Smartphones are an important way for governments, tech companies and bad actors to snoop on you, as you leave a digital paper trail. But how does this happen?
NSA whistleblower Edward Snowden detailed just how smartphones can be used to spy on users in an appearance on the Joe Rogan Experience podcast (see the featured video above).
Snowden noted that the biggest change in how the government conducts surveillance is that it’s moved to a “mobile-first” approach owing to the prevalence of smartphones. He explained once again how bulk collection of data for surveillance works.
Bulk collection revisited
The whistleblower said that carriers are able to track your device and therefore figure out your identity via cellular towers. Snowden adds that the movements of your phone are the movements of you as a person and are unique, as you go to your home and workplace every day.
“What this means is that whenever you’re carrying a phone, whenever the phone is turned on, there’s a record of your presence at that place that is made and being created by companies. It does not need to be kept forever, and in fact there’s no good argument for it to be kept forever. But these companies see that as valuable information,” Snowden explains.
The former NSA contractor says all of this data is stored as part of bulk collection or mass surveillance, regardless of whether you did anything wrong. “And that was just talking about how you connect to the phone network. That’s not talking about all those apps on your phone that are contacting the network even more frequently.”
Snowden says that shutting your phone off does work in some ways, but questioned how you would know that your modern, sealed smartphone is actually turned off.
“When I was in Geneva for example, working for the CIA, we would all carry like drug dealer phones (sic). The old dumb phones, they’re not smartphones, and the reason why was just because they had the removable backs where you could take the battery out.”
What is your smartphone actually doing?
Snowden says that the central issue surrounding modern smartphone use is that we don’t know what the device is doing and what it’s connecting to.
“Apple, and iOS, unfortunately, makes it impossible to see what kind of network connections are constantly made on the device and to intermediate them,” he explained, saying that users should be able to make “intelligent decisions” on an app-by-app and connection-by-connection basis.
“If there was a button on my phone that said ‘do what I want but not spy on me,’ you would press that button! That button does not exist right now. And both Google and Apple — unfortunately Apple’s a lot better than this than Google — neither of them allow that button to exist. In fact they actively interfere with it because they say it’s a security risk, and from a particular perspective, they actually aren’t wrong.”
Snowden asserts that Apple and Google don’t implement this functionality because they claim it’s too complicated for people to use. “If you think people can’t understand it, if you think there are too many communications happening, if you think there’s too much complexity in there, it needs to be simplified.”
Fortunately, Google is taking privacy more seriously with Android 10, as it offers more granular location controls, the ability to disable ad personalization, restrictions on background activity, and restrictions on apps accessing your hardware identifiers (e.g. IMEI number). Now, if only Google implemented a “do not spy on me” button.
Snowden’s remarks regarding bulk collection and phone manufacturers weren’t particularly revelatory. But it still shows that manufacturers, network operators, and governments can do much more to ensure privacy is a higher priority for people. Do you take your privacy seriously? Let us know in the comments!