild for your phone is
quite low,” said Charlie Miller, a researcher at Accuvant, a security consulting
company, and a hacker who has revealed weaknesses in iPhones. “That’s partly
because it’s more secure but mostly because the bad guys haven’t gotten around
to it yet. But the bad guys are going to slowly follow the money over to your
Most consumers, though they protect their computers, are unaware that they need
to secure their phones, he said, “but the smartphones people have are computers,
and the same thing that can happen on your computer can happen on your phone.”
Cellphone users are more likely than computer users to click on dangerous links
or download sketchy apps because they are often distracted, experts say. Phones
can be more vulnerable because they connect to wireless networks at the gym or
the coffee shop, and hackers can surreptitiously charge consumers for a
There have already been harmful attacks, most of which have originated in China,
said John Hering, co-founder and chief executive of Lookout.
For example, this year, the Android market was hit by malware called DroidDream.
Hackers pirated 80 applications, added malicious code and tricked users into
downloading them from the Android Market. Google said 260,000 devices were
Also this year, people unwittingly downloaded other malware, called GGTracker,
by clicking on links in ads, and on the Web site to which the links led. The
malware signed them up, without their consent, for text message subscription
services that charged $10 to $50.
Lookout says that up to a million people were afflicted by mobile malware in the
first half of the year, and that the threat for Android users is two and a half
times higher than it was just six months ago.
Still, other experts caution that fear is profitable for the security industry,
and that consumers should be realistic about the small size of the threat at
this point. AdaptiveMobile, which sells mobile security tools, found that 6
percent of smartphone users said they had received a virus, but that the actual
number of confirmed viruses had not topped 2 percent.
Lookout’s founders are hackers themselves, though they say they are the good
kind, who break into phones and computers to expose the risks but not to steal
information or behave maliciously. “It’s very James Bond-type stuff,” Mr. Hering
A few years ago, he stood with a backpack filled with hacking gear near the
Academy Awards red carpet and discovered that up to 100 of the stars carried, in
their bejeweled clutches and tuxedo pockets, cellphones that he could break
into. He did not break into the phones, but publicized his ability to do so.
He started Lookout in 2007, along with Kevin Mahaffey and James Burgess, to
prevent such intrusions. It has free apps for Android, BlackBerry and Windows
phones, but not for iPhones. They are less vulnerable to attacks, security
experts say, because Apple’s app store, unlike Android’s, screens every app
before accepting it. Also, Android is the fastest-growing mobile platform, so it
is more attractive to hackers.
Google says it regularly scans apps in the Android Market for malware and can
rapidly remove malicious apps from the market and from people’s phones. It
prevents Android apps from accessing other apps and alerts users if an app
accesses its contact list or location, for instance.
Lookout also sells a paid version for $3 a month, which scans apps for privacy
intrusions like accessing a user’s contact list, alerts users if they visit
unsafe mobile Web sites or click on unsafe links in text messages, backs up a
phone’s call history and photos, and lets people lock or delete information from
T-Mobile builds Lookout into its Android phones, Verizon uses its technology to
screen apps in its app store and Sprint markets the app to customers. The
cellphone carriers and Lookout share the revenue when a user upgrades to the
“In mobile security circles, you never wait on it to become a problem and it’s
too late,” said Fared Adib, vice president of product development at Sprint.
Meanwhile, because mobile phone attacks are still relatively rare, Lookout’s
free app includes tools, including a way to back up a user’s contacts and a
feature that enables users to turn on an alarm on their phone when it is lost.
“You’re way more likely to just leave it in a cab than you are going to be
attacked by a hacker,” said Mr. Miller, the security researcher.
And in addition to collecting money from paying subscribers, Lookout plans to
sell the service to businesses. It has a chance because consumers are
increasingly bringing their own technologies into the workplace, and Lookout’s
app is consumer-friendly, said Chenxi Wang, a security analyst at Forrester
“It’s something a lot of I.T. guys are worried about because they have no
control over what consumers are doing and what these apps are doing,” Ms. Wang
Giovanni Vigna, a professor at the University of California, Santa Barbara who
studies security and malware, said it was only a matter of time before mobile
security was as second nature to consumers as computer security.
“The moment malware starts using text messages and expensive minutes people have
to pay for, things will move a lot faster,” he said.
