To install applications on your smartphone, users have to grant apps certain permissions. Like with end-user licence agreements, most of us just click “accept”, and get on with the fun. We are selling our souls, though.
Some time ago, I wrote that the tinfoil hat loonies were right all along. It isn’t paranoia if government and big business really are spying on you. Yet there is a worrying discordance in how consumers view privacy. Most take it seriously in principle, but not in fact. Ultimately, they’ll sacrifice their souls for a nifty app or a cool game.
It is hard to prevent mobile handsets from leaking private or confidential data. An acquaintance who recently had to reinstall the Uber ride sharing application on their Android-based handset was astonished at the permissions this app requires. It gets to use your device ID, account data, profile data, contacts data, location data, free and non-free SMS services, wi-fi network information, the phone numbers you call, as well as all your photos, videos, audio and other files, including those on external storage. What, exactly, the term “use” means is not clear from the privacy warning that pops up upon installation.
Some of the permissions make sense, given some thought. Location, for example, seems like something a would-be taxi driver might want to know. What does it want with your contact data, however? When your contacts might include execs and exes, very important people and very dangerous people, doctors and drug dealers, confidential sources and competitors, don’t you get a bit nervous about granting access to it, just to call a taxi?
What would Uber want with your photographs and other media? Does it get the right to write them, read them, or post them online? On traditional computers, writing is often seen as a greater access right than reading, but on a mobile phone it is the other way around. Android doesn’t even distinguish between them, and the Uber installation screen won’t tell you.
Assuming that the Uber app does not ask for permissions it does not intend to use, it is hard to trust the app not to abuse the astonishing wealth of information it is free to access. It wouldn’t be the first company to be caught red-handed collecting user data wholesale. However, despite some alarming disclosures about the Uber app’s code, a bit of wiretapping apparently proved that Uber, despite the raft of permissions it wants, is not an uber-spy.
The company says its app needs access to contacts in order to split fares and invite friends onto the service. It needs access to “photos, media and files” because it needs to store map information. It needs access to the camera to make paying by credit card easier for customers.
So, let’s say we trust Uber. A list of 10 permission groups, all of which are fairly vague (ostensibly to simplify the user experience), sets a precedent. Having seen that Uber really needs all of these permissions to do what it does, it would seem logical that other apps might also need them. But does your flashlight utility really need to record audio and know your location?
A further threat is that such broad access rights puts customers at risk even when used responsibly. Major corporations get hacked almost routinely, nowadays. Look at Sony’s repeated security disasters, or the shower of celebrity nudies stolen from Apple’s iCloud service. Think of the nearly five million compromised accounts of the supposedly secure photo-sharing service Snapchat. One hack of a health insurance company exposed the personal information of 80 million people. Another, which wasn’t discovered until almost a year later, gave away another 11 million identities. Gmail recently leaked five million user names and passwords. Hundreds of millions of accounts have been compromised in several major retail company hacks, exposing tens of millions of credit card numbers. Many banks and financial institutions, including big names like HSBC, Nasdaq and JP Morgan Chase, have lost money or customer account information to hackers.
If you think hackers won’t go after the data held by a firm like Uber, consider that a transaction processing company for all major credit cards, was hacked by gaining access to a privileged account on the network of a taxi company.
Personal data is a hot commodity in criminal circles. It used to be safe to say you weren’t important enough for anyone to spy on you, but that is no longer true. The data on your mobile phone, which you’ve just opened up merely to be able to call a taxi, is extremely valuable to hackers. Besides identity theft, it could get them into your computer, so they could use your machine as part of a network to launch attacks on more valuable targets. Alternatively, it could get them into your employer’s computers, which would be even better for them.
Uber is not unique, of course. Many apps require more permissions than a user might expect. Facebook, for example, demands at least as much access to your phone, including the right to read confidential calendar entries and email people without the user’s knowledge. Some utilities, like the afore-mentioned flashlight, are no better than Trojan horses for spyware. Popular games, like Despicable Me and Angry Birds, are notorious for their privacy risks. (See how your favourite apps rank, at Carnegie Mellon University’s Privacy Grade project.)
Android is also not unique, of course. Windows smartphones have exactly the same problem. Apple’s iPhone grants users more control over privacy, by requiring apps to explicitly ask users for permissions when executing specific functions. This way, there is no up-front “click to accept” permission screen, like the licence agreement that everyone should read but nobody does.
An improvement all smartphone makers could make, even if it takes a bit more user interaction, is to make permissions more granular and make those permissions individually revocable. If an app needs access to my phone’s contacts or storage, that’s fine. But I do not want to grant it implicit permission to copy my contact list to its servers, to email my mother, to log my calls to my parole officer, or to swipe my collection of rare vintage nudes.
Apple made a welcome nod towards the privacy concerns of users by making encryption of sensitive data standard on the iPhone 6. This protects the phone when it is lost, stolen or confiscated. Any measure both governments and criminals dislike (if you’ll forgive the tautology) must be a good ‘un. Still, encryption does not protect users from apps that snoop, because while you’re using the phone, your data obviously has to be accessible.
Besides for apps with the right permissions, another risk is that all operating system vendors have implicit access to your smartphone while you’re using it. One of the most convenient features of Android is its tight integration with Google’s services, for example. But that also gives Google unrestricted access to the data on your phone. We saw earlier that these vendors are vulnerable to attack by hackers, and we know that the NSA knows everything they know, in any case.
To get access to services – even paid-for services like Uber – users feel they have to sacrifice their privacy. According to a recent survey by Open-Xchange, an open-source email software provider, more than half of all internet users believe it is impossible or too hard to maintain their privacy. Roughly half would be prepared to use encrypted email, if they understood how it worked, it was convenient, or it was built in to their software. The same is likely true for other messaging platforms, as well as for data storage.
Despite this, a Pew survey of among Americans, published last month, found that only 13% of users had changed their use of smartphone apps to regain their privacy.
Guarding your smartphone data is not easy. Smartphone makers and operating system vendors still have a way to go to improve the control users have over their own data, and to make those controls intuitive and easy to use.
Until such controls become available, the best advice is to be paranoid. Whenever an app requests permissions that don’t make much sense, do some research. Check the user reviews online. Think whether you really need the app. Consider whether the vendor is trustworthy.
It is very easy to click “accept” to a combination of permissions that includes the ability to send email, read phone data and access the internet. Realise, however, that this essentially enables the app to grab your data and send it anywhere.
Always ask yourself whether this is a risk a price worth paying for a new feature on your smartphone. DM
Star Wars was the first major film to be dubbed in Navajo.