The Fine Print of Smartphone Privacy

Friday, September 14, 2012

Allan Pratt, MBA

5e402abc3fedaf8927900f014ccc031f

How often do you think about your cell phone or smartphone privacy?

Sure, you think about its physical security and try not to lose it. Many of us couldn’t live without our mobile phones. So, you keep yours in the same place when at home and at work.

But how often do you think about the security of your data? This includes your contacts’ names and phone numbers, your email address and the addresses of your contacts, your location data, your apps, etc. The reality is, you probably don’t think about this enough.

Recently, I logged into the website for my smartphone carrier and noticed a new category: Privacy Settings. I wondered what that meant to my carrier, so I clicked on the link. I saw three options that, by default, had been set to SHARE my demographic data.

After looking at the details of all three sections, I immediately clicked “Do Not Share.” (Note, this default setting reminded me of Facebook privacy defaults – and not in a positive manner.)

The first section was called “Customer Proprietary Network Information (CPNI) Settings” and contained information such as technical configuration, type, destination, location, and amount of use of the telecommunications services purchased. The carrier indicated that if I chose to share my CPNI, then I would receive the latest information about products, services, and promotions. But, don’t I get that already via snail mail and email?

The second section was called “Business and Marketing Reports” and referenced URL addresses of websites visited, search terms, location of my device, use of applications, and use of features (such as, data and calling features, device type, and amount of use).

Additional information that was shared was demographic and interest categories including gender, age range, sports fan, frequent diner, or pet owner. The carrier indicated that all of this information would be used to prepare marketing and business reports for its use AND for sharing with other companies.

The third section was called “Relevant Mobile Advertising.” Armed with my snail mail address, the carrier allows advertising that targets me based on my location. Once all the other data is combined (type of device, gender, age range, sports fan, frequent diner, or pet owner), now it’s easy for an advertiser to determine if I fit into a specific audience category.

The disclaimer for this section was, “Please note that you will receive mobile ads whether you participate or not, but under the program, ads may be more relevant to you.”

If hundreds of thousands of customers either don’t know to change their settings or don’t care, just how safe is their data?

Allan Pratt, an infosec consultant, represents the alignment of marketing, management, and technology. With an MBA Degree and four CompTIA certs in hardware, software, networking, and security, Allan translates tech issues into everyday language that is easily understandable by all business units. Expertise includes installation and maintenance of hardware, software, peripherals, printers, and wireless networking; development and implementation of integration and security plans; project management; and development of technical marketing and web strategies in the IT industry. Allan also teaches the CompTIA A+ cert course. Follow Allan on Twitter (http://www.twitter.com/Tips4Tech) and on Facebook (http://www.facebook.com/Tips4Tech).

Cross-posted from Tips4Tech

Possibly Related Articles:
10334
PDAs/Smart Phones
Information Security
Privacy Security Awareness Telecom Smart Phone Personally Identifiable Information Tracking Mobile Applications Data Collection
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.