The State of Mobile Privacy as We Head Into 2018

taking photo anonymously

2017 was a bad year for personal privacy. If you’re one of the 190 million plus smartphone users residing in the US, you may have been hacked. If not, you more than likely got duped by a fake app.

More than 1.5 million new incidents of mobile malware have been detected by McAfee Labs, bringing us up to a staggering total of 16 million mobile malware attacks.

As if that’s not enough, your mobile privacy is severely at stake. The FCC’s internet privacy rules were repealed in April, giving internet users less control over what ISPs can do with their data. This means that your personal information can be collected and sold to third parties without regulation.

A lot has occurred in the last twelve months to undermine our mobile rights. Texas native Devin Kelley, an ex-military man with a violent past, killed 26 people and injured 20 others at a Baptist church in Sutherland Springs before taking his own life.

When the FBI discovered that Kelley’s phone was locked, they demanded that Apple unlock the phone, a move that would violate mobile users’ right to privacy. According to the Feds, Apple refused, although an Apple spokesperson denied the allegation.

Most alarmingly, they claim that they immediately contacted the FBI about Kelley’s iPhone, suggesting that they would be willing and able to break the device’s encryption and expose the shooter’s personal data to the Feds.

The FBI went on to serve Apple with a search warrant to break the encryption on the phone in question.

Of course, this is nothing new. It’s not the first time that the FBI have butted heads with the mobile giant nor the first time that they’ve wanted to crack a shooter’s Smartphone.

In the immediate aftermath of the San Bernardino shooting in 2016, the government put pressure on Apple to unlock gunman Syed Farook’s phone. At the time, Apple’s lawyers were adamant that such coercion to crack the phone would violate the Constitution.

What makes this latest case so unique and, indeed, so disturbing is Apple’s apparent willingness to cooperate with the Feds and, therefore, violate their users’ privacy policy.

There are many reasons why mobile privacy is important. For many of us, our banking information is linked to our phones as well as other sensitive data such as our Social Security Numbers and instant messenger conversations.

Criminals have already developed ways to “jailbreak” mobile devices after they’ve been lost or stolen. According to a study by Kensington, 70 million smartphones are lost every year. It is estimated that there are dozens of cyberattacks every single month. This amounts to the personal info of billions of users being compromised.

Most of us have reconciled ourselves to the sad fact that Wi-Fi is unsecure in public places, meaning that we’re open to attack any time anywhere. The difference is, we expect criminals to invade our privacy, we don’t expect our mobile providers or our governing bodies to do the same.

Regardless of your politics and regardless of your criminal or non-criminal history, we shouldn’t let the government break into our phones as it sets a bad precedent where our right to privacy is concerned. These shootings are reprehensible, but so, too, is the notion of having our basic liberties stripped away by a government that is supposed to honor and uphold them.

As mentioned earlier, the repeal of the FCC’s internet privacy rule leaves us in an unfortunate situation. Our internet service providers are now free to collect and sell our data to third parties. This will no doubt result in telemarketing scams and other nuisances.

Luckily, for those of us who want to remain private, there are a number of security solutions that can help us out. VPNs (Virtual Private Networks) enable you to surf the web anonymously thanks to military-grade encryption and blanket IP addresses, and most of them are compatible with Android and iOS devices.

VPNs are legal in most countries and can conceal your activity by hiding your actual IP address and giving potential hackers the impression that you are in a different physical location. This means that even your ISP won’t be able to detect any activity on your real IP address.

Some VPN services provide intrusion detection and prevention features in their software and most all of them claim to have a “no logs policy.” This assures customers that their sessions are not recorded and cannot be shared with others.

However, it is important to note that some VPNs have been called out for failing to keep this promise. PureVPN is one of the most popular VPN solutions on the market, but users were less than pleased to learn that the information they were supposedly not collecting was then used by the FBI to track down an internet stalker.

Others, like PrivateInternetAccess.com, have gotten lucky by virtue of their location. The vast majority of VPNs have headquarters outside of the US where they are beyond the jurisdiction of the Federal Bureau and protected by their own country’s policies on VPNs.

This will likely change over time as countries like Russia place bans on their proxy servers. For the time being, the solution is there to shield yourself from unwanted snoops, but if FBI has their say, we will soon see this kind of protection evaporate.

VPNs are regularly served with subpoenas and/or search warrants. Whether these search warrants result in user data being shared with government agencies or other third parties is hard to confirm, particularly since those companies that genuinely maintain a no logging policy wouldn’t have any information pertinent to the offending user’s IP address.

But one thing is for sure. There are existing measures that the public can take to protect their privacy. Alas, no security solution is impervious to government scrutiny. Which is why it is imperative that companies like Apple refuse to cave when faced with pressure from government institutions. The actions of a few should not negatively impact the rights of the many.

Leave a Reply

Your email address will not be published. Required fields are marked *