For Hackers, the Next Lock to Pick,
the World’s Eyes and Ears
February 18, 2011
The New York Times
By JENNIFER PRESTON
and BRIAN STELTER
For some of the protesters facing Bahrain’s heavily armed
security forces in and around Pearl Square in Manama, the most powerful weapon
against shotguns and tear gas has been the tiny camera inside their cellphones.
By uploading images of this week’s violence in Manama, the capital, to Web sites
like YouTube and yFrog, and then sharing them on Facebook and Twitter, the
protesters upstaged government accounts and drew worldwide attention to their
A novelty less than a decade ago, the cellphone camera has become a vital tool
to document the government response to the unrest that has spread through the
Middle East and North Africa.
Recognizing the power of such documentation, human rights groups have published
guides and provided training on how to use cellphone cameras effectively.
“You finally have a video technology that can fit into the palm of one person’s
hand, and what the person can capture can end up around the world,” said James
E. Katz, director of the Rutgers Center for Mobile Communication Studies. “This
is the dagger at the throat of the creaky old regimes that, through the
manipulation of these old centralized technologies, have been able to smother
the public’s voice.”
In Tunisia, cellphones were used to capture video images of the first protests
in Sidi Bouzid in December, which helped spread unrest to other parts of the
country. The uploaded images also prompted producers at Al Jazeera, the
satellite television network, to begin focusing on the revolt, which toppled the
Tunisian government in mid-January and set the stage for the demonstrations in
While built-in cameras have been commercially available in cellphones since the
late 1990s, it was not until the tsunami that struck southeast Asia on Dec. 26,
2004, and the London subway bombings the following July that news organizations
began to take serious note of the outpouring of images and videos created and
posted by nonprofessionals. Memorably, in June 2009, cellphone videos of the
shooting death of a young woman in Tehran known as Nedawere uploaded on YouTube,
galvanizing the Iranian opposition and rocketing around the world.
Now, news organizations regularly seek out, sift and publish such images.
Authenticating them remains a challenge, since photos can be easily altered by
computers and old videos can resurface again, purporting to be new. YouTube is
using Storyful, a news aggregation site, to help manage the tens of thousands of
videos that have been uploaded from the Middle East in recent weeks and to
highlight notable ones on the CitizenTube channel.
But journalists are not the only conduits. Cellphone images are increasingly
being shared between users on mobile networks and social networking sites, and
they are being broadly consumed on Web sites that aggregate video and images.
The hosting Web sites have reported increases both in submissions from the
Middle East and in visitors viewing the content.
Among the sites, Bambuser has stood out as a way to stream video. Mans Adler,
the site’s co-founder, said it had 15,000 registered users in Egypt, most of
whom signed up just before last November’s election. He said there were more
than 10,000 videos on the site that were produced around the time of the
election, focusing on activity at the polls, in what appeared to be an organized
Afterward, the level of activity settled down to 800 to 2,000 videos a day, but
then soared back to 10,000 a day again when the mass protests erupted in Egypt
last month, he said.
In Bahrain, the government has blocked access to Bambuser.
At training sessions to help activists use their cameras, Bassem Samir, the
executive director of the Egyptian Democratic Academy, said that improving the
quality of the images and video was a high priority.
“Videos are stories,” said Mr. Samir. “What happened on the 25th and 28th of
January, it’s a story. It’s like a story of people who were asking for freedom
and democracy, and we had, like, five or three minutes to tell it.”
Robert Mackey contributed reporting.
Cellphones Become the
World’s Eyes and Ears on Protests,
Tell-All PCs and Phones
September 15, 2007
The New York Times
By BRAD STONE
The age-old business of breaking up has taken a decidedly
Orwellian turn, with digital evidence like e-mail messages, traces of Web site
visits and mobile telephone records now permeating many contentious divorce
Spurned lovers steal each other’s BlackBerrys. Suspicious spouses hack into each
other’s e-mail accounts. They load surveillance software onto the family PC,
sometimes discovering shocking infidelities.
Divorce lawyers routinely set out to find every bit of private data about their
clients’ adversaries, often hiring investigators with sophisticated digital
forensic tools to snoop into household computers.
“In just about every case now, to some extent, there is some electronic
evidence,” said Gaetano Ferro, president of the American Academy of Matrimonial
Lawyers, who also runs seminars on gathering electronic evidence. “It has
completely changed our field.”
