How Mobile Phones Became a Privacy Battleground—and How to Protect Yourself


In the 15 years since the iPhone’s debut, the world of data privacy has changed significantly. Since 2007, app-privacy controversies—ranging from the social network Path downloading the contents of people’s address books to every weather app under the sun selling location data—have snowballed, leading to concerns both legitimate and misinformed, as well as the inability of many phone owners to determine which threats are real. But digging through history to understand where the privacy controls of iOS and Android began, and how both mobile operating systems have shifted to give people more control, can give you a better idea of what the true threats are right now.

“I think the transition to mobile devices brought a sea change in data collection, because unlike traditional ad tech, which was mainly focused on what we were searching for, now companies could also focus increasingly on where we were,” Albert Fox Cahn, executive director of Surveillance Technology Oversight Project, told us. “Today the ad tech world would have been unrecognizable from back when the iPhone was first introduced.”

In the absence of a federal privacy law, most ad-tech companies and data brokers are unregulated and opaque in their operation, which makes it nearly impossible for phone owners to track where their data goes or how it gets used, let alone prevent that data from being shared in the first place. It also means that the industry has no standards to follow, so it’s difficult for everyone to figure out what is and isn’t possible on any given device.

What phone owners have instead are sometimes-complicated menus full of permissions that are buried deep within an operating system and rarely set up by default with their privacy in mind.

Where your data goes (and who can see it)

With mobile apps, advertising tends to work like this: An app developer includes a bit of code from a software development kit (SDK), made by an advertising network you’ve likely never heard of, that can gather all sorts of information, such as your location and app-usage data.1

Unless you read the details of a privacy policy or bother to scroll through the pages of a terms-of-service statement, you get neither…

Source…