Slashdot Mirror
US Wants Apple, Google, and Microsoft To Get a Grip On Mobile Privacy
coondoggie writes "When it comes to relatively new technologies, few have been developing at the relentless pace of mobile. But with that development has come a serious threat to the security of personal information and privacy. The Federal Trade Commission has issued a report (PDF) on mobility issues and said less than one-third of Americans feel they are in control of their personal information on their mobile devices. 'The report makes recommendations for critical players in the mobile marketplace: mobile platforms (operating system providers, such as Amazon, Apple, BlackBerry, Google, and Microsoft), application (app) developers, advertising networks and analytics companies, and app developer trade associations. ... The report recommends that mobile platforms should: Provide just-in-time disclosures to consumers and obtain their affirmative express consent before allowing apps to access sensitive content like geolocation; Consider developing a one-stop “dashboard” approach to allow consumers to review the types of content accessed by the apps they have downloaded; Consider offering a Do Not Track (DNT) mechanism for smartphone users.'"
They don't need a backdoor for the phone itself. They already have access to all the phone data because it is stored on the server, and they have unlimited access to the service providers.
Why is Snark Required?
This is already done by Android and works perfectly.
Nah, it really doesn't do it in any meaningful way, and doesn't provide the level of fine grained control that is needed.
Sure, you get notification when you install an app that i uses this data, and can access that data, for this or that reason.
But you are never provided any indication when the app decides to use the data for some other reason. There is nothing in
Android that prevents this.
Example: You install an email app. Obviously it needs to access your contacts to send email to them.
It says it has to access the web, maybe to serve ads (because its a free app). You might never be told that the app might
decide to upload all your contacts to some web site. You have no way of knowing when it does this, and no way to
prevent it.
Andorid needs a finer grained control, one that says, you can't access my address book. Or you can't connect to
any website, except this list (in the example above it would be some ad server). The user should be able to turn off
some of the permissions at will. EVEN if doing so makes the app FAIL.
Right now, we get a Take-it-or-Leave-it list of permissions, most of which are poorly understood. Most people click right
through these, failing to notice that the Game they just installed wanted to access their address book. Once they
click thru that, they are never asked again. There is no way to know it happened.
Permissions should be select-able per app, even after its been installed.
There should be a easy way to review which apps can access which bits of sensitive data, and turn it on or off.
Id rather the twitter app fail than have it tweeting my 13 year old daughter's location without her or my knowledge.
Sig Battery depleted. Reverting to safe mode.
The seduction that these devices offer to too strong for people to give them up and not use them.
Given that, I see nothing wrong with the FTC recommending that consumers at least know when they are surrendering their location data, and have the option of turning that off in some game or social networking app, while still being able to use the Map application.
I only wish this suggestion came from the FCC as well, since the FTC, is more or less toothless.
If the FBI needs a warrant to put a GPS tracker on my car, I don't see any reason why AT&T or Google should be able to give my location away to some tin-star sheriff without a warrant, or worse yet, to JCPenny or Starbucks just because I walked by the store.
Sig Battery depleted. Reverting to safe mode.
For Android, LBE Privacy Guard will let you assign whether apps have access to the network, and various other private info (e.g. location, contacts, phone ID, etc).
That makes it trivial enough to block something like Angry Birds from getting my location and communicating it to their home server. The problem is with apps which have to be online and which need access to that info to function. e.g. Navigation with Google Maps requires network access and my location. I'd like to think providing navigation is all they're doing with my location info, but I suspect they're doing a lot more with it like building movement pattern profiles.
I agree...
Its like, if you dont agree with all the car manufacturers, dont use them. Sure, you may not own a car and be able to get around efficiently, preventing you from getting a decent job, but... at least you made your statement.
Capitalism... it only works when you do not have limited choices.
How about regulating them?
How about a separation of Corporate and State much like the separation of Church and State. Add severe penalties for both sides for infractions. There are way too many politicians in corporate pockets and even more corporate insiders in politics. Federal regulations written by the industries being regulated is insane.
The mind conceives, the body achieves, the spirit manifests.
I really want a ban on places like Malls being able to install stuff that watches for my phone's unique identifiers to watch me move through the mall and returning to the mall. And I want a total ban on my phone company sharing anything about my movements or calls with anyone including police without a warrant and "trusted third parties" I don't trust any third parties so their aren't any "trusted third parties"
You can actually. It would work on any GSM network in the USA. Of course, you need to buy your phone from a Phone Vendor rather than a Service Provider.
That's what I did when I spent a few years in the USA. It used SIM cards from 4 different US Service Providers.
But Americans want subsidised phones so they don't do this.