experience america's largest & fastest 5G network
We use cell phones every day. Our society runs fast, with people in near-constant communication across their mobile phones, computers, and other devices.
Mobile phones, unfortunately, are not designed for privacy and security. Mobile phones, without extra input on your end, do a poor job of protecting your communications and expose you to a lot of surveillance risks. Across the board, it is harder to protect a cell phone than it is a personal computer. There is often bundled software and a lot of monitoring that you can’t evade with cell phones, but, of course, the thought of moving through the day without a device is crazy! In this article, we will break down the privacy problems you can address, those you cannot, and what you can do to protect yourself.
Mobile Phone Privacy Breakdown
How often do you use your phone? Do you have social media apps installed, as well as some games? Most people use these powerful devices for everything they can without thinking much about all the private data they are putting out into the world. Not private, like passwords and account information, but apps can learn so much from your location, habits, and many other items that your phone tracks in the background.
Location Tracking
The biggest threat to privacy is how phones track your location. Your phone knows your whereabouts at all times and broadcasts it out to, at the very least, nearby cell phone towers. Whenever your phone is on, your cell phone provider can discern where that phone is through a process called triangulation. You may have heard this term used in police procedurals throughout the years. Triangulation occurs when cell providers observe the signal strength your phone is getting from nearby towers. Based on the signals, operators can pinpoint where your cell phone is.
Now, this data is not freely given. The government and law enforcement can demand that your operator triangulate your cell phone’s position, but it is not given out on a whim. This data is separate from the GPS data your phone generates. You can turn off the GPS tracking on your phone, but you cannot turn off triangulation. Similarly, apps can ask for GPS permissions, but they cannot get triangulation data from your provider. Your phone also does not use that data for any of its internal or external processes.
Carriers can also release a “tower dump,” which is the ID of every cell phone in a certain area at a given time. Similar to triangulation data, this is only given to the authorities.
Cell Site Simulator
There is a device called a cell city simulator that masquerades as a cell phone tower to catch your phone’s ID. Legal warrants are required for the use of a cell site simulator, but malevolent actors may engage one to steal your phone’s data. Unfortunately, there is no reliable way to evade cell site simulators and other ISMI catchers, but they are rarely used in the United States.
GPS Data
You have more control over your GPS tracking than the background tracking from other sources on your device. You decide which apps access your GPS data, but if you are not careful, apps might default to gathering it without you realizing it. Apps that have no real reason to gather data might be trying to sell them to a data aggregate corporation or something along those lines.
The real value of GPS data, especially over a long period of time, is that it shows people’s routine activities. Where you go shopping, when you go shopping, how long you are at home, at work, etc. Knowing your location at this exact moment is much less interesting than where you go grocery shopping, for instance. Companies are not interested in you, in particular. Rather, they want averages from the entire city's worth of people.
We recommend routine sweeps along the apps you have downloaded to check if there are any with permissions that do not match their activities. Less well-known apps are commonly guilty of this, as they will happily collect, for instance, your GPS data to pad their funds.
Spying on Mobile Communications
In the beginning, networks did not worry about people tapping calls and tracking messages because no one had ever done it before. Now, there is a constant war between cell providers working to encrypt data traffic and malevolent entities trying to eavesdrop in. To be safe, you should assume that your text and voice communication on cell phones is not secure. There are some emerging encrypted communications, but they are not infallible. For instance, Google Pixels offers end-to-end encryption, but only when you contact another Google device.
There are also secure communication apps that have much better-integrated encryption than the message application that is used by default.
Fortunately, there are many messaging apps with extra layers of protection. One such app is Signal, which is available for both iOS and Android devices. Signal offers end-to-end encryption to keep your conversations secure. No one but you and your recipient has access to the messages and calls you make on your device. Using a third-party messaging app is an excellent way to decrease the chances that someone gains access to your communications. Nothing is perfect, but apps like Signal, Telegram, and WhatsApp all have levels of encryption that surpass what generic messaging apps provide.
End-To-End Encryption
End-to-end encryption is a type of protection in which only the sender and receiver, the endpoints of data transfer, can decrypt and access the data. Another common form of encryption, symmetric key encryption, uses one key to protect the message. Without that key, the data is a nonsensical collection of bits, but anyone who gets hold of the key can decrypt and access it.
With end-to-end encryption, the data is encrypted with two keys. This makes it significantly more difficult for anyone to gain unwanted access to the data. This is a common form of encryption in high data-security sectors like finance, healthcare, and communication.
Phone Components and Sensors
Cell phones collect a lot of data. They have many components and sensors that passively collect data to communicate internally with apps and processes. By far, the most common among these is the GPS. Your phone’s Global Positioning System lets your device pinpoint its location with high levels of speed and accuracy. It lets your maps app navigate you through the country, lets your friends and family keep track of you if you share your location, and much more.
The signal that your phone uses for GPS data is a one-way street. This is good! GPS Satellites only transmit signals. Your phone calculates its position by the time it takes for those signals to arrive, much like how your carrier can pinpoint your phone’s location using local towers.