Privacy advocates have grown increasingly worried that digital tools are giving
governments and powerful corporations the ability to peek into peoples’ lives as
never before. But the real snoops are often much closer to home.
“Google and Yahoo may know everything, but they don’t really care about you,”
said Jacalyn F. Barnett, a Manhattan-based divorce lawyer. “No one cares more
about the things you do than the person that used to be married to you.”
Most of these stories do not end amicably. This year, a technology consultant
from the Philadelphia area, who did not want his name used because he has a
teenage son, strongly suspected his wife was having an affair. Instead of
confronting her, the husband installed a $49 program called PC Pandora on her
computer, a laptop he had purchased.
The program surreptitiously took snapshots of her screen every 15 seconds and
e-mailed them to him. Soon he had a comprehensive overview of the sites she
visited and the instant messages she was sending. Since the program captured her
passwords, the husband was also able to get access to and print all the e-mail
messages his wife had received and sent over the previous year.
What he discovered ended his marriage. For 11 months, he said, she had been
seeing another man — the parent of one of their son’s classmates at a private
school outside Philadelphia. The husband said they were not only arranging
meetings but also posting explicit photos of themselves on the Web and
soliciting sex with other couples.
The husband, who like others in this article was reached through his lawyer,
said the decision to invade his wife’s privacy was not an easy one. “If I were
to tell you I have a pure ethical conscience over what I did, I’d be lying,” he
said. But he also pointed to companies that have Internet policies giving them
the right to read employee e-mail messages. “When you’re in a relationship like
a marriage, which is emotional as well as, candidly, a business, I think you can
look at it in the same way,” he said.
When considering invading their spouse’s privacy, husbands and wives cite an
overriding desire to find out some secret. One woman described sensing last year
that her husband, a Manhattan surgeon, was distant and overly obsessed with his
She drew him a bubble bath on his birthday and then pounced on the device while
he was in the tub. In his e-mail messages, she found evidence of an affair with
a medical resident, including plans for them to meet that night.
A few weeks later, after the couple had tried to reconcile, the woman gained
access to her husband’s America Online account (he had shared his password with
her) and found messages from a mortgage company. It turned out he had purchased
a $3 million Manhattan condominium, where he intended to continue his liaison.
“Every single time I looked at his e-mail I felt nervous,” the woman said. “But
I did anyway because I wanted to know the truth.”
Being on the receiving end of electronic spying can be particularly disturbing.
Jolene Barten-Bolender, a 45-year-old mother of three who lives in Dix Hills,
N.Y., said that she was recently informed by AOL and Google, on the same day,
that the passwords had been changed on two e-mail accounts she was using,
suggesting that someone had gained access and was reading her messages. Last
year, she discovered a Global Positioning System, or G.P.S., tracking device in
a wheel well of the family car.
She suspects her husband of 24 years, whom she is divorcing.
“It makes me feel nauseous and totally violated,” Ms. Barten-Bolender said,
speculating that he was trying to find out if she was seeing anyone. “Once
anything is written down, you have to know it could be viewed by someone looking
to invade or hurt you.”
Ms. Barten-Bolender’s husband and his lawyer declined to discuss her
Divorce lawyers say their files are filled with cases like these. Three-quarters
of the cases of Nancy Chemtob, a divorce lawyer in Manhattan, now involve some
kind of electronic communications. She says she routinely asks judges for court
orders to seize and copy the hard drives in the computers of her clients’
spouses, particularly if there is an opportunity to glimpse a couple’s full
financial picture, or a parent’s suitability to be the custodian of the
Lawyers must navigate a complex legal landscape governing the admissibility of
this kind of electronic evidence. Different laws define when it is illegal to
get access to information stored on a computer in the home, log into someone
else’s e-mail account, or listen in on phone calls.
Divorce lawyers say, however, if the computer in question is shared by the whole
family, or couples have revealed their passwords to each other, reading a
spouse’s e-mail messages and introducing them as evidence in a divorce case is
Lynne Z. Gold-Bikin, a Pennsylvania divorce lawyer, describes one client, a man,
who believed his wife was engaging in secret online correspondence. He found
e-mail messages to a lover in Australia that she had sent from a private AOL
account on the family computer. Her lawyer then challenged the use of this
evidence in court. Ms. Gold-Bikin’s client won the dispute and an advantageous
Lawyers say the only communications that are consistently protected in a
spouse’s private e-mail account are the messages to and from the lawyers
themselves, which are covered by lawyer-client privilege.
