Mobile Privacy: Protecting Personal Data inToday's Digital World
Device and operating system manufacturers need to step back to study the use cases and rethink the ”individual” approach to the design of our mobile devices. They need to consider that users want to carry one device for all of their activities, that users want to share their devices with others, that devices must support different age ranges, that life is more complicated than just work and play, and that all of the above must be kept separate from each other.
Today, every app is downloaded onto the same home-screen, shares the same memory and storage, and uses the same device and network resources creating the ideal situation for a malicious person or app to take advantage of all of the data on a device. Even those “approved” apps, with all of their requested permissions, are siphoning more data from your device than most people expect. Is it ok that a game app can read all of your contacts, know the phone calls that you have made, know how many times you opened the camera app, and can send SMS messages without your knowledge? Every app is different, but just where is all of your data going? No one can tell you.
Placing all apps on the same screen, with the same access to personal, professional and family data can lead to unforeseen consequences. Recent examples of malware apps impersonating valid mobile banking apps have wreaked havoc in Asia-Pacific markets with consumers having their accounts and passwords stolen, contact lists siphoned and messages being sent through their SMS. Several new reports suggest that over two million mobile malware apps existed in the first half of 2014 and that the growth rate is approximately 170,000 apps per month. While mobile anti-malware solutions, as one line of defense makes sense, it is difficult to imagine that every single malicious app can be detected and quarantined in an efficient and timely manner.
The impetus for change to our devices must come from consumers wishing to reclaim their right to privacy. As more cases emerge of personal privacy violations, the general consumer will begin to understand the very real consequences of frivolous postings to social media and uninhibited downloads of the latest “must see” app. The realization that not everything is for free and that personal data is the currency of exchange may well spark a privacy revolution that most manufacturers simply will not be ready for. The security techniques and solutions already exist to deliver a high-performing mobile device that is capable of achieving the needed security for the use cases mentioned above and much more. What is needed is a greater awareness of the privacy losses awaiting the consumer in order for mobile operators and device OEMs to make changes.
