OK, you know your phone is capable of gathering data on basically everything you do. But say you've read your EULAs and check out the privacy settings on any service you use. If you disable the storing of location data and steer clear of apps that comb your private info, there's not much to worry about. Just using your navigation app doesn't mean you're broadcasting sensitive data to anyone interested in looking, right?
Allow us several seconds to laugh at your naivete.
As it turns out, the ability to "opt out" of location sharing is only really offered as a "wink wink, nudge nudge" sort of deal.
Apps for both Android and iOS are required to inform you of just what parts of your phone they'll need to access. An e-book reader probably doesn't need to talk with your sent email folder, and your maps app doesn't have much cause to log your calls. That's how it ought to work, in some far-off dimension where advertisers don't treat your phone like a magical market research box. Scientists from Penn State recently looked at 30 popular Android apps and found that two-thirds of the apps misused or suspiciously used private user data.
"Our goof! We promise it won't happen again often."
Innocuous apps were found storing and transmitting location data with "no obvious way" for the user to know. Even when the developers warn you, they bury that warning deep beneath a thick layer of legalese. How many people who give an app access to their Google accounts and network communication realize they're potentially handing the content of every email and text message they send over to marketers? You're probably fine with a location-based app using your GPS data to provide you with a service, but you may not be OK with that same app sending that data off to a marketing firm. Along with your phone number.
"Hey, Sandra! This is Anne with Conglomerated Marketing. I'll be calling you three times a day at wildly unpredictable hours until you decide it's time for Botox."
Several popular apps, like Color, even tap into your handset's microphone to pick up ambient sound data about your surroundings. Users of Color know that they're throwing pictures and other content out onto an unprotected network. But the app contains no explicit warning that installing it turns your phone into a 24/7 listening device.
You should never trust an app with a logo that lazy.
So how about just avoiding apps entirely? First of all, good luck with that. Second, even that won't be enough to protect your location. Apple recently made headlines when researchers found that the iPhone and iPad were storing user location data in an unencrypted file. So even if you do everything right and practice perfect information awareness, it all goes out the window the minute someone forgets to use the padlock.
"We feel super terrible. Please continue to send us money."
Let's say you've internalized the lessons of this article well. You don't download any apps on your phone, you never use open Wi-Fi networks and you stay the hell away from Facebook and Twitter at all times. Your Internet experience kind of sucks now.
"I might as well go read a book or something.
You still hand over your data if you know it's going to a giant, trustworthy company, or if the government asks for it. One, you don't have a choice in many cases and two, those guys pay millions of dollars to protect your data from hackers. It's probably safer with them than it is on your hard drive!
Unfortunately, the government, the giant corporations and your hard drive all have one fatal flaw in common: human beings. At some point along the line, your information security rests in the hands of people no more competent than you. They have shitty days, get drunk and go to work with painful hangovers, too.
Above: The guy who keeps your Social Security number secret.
Take the Comptroller's office of the State of Texas. They recently copped to exposing the private data of 3.5 million people. Teachers and former government employees from across the state found that their Social Security numbers, drivers license numbers, names, addresses and birth dates were revealed on the Internet. And it wasn't the work of some nefarious hacker. The Comptroller's office accidentally posted the information on a public, unencrypted Internet database.
The U.S. doesn't have a monopoly on this kind of fuckup. In 2006, Britain's senior tax official mailed off two CDs loaded with personal data for 25 million people. Both disks -- which were not encrypted -- were "lost in the mail." The U.K.'s government topped themselves in 2008, when an estimated 37 million items of personal data were lost across all levels of the government.
We always sort of assumed these guys were more diligent.
And if the government treats your data with all the care of a serial crack mother, private enterprise is no better. We all remember when Sony's PlayStation Network leaked the names, passwords and private home addresses of 77 million users. British Petroleum, too, in an apparent attempt to prove their mastery over all manner of leak, had another disaster in March of 2011. A BP employee "accidentally" lost a laptop filled with unencrypted private data for 13,000 people. And those people were all damage claimants seeking compensation for the Gulf oil spill. If you're paying attention, BP has finally crossed the line from "incompetent evil" to "cartoonish supervillainy."
We're all very proud.
Here's a simple rule to live by: if you put the information online, people can get at it. And if you choose to trust a third party with your data, they reserve the right to get hammered and forget to encrypt it. We all live in glass houses now. Even if you use black construction paper to cover your walls, someone can still shine a flashlight through and get a pretty good idea of what your naked body looks like.
And stop by LinkSTORM to cleanse your palette of all this sticking it to the man.
Do you have an idea in mind that would make a great article? Then sign up for our writers workshop! Do you possess expert skills in image creation and manipulation? Mediocre? Even rudimentary? Are you frightened by MS Paint and simply have a funny idea? You can create an infograpic and you could be on the front page of Cracked.com tomorrow!