Most of us know, or at least suspect, that just about everything we do in our connected world is traced, logged, stored, aggregated, and sold off to pretty much any private company prepared to purchase it, generally under the guise of using the data for marketing purposes.
What fewer of us realize, or perhaps choose not to think about, is the data are not as anonymous as we may think. In fact, with very minimal effort, it is not anonymous at all in most circumstances.
Using a purchased (or stolen) data set and public records, it's quite easy to discover the identity of the owner of a mobile phone, the user of the phone, the location and travel of the phone during a given period, and patterns of movement over time common to the phone.
Maybe it's no big deal if some unknown entity figures out you take the same route to work every day, or like to frequent the same Dunkin Donuts, or that you often visit restaurants at lunch time. Does it become a bigger deal if they know you frequently visit an addiction center, an oncologist, or a mental health center/counselor?
What about locations you consider your most private? How about if they know everywhere you went at every moment of a given day; that nothing about where you were is secret or private?
Nothing is private, everything is shareable
Regardless of what we think about the above, this is our reality. Per the U.S. Constitution, a company cannot share this type of location data with law enforcement without a warrant, but there is no such restriction on collecting and using the data how it wishes and/or sharing it with other companies to do with it as they wish.
The human impulse to learn and know has morphed into our globalized society's collective addiction to data of every kind, and the primary needle to flood our neuroreceptors is sitting right there in your pocket or purse. The mobile phone is an irreplaceable part of most of our lives and has become integral to everything we do.
We make purchases, invest, connect across social networks, meet new people, send our private thoughts to those we love, and leverage the capabilities and apps available to make us more productive and efficient in our work and private lives. Beneath the hood of these marvelous devices, however, is an engine most of us don't understand and few of us have the patience to navigate.
The result is a device and software doing whatever their creators wish, under little obligation to tell you about it other than in the tiny text and legalese we all ignore as we click "accept" to set up the phone initially and, subsequently, to install an app we need or want. Those small clicks provide the makers of phones and apps the permission they need to collect and sell information about us.
The tradeoff: data for convenience
There isn't a whole lot which can be done about this—aside from writing to Congress or perhaps actively protesting—because nothing illegal is happening. There are, however, some steps we can take to help make this collecting and commoditizing of our existences more difficult. This New York Times article gives some basic steps everyone can take to protect their data.
Be aware: Following the steps recommended in the article will likely make your phone less convenient for you. The changes recommended will result in extra steps when you do certain things you are used to doing easily. The main reason tech companies have been able to do all this tracking and collection without much outcry is because these tools make things simpler for us.
Security of any kind is rarely convenient. By burying the details in submenus, by making them harder for the user to understand, and by not being upfront about what is happening behind the scenes of our favorite devices and apps, tech companies are taking a similar approach to a shady mechanic telling us not to worry our pretty little heads about the details—trust us, it's for the best.
Make informed choices
You are not alone if you decide not to make changes to your phone or your personal practices. Millions upon millions of users around the world, in all positions of power, levels of wealth and responsibility are not taking any steps. The world continues to spin, and lives continue.
We all should understand what is happening to our private data. We should further consider what is happening in our digital world and weigh our individual pros and cons. Making cognizant choices for ourselves rather than have something unknowingly forced upon us by a device maker or programmer is empowering.
Our personal data is exactly that—our data—to do with as we wish.
Whether you choose to implement technological changes on your device, to advocate for stronger federal privacy laws, to abandon mobile phone use altogether, or to just not worry about it, I'm hoping this post helps you feel more informed and prepared to make that choice.
Jeremy Corwin is the New Hampshire Community Loan Fund’s Information Security and Compliance Analyst.
