Cellphone giving away your personal privacy

If you own and use a cellphone, you have already given up a good part of your personal privacy.

Wireless phones have always allowed their service providers and communication regulators to track users. Computers connected to the Internet have always allowed users to publish private information unless they have strict security settings.

Your mobile service provider – and the government through Communication Commission of Kenya, if need be – can produce a record of every number you’ve ever dialled, every text message you’ve sent, all the places you’ve been and, if you’ve got a smartphone, every website you’ve ever visited.

And that is not all. Companies that make many of the most popular smartphone apps for Apple and Android devices such as Twitter, Foursquare and Instagram routinely gather the information in personal address books on the phone and in some cases store it on their own computers.

While Apple says it prohibits and rejects any app that collects or transmits users’ personal data without their permission, that has not stopped some of the most popular applications for the iPhone, iPad and iPod – like Yelp, Gowalla, Hipster and Foodspotting – from taking users’ contacts and transmitting it without their knowledge.

For years, developers have understood that if they give you an easy way to find your friends already using their applications, then you won’t have such a lonely experience and you might continue to use their apps.

So, many of the applications you know, love, and use on a daily basis have a “find friends” feature that scans your address book to find who among your contacts is already using their services.

Although most companies claim not to do this, those that do it commit one of the most grievous of offences because it makes your contacts the property of an unapproved third-party.

Matching purposes

Facebook, Twitter, Foursquare, Instagram and a few others upload either your contacts’ phone numbers or email addresses to their servers for matching purposes. Some of these applications perform this action without first requesting permission or informing you how long they plan to store this data.

In the best cases, they use an encrypted HTTPS connection to upload the data to their servers, but that’s not a given. Their servers then use the address book data to determine contact matches. In many cases, the data is discarded immediately thereafter.

Last week for example, the Path iPhone app users were surprised to learn that the innards of their address books – contacts’ email addresses and phone numbers – had been uploaded to and stored on Path’s servers. After a public outcry, Path immediately amended its practice to request user permission, and deleted its records.

And you can never be too sure what will happen tomorrow in this fast changing world. This is your address book we’re talking about, probably the most private of all entities.

It’s the digital repository of the personal and professional relationships you’ve amassed over time, and a simple click of a button could expose those relationships to strangers with malicious intents.

Also, much of the data in your address book belongs to other people; their cell phone numbers, for instance, and has been entrusted to you with the understanding that you will keep it private.

It’s also a security risk. Should the company’s database ever get compromised, that information would become the hackers’ property as well. And who knows what the hacker would do with such groundswell of privileged data?

So should we be worried about mobile phone service companies, app makers and government knowing too much about our daily lives, thanks to our cellphones?

Some people argue that it doesn’t hurt to be aware of the issue, but as long as you’re using the phone securely and making sure you aren’t giving away too much personal information or financial data, the notion that you’ve lost all privacy is probably overblown.