Is Your Smart Phone Spying on You?

Cyberspace is not safe, it is not secure, it is downright dangerous – but many people are oblivious to the dangers that lurk within every electronic device that we carry. The bottom line is, when it comes to the Internet people lose common sense. If you were walking with a child and the child stopped to pick up a random object on the ground, you would stop them and say, “You don’t know where that’s been, and it could harm you.” However, when our child does the same action electronically by downloading an unknown app that we have no idea where it has been or what it does, we are perfectly OK with that. If you wouldn’t do it in the real world, don’t do it on your smart phone! There are many “dangerous” apps and we must be careful.

A recent revelation that certain apps could activate a smart phone’s camera or microphone – without the owner’s knowledge because you accidentally gave them permission – has the public rightfully concerned about their privacy. If our smart phones can spy on us, there’s no end to the personal information that could be inadvertently sent to bad people who intend to do us harm.

The first response that iPhone users have is “I only download apps from the App Store and they are verified and validated by Apple.” That statement is only partially true. The checks done by app distributors like Apple just focus on whether the app is operating based on the permissions provided by the user. If an app turned on your camera without you ever giving it permission, it would not be allowed in the App store; however, if the app asks you whether it can access your camera and you say “yes,” that is an approved app.

Another thing that people don’t realize is that when an app asks whether it can access your camera and you say “yes” – that is an unconditional yes. That means the app can access your camera without ever asking for permission again or telling you what it’s doing.

Too often, we download a phone app that looks cool and then just click through the installation procedure and agree when it asks us for access to our camera, contacts, or location. Maybe we use the app once or twice and forget about it – but it still has access to our data and whereabouts. We’ve basically given the app permission to spy on us!

What are the ways our smart phones can reveal more information about us than we’d like them to? And how can we better control which apps have access to our data and location?

• Location services: Many apps legitimately rely on knowing where you are, such as for navigation or ride hailing. Some apps use location information for things like in-store ad serving or location-based promotions since the phone knows where you are while you shop. But there are plenty of apps that have no business knowing where you are, so why allow it?There are a couple of ways you can deal with this if you don’t want your phone tracking you or your children. One is to turn off location services entirely for your phone. Note that this will not affect your ability to be located in an emergency or place an emergency call. The other option is to review the settings in each app individually and deny access to location. More on that in a minute.
• Camera and microphone: Kids and teens are particularly likely to download games and apps that may use the phone’s camera, microphone, and location services as part of the game experience. But with so many games available, how do kids know which ones are safe and which ones could be malicious fronts for spying through the camera and microphone?This scenario should alarm everyone. The best way to protect yourself and your children from unauthorized use of their phone cameras and microphones is to methodically check every application for the permissions it has requested. There are many apps that ask for access to location, phone, camera, contacts, storage, photos and microphone when none of those are needed for the app to work properly.
• Contacts and photos: The same apps that are requesting access to services they don’t need are also the ones asking for access to your contacts and photos. Of course there are legitimate apps we want to use to share photos with friends and family – Snapchat and Instagram as an example. But it pays to review each app’s permissions and actively question whether it needs to be digging into your photos and contacts.

The takeaway here is to pay attention when you install a new app, and ask yourself whether it really needs access to your phone’s vital services in order to work. Start from a position of denying access and then evaluating whether it really is needed, rather than just allowing it without question.

Conduct a periodic review of your apps, and especially the ones that your kids are using. Using the application manager features in your settings area, check each app for the permissions you’ve given it. You might be surprised at what you find.

If you want to learn more about securing your phone, listen to my recent radio interviews here.