Perhaps for this reason, divorce lawyers as a group are among the most
pessimistic when it comes to assessing the overall state of privacy in the
“I do not like to put things on e-mail,” said David Levy, a Chicago divorce
lawyer. “There’s no way it’s private. Nothing is fully protected once you hit
the send button.”
Ms. Chemtob added, “People have an expectation of privacy that is completely
James Mulvaney agrees. A private investigator, Mr. Mulvaney now devotes much of
his time to poking through the computer records of divorcing spouses, on behalf
of divorce lawyers. One of his specialties is retrieving files, like bank
records and e-mail messages to secret lovers, that a spouse has tried to delete.
“Every keystroke on your computer is there, forever and ever,” Mr. Mulvaney
He had one bit of advice. “The only thing you can truly erase these things with
is a specialty Smith & Wesson product,” he said. “Throw your computer into the
air and play skeet with it.”
Tell-All PCs and
Phones Transforming Divorce, NYT, 15.9.2007,
These Phones Can Find You
The New York Times
By LAURA M. HOLSON
questions arise, courtesy of the latest advancement in cellphone technology: Do
you want your friends, family, or colleagues to know where you are at any given
time? And do you want to know where they are?
Obvious benefits come to mind. Parents can take advantage of the Global
Positioning System chips embedded in many cellphones to track the whereabouts of
their phone-toting children.
And for teenagers and 20-somethings, who are fond of sharing their comings and
goings on the Internet, youth-oriented services like Loopt and Buddy Beacon are
a natural next step.
Sam Altman, the 22-year-old co-founder of Loopt, said he came up with the idea
in early 2005 when he walked out of a lecture hall at Stanford.
“Two hundred students all pulled out their cellphones, called someone and said,
‘Where are you?’ ” he said. “People want to connect.”
But such services point to a new truth of modern life: If G.P.S. made it harder
to get lost, new cellphone services are now making it harder to hide.
“There are massive changes going on in society, particularly among young people
who feel comfortable sharing information in a digital society,” said Kevin
Bankston, a staff lawyer at the Electronic Frontier Foundation based in San
“We seem to be getting into a period where people are closely watching each
other,” he said. “There are privacy risks we haven’t begun to grapple with.”
But the practical applications outweigh the worries for some converts.
Kyna Fong, a 24-year-old Stanford graduate student, uses Loopt, offered by
Sprint Nextel. For $2.99 a month, she can see the location of friends who also
have the service, represented by dots on a map on her phone, with labels
identifying their names. They can also see where she is.
One night last summer she noticed on Loopt that friends she was meeting for
dinner were 40 miles away, and would be late. Instead of waiting, Ms. Fong
arranged her schedule to arrive when they did. “People don’t have to ask ‘Where
are you?’” she said.
Ms. Fong can control whom she shares the service with, and if at any point she
wants privacy, Ms. Fong can block access. Some people are not invited to join —
like her mother.
“I don’t know if I’d want my mom knowing where I was all the time,” she said.
Some situations are not so clear-cut. What if a spouse wants some time alone and
turns off the service? Why on earth, their better half may ask, are they doing
What if a boss asks an employee to use the service?
So far, the market for social-mapping is nascent — users number in the hundreds
of thousands, industry experts estimate.
But almost 55 percent of all mobile phones sold today in the United States have
the technology that makes such friend-and- family-tracking services possible,
according to Current Analysis, which follows trends in technology.
So far, it is most popular, industry executives say, among the college set.
But others have found different uses. Mr. Altman said one customer bought it to
keep track of a parent with Alzheimer’s. Helio, a mobile phone service provider
that offers Buddy Beacon, said some small-business owners use it to track
Consumers can turn off their service, making them invisible to people in their
social-mapping network. Still, the G.P.S. service embedded in the phone means
that your whereabouts are not a complete mystery.
“There is a Big Brother component,” said Charles S. Golvin, a wireless analyst
at Forrester Research. “The thinking goes that if my friends can find me, the
telephone company knows my location all the time, too.”
