MIT Technology Review

Friday, August 3, 2012

Study Reveals a Confused View of Mobile Phone Privacy and Security

Many users' perceptions are at odds with the realities, researchers show.

Smartphones store a wealth of valuable personal data—photos, videos, e-mail, texts, app data, GPS locations, and Web browsing habits—that is increasingly falling into the hands of advertisers, app makers, law enforcement, and crooks.

A survey published recently by the University of California, Berkeley, law researchers suggests there is a significant disconnect between many people's perception of the security and privacy of data on their smartphones, and the reality.

The majority of mobile phone users surveyed for the report said, for example, that they didn't like the idea of other people accessing the information stored on their mobile phones. More than 80 percent said they would not want a work colleague to use their phone, and half said they would not want even close friends to access their device. The majority of respondents also said they believed their mobile phone to be as private as their personal computer. The study involved telephoning 1,200 households on a mixture of landlines and mobile devices, and was funded by Nokia.

The reality is that millions of people already provide mobile data to marketers, business analysts, and law enforcement, often without their knowledge or consent (see "What Your Phone Knows About You" and "Getting More Value From Cell-Phone Data"). 

Most of the people surveyed for the study said they believed law enforcement need special permission to access information on a phone. In fact, law enforcement can guess a password to unlock a confiscated device, and can impersonate the phone's owner by sending texts if the phone is unlocked. Neither activity has been struck down by the courts.

Four-fifths of respondents said they "definitely" or "probably" wouldn't let apps collect a contacts lists. Yet that is what many companies do (see "Mobile-Ad Firms Seek New Ways to Track You" and "Apple Ignored Warnings on Address Book Access"). 

Seventy percent of respondents said they would definitely not permit their phones serve them location-based ads. Many phone apps already collect location-based data, some of which is later used commercially. This sentiment suggests that it could prove even harder than expected to make money from advertising as more Internet usage migrates to mobile devices (see "Facebook's Earnings Underscore its Challenges" and "Facebook Considers Mobile Ads That Know What You're Doing").