The big difference here is that cell towers both send and receive data. Since your phone transmits to nearby towers, they use that data to pinpoint your phone’s location. GPS satellites, on the other hand, only send data. They do not receive anything back from your phone, rendering them unable to track your location.
While the satellites can’t track your position, your phone is happy to send out its GPS location to many apps running on it. This is where it is very important to audit app permissions with some regularity. Be suspicious of any app that has permissions that aren’t evidently needed. GPS is a common one among them. GPS data is valuable in many industries, and shady app-makers hold no qualms against gathering aggregate GPS data and selling it off.
While your GPS gets a lot of attention, your phone has other sensors that passively collect data as well.
- Near Field Communication (NFC). This sensor in your phone is a wireless, radio-frequency-based system that lets your phone send data over short distances. This is the sensor that powers contactless mobile payments and ID systems. This works both ways, and your phone can also read RFID tags embedded in other objects.
- Biometric Sensors. Many phones have fingerprint and facial scan capabilities that make it easier to unlock your phone. The main security risk here is that your phone has to store that info, making it possible for someone to steal it.
- Accelerometer. Many phones measure the speed of your travel, and they are often used in fitness tracking.
- Gyroscope. This sensor picks up your phone’s orientation and angular velocity. There is the potential that someone could gather compromising information with your phone’s gyroscope, but it would take a very dedicated user.
Malware
The last item on your list of mobile phone privacy is malware. Many viruses and malware can invade your phone through malicious software or someone hacking into your device by exploiting a security flaw. Cell phones are not as protected as laptops and desktops, and there are fewer ways to beef up security on a device.
Malware on your mobile phone can read private data, like messages and photos, or activate your device’s sensors to gather data and send it elsewhere. The security risks of cell phones are so great that many government offices forbid personal phones on the premises. Even phones powered down are not always allowed, as a group of people powering down their phones all at once, if detected, can give away more information than they want.
Alternate App Stores and Operating Systems
Your phone is always at risk, but there are many ways to mitigate that risk. To maximize security, you can purchase an Android device that’s compatible with the alternate operating system called Graphene OS. This is an open-source operating system that improves the privacy and security of your device. With this system, your phone becomes much more protected against the most common sources of privacy vulnerabilities. It does what it can to mitigate risks across the board, increasing the security of all the apps running on your phone. To the best of its ability, Graphene keeps the user experience as similar as possible as it was before you made the switch, simply including additional privacy and security features in the background. With this system, certain features are always running, but the more noticeable ones, like network permission, sensor permission, restrictions when the device is locked, and other more complex user-facing features, can be toggled on and off.
The Aurora Store is an app store alternative that grants users access to the same applications available on the Google Play Store without needing a Google account to use them. This is a great way to get full functionality out of your device without going through Google for all your applications. Make sure to do extra research before you download and start to use this app store! There are a lot of online resources that can help you make the most out of this third-party app store! It is not available on every kind of device, namely iPhones.
Decouple Data with Really
So, we’ve discussed all you can do with your phone’s hardware and software to increase privacy. There’s a lot you can do on that end! Another area in which to maximize privacy regards the data you send on your phone. No matter how you use your phone, all your activities involve sending data to one place or another. Decoupling data is a new look at how your data can stay private as it travels to its destination. In this section, we will break down the strengths of decoupled data, which we offer with Really’s cell phone plans.
What is Data Decoupling?
Decoupling Data is all about separating personal information from data, which means, in essence, that different services have different parts of your data, making it much more difficult for anyone to track your data.
Data travels more condensed on conventional channels than it needs to be. In very general terms, your data contains your actions and personal information. The way data moves now, major companies like Amazon and Google collect your personal data, which is very valuable for a lot of reasons. When your data is bundled together, for instance, Amazon knows everything you buy on their platform. They create a data profile with everything you search for and buy on their website. With decoupled data, they would not know that you purchased something, just that there was a purchase.
Blockchain technology is perfect for decoupling data. With a DeWi network like Really’s, no central entity will amass your data and use it for their nefarious purposes.
Data Decoupling Protects Our Privacy and Security
We are much more secure with decoupled data. Just as it is secure from big corporations who want to aggregate your data, it is also much more difficult for malevolent entities to get your personal information since it is spread across many more servers. As your data is spread out, it means that there is no single point where a breach can compromise your data. If, for instance, a decoupled videoconferencing service is breached, the malevolent entity can only see encrypted data flowing between secure servers.
Decoupled cloud service providers can heighten security on their devices with many layers of protection. With decoupled data, no service knows who is accessing the data stored in the cloud; rather, it moves to an anonymous user and is decrypted there. When implemented, this has little effect on the user experience. It requires a lot of infrastructure to run correctly, which is one of the reasons that Really offers a host program where anyone can set up a small antenna in their home that builds a small section of the network.
Mobile Phones: Privacy Breakdown
We hope that this article has helped you figure out how your phone interacts with its inflow and outflow of data and what that data does to affect your privacy. It can be scary out there, but using the right privacy protection makes it much harder for anyone to peer into your phone’s data banks. Interested in a cell phone provider that prioritizes privacy? Check out what Really has to offer!