Phone companies say they are aware of the potential problems such services could
If a friend-finding service is viewed as too intrusive, said Mark Collins, vice
president for consumer data at AT&T’s wireless unit, “that is a negative for
us.” Loopt and similar services say they do not keep electronic records of
Mr. Altman of Loopt said that to protect better against unwelcome prying by,
say, a former friend, Loopt users are sent text messages at random times, asking
if they recognize a certain friend. If not, that person’s viewing ability is
Clay Harris, a 25-year-old freelance marketing executive in Memphis, says he
uses Helio’s Buddy Beacon mostly to keep in touch with his friend Gregory Lotz.
One night when Mr. Lotz was returning from a trip, Mr. Harris was happy to see
his friend show up unannounced at a bar where he and some other friends had
“He had tried to reach me, but I didn’t hear my phone ring,” Mr. Harris said.
“He just showed up and I thought, ‘Wow, this is great.’”
He would never think to block Mr. Lotz. But he would think twice before inviting
a girlfriend into his social-mapping network. “Most definitely a girl would ask
and wonder why I was blocking her,” he said.
Privacy Lost: These Phones Can Find You, NYT, 23.10.2007,
Cellphone as Tracker:
X Marks Your Doubts
November 19, 2006
The New York Times
By RANDALL STROSS
THE diminutive cellphone is turning out to be the most clever
of devices. As it connects to more networks, stores more kinds of data, delivers
more kinds of entertainment — wherever we happen to be — it effectively becomes
the most personal computer we own.
Now, as more of the handsets are equipped to use the Global Positioning System,
the satellite-based navigation network, we are on the verge of enjoying services
made possible only when information is matched automatically to location. Maps
on our phones will always know where we are. Our children can’t go missing.
Movie listings will always be for the closest theaters; restaurant suggestions,
organized by proximity. We will even have the option of choosing free cellphone
service if we agree to accept ads focused on nearby businesses.
None of this entails anything exotic. The technology has been ready for a while,
but not the customers. Prospective benefits have seemed paltry when placed
against privacy concerns. Who will have access to our location information —
present and past? Can carriers assure us that their systems are impervious to
threats from stalkers and other malicious intruders or neglectful employees — or
from government snoops without search warrants? Contemplating worst-case
scenarios, our hands holding these very mobile devices have been frozen,
hesitant to turn the location beacon on. Are we finally ready to flip the
Two wireless providers recently made separate announcements about new
positioning services, betting that the time has arrived. Two weeks ago, Helio —
a wireless service owned jointly by SK Telecom, a South Korean cellphone
company, and EarthLink, the American Internet service provider — introduced the
Buddy Beacon in its new phone, the Drift, which costs $225. With the press of a
button, the Drift shows on a map the location of up to 25 friends — if each is
also carrying a $225 Drift.
Last week, Boost Mobile, a unit of Sprint, and its technology partner, Loopt,
unveiled Boost Loopt, a similar offering described as a “social mapping
Both Helio and Boost Mobile market exclusively and unapologetically to a young
clientele. “We’re not going after soccer moms and businesspeople,” Helio’s
C.E.O., the veteran entrepreneur Sky Dayton, said last week. Freedom — to be a
hedonist — is the leitmotif in its materials. “Have a party,” Helio’s Web site
says invitingly, “not a search party.”
The Buddy Beacon serves at your pleasure, for your pleasure. “Turn it on when
you’re up for a party;” turn it off when you need “a night of privacy.” A press
release anticipates your feeling the urge to “slip out the back of the club into
the V.I.P. room.” (Yes! All the time!) In such instances, the beacon goes off.
Social mapping on cellphones is not all that new; it is just the next stage in
social networking. Dodgeball.com, which has been operating since 2004, should be
credited as a predecessor: a Dodgeball member uses a cellphone to send in a text
message about his or her whereabouts, and notifications are then sent
automatically to the member’s circle of friends. ( Google acquired the company
But Dodgeball can’t update a change of location automatically. With
G.P.S.-equipped handsets, the Beacon Buddy could remedy this shortcoming, but
Helio elected not to enable automatic updates: a user must push a button to
refresh the phone’s location. “We didn’t want a situation where someone left
their Buddy Beacon on and didn’t know it,” Mr. Dayton said. When the marketplace
is more familiar with the service, he added, it may introduce an auto-updating
Boost Loopt’s service has offered its first-generation users an option to
automatically send current coordinates every 15 to 20 minutes. Anticipating
potential security problems, it urges its users to admit only “good and trusted
friends” into the closed circle that can follow their movements.
Loopt suggests that all prospective invitees pass a number of tests of
trustworthiness: Do you have their phone numbers? Do you know where they live
and where they grew up? Would you lend them your car? Would you give them your
house keys to feed your dog?
Verizon Wireless has decided to hold off on social mapping. The only
G.P.S.-based program it now offers is a navigation service. Jeffrey Nelson, a
company spokesman, said Verizon was interested in social networks but felt the
need to “give a lot of thought to privacy and safety issues.”
Using a hypothetical 16-year-old customer to illustrate risks, Mr. Nelson said
it was one thing for the customer to imprudently send out her e-mail address to
a stranger, and still another for her phone to reveal her home’s location. “If
suddenly a bright light goes on above your house, saying, ‘This is me; this is
where I am,’ you’ve lost privacy and anonymity in your home,” he said.
The tattered condition of the wireless industry’s reputation for privacy
protection — which was not helped by the recent Hewlett-Packard pretexting
scandal involving phone logs — is not entirely the industry’s doing. Not so long
ago, industry players acted together to try to secure the Federal Communications
Commission’s help to tighten — yes, tighten — rules governing the privacy of
location information. It was the F.C.C. that let us all down, then and now.
Six years ago, the business potential of so-called mobile commerce was making
investors swoon the way online social networks bedazzle them today. To many,
this m-commerce — from on-the-go “concierge services” to location-specific ads —
was poised to exceed PC-based e-commerce. And that was when there were 106
million cellphones in use in the United States, versus 227 million today,
according to CTIA-The Wireless Association, a trade group.
But the potential of m-commerce could be realized only if consumers had ironclad
assurance that, except in emergencies, the service provider would never use
location information unless they expressly gave consent. The industry
acknowledged that customers who received unsolicited ads keyed to their
movements would have perfectly legitimate privacy concerns.
CTIA-The Wireless Association petitioned the F.C.C. to draft rules guaranteeing
basic privacy protections, like requiring that customers give explicit consent
before any information was disclosed to third parties and that all location
information be protected from unauthorized access. When the F.C.C. considered
the request in 2002, it declined to act, arguing that existing legislation was
One commissioner, Michael J. Copps, dissented. He pointed out the rarity of a
group in this industry seeking stricter rules for its members. That it would do
so, he said, showed that the statutory language had not resolved all questions
relating to the handling of customers’ location information.
The Wireless Communications and Public Safety Act of 1999, known as the 911 Act,
requires that customers deliberately choose to have location information
collected. But some wondered whether customers gave “implied consent” just by
using the service.
Even the definition of what constituted “location information” was in dispute.
Cingular maintained that the location of the nearest cell tower was not,
strictly speaking, the customer’s location information, and so was not
encompassed by the 911 Act.
Mr. Copps pleaded that the commission “put in some sweat now” to create the
clarifying rules “before consumers make up their minds about whether they trust
location practices.” His plea went unheeded; the F.C.C. has remained inert.
LEGISLATION that provides stronger protection of location
information will come, said David M. Mark, a professor of geography at the State
University of New York, Buffalo. But, he added, it would probably take a
“horrific incident involving a celebrity” before legislators paid attention.
The Video Privacy Protection Act of 1988 was passed after the video rental
records of the Supreme Court nominee Robert H. Bork were made public. Let us
hope that no one, famous or not, will be hurt because a cellphone’s location was
improperly leaked; one famous person in one headline, however, could lead to
swift passage of a Location Privacy Protection Act of 2007.
The stronger the protection of cellphone location data, the faster the public
will accept the new positioning services. The best policy would be to require by
statute that carriers continually purge location data. If location history is
never stored, the possibility of mishandling or theft of that information is
When families adopt positioning cellphone services, a new problem will likely
emerge, Professor Mark said. The very act of turning off one’s location beacon
may itself be seen as suspicious. “If you don’t want your location known,” he
asked, “does that mean you intend to do something improper?”
Randall Stross is an author based in Silicon Valley
and a professor of
at San Jose State University.
Cellphone as Tracker: X Marks Your Doubts,
Related > Anglonautes >
smartphones > apps
smartphones > apps > Zoom
Privacy > USA > U.S. Constitution > Fourth Amendment 1791