Low Cost Phones Are Turning Privacy Into A Luxury Option

from the ill-communication dept

Even when you're shelling out thousands of dollars for the latest smartphone and an "unlimited" data plan for it to run on, that cost expenditure still puts you at great privacy risk. Wireless carriers, for years, have collected and sold your location and other data to a long line of dubious middlemen, and despite a lot of sound and fury on this subject, few (outside of maybe the EFF) are really doing much about it. And with the FCC recently having self-immolated at lobbyist request and any new meaningful privacy protections derailed by bickering, that's not changing anytime soon.

Less discussed is the privacy nightmare you'll find in "discounted" phones designed to help "bridge the digital divide." While numerous vendors and tech giants have cooked up lower-cost Android phones with marketing focused on helping the poor, a new study by advocacy group Privacy International found that the privacy trade offs of these devices are... potent. Not only do they usually come with outdated OS' opening the door to hackers, the phones have locked down user control to such a degree they're unable to remove apps that may also pose security risks:

"The MYA2 also has apps that can’t be updated or deleted, and those apps contain multiple security and privacy flaws. One of those pre-installed apps that can’t be removed, Facebook Lite, gets default permission to track everywhere you go, upload all your contacts, and read your phone’s calendar. The fact that Facebook Lite can’t be removed is especially worrying because the app suffered a major privacy snafu earlier this year when hundreds of millions of Facebook Lite users had their passwords exposed. Facebook did not respond to request for comment."

It's part of a broader issue in telecommunications where privacy has become a luxury available only to those who can afford it. Some telecom giants like AT&T have tried to push the barrier even further, only letting users opt out of online snoopvertising if they're willing to pay $500 more annually for telecom services. Between the apps, the phone, hackers, and your wireless carrier tracking, hacking, and monetizing your every waking moment, it's a privacy and security minefield out there for even affluent smartphone buyers.

Studies suggest low income users realize that in the modern telecom landscape there are stark privacy penalties for being poor, yet feel they have no real power in the equation:

"Yet millions of Americans who can’t afford to buy a computer or install broadband internet at home often have no choice but to use such devices, which become their sole means of accessing the internet. If they want to enjoy the same basic conveniences that people in higher socioeconomic tiers have—such as transportation directions, online bill pay, and email—they may have to give up their privacy in exchange."

The market won't stop the practice because it's profitable to hoover up every shred of data. The government won't stop this process because Congress is slathered with mountains of cross industry campaign contributions that eliminate any motivation to craft meaningful privacy guidelines with any real teeth. With 3.7 billion users expected to have their only online access come via smartphone by 2025, that might just be a problem, and making privacy a "luxury feature" will only make said problem worse.

Filed Under: luxury, mobile devices, phones, price, privacy


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 16 Oct 2019 @ 11:13am

    The rich don't have it much better

    The rich may not have as much spyware preloaded on their phones, but weren't excluded from recent location-tracking scandals. Even high-end phones don't seem to be working on anything to prevent telco location-tracking, which would be possible via onion-routing (with some telco cooperation—or via wifi to work around telcos). They didn't get away from the Cambridge/Facebook breach, or from all of those voluntary apps asking for way too much permission.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Oct 2019 @ 12:51pm

      Re: The rich don't have it much better

      telco location-tracking, which would be possible via onion-routing

      I don't think so. They use your IMEI talking to a tower for this. Even for onion routing, your phone with its IMEI still has to talk to towers to be able to hit the onion network.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 16 Oct 2019 @ 12:58pm

        Re: Re: The rich don't have it much better

        Telcos can always track their SIM card via IMEI connections to the towers. This means they know when their SIM is in your phone, and talking to their tower.

        However, I run 1.1.1.1 and TorBrowser on my phone, with the end result that this info is the only thing the telco knows about me, other than that my data package consists of me going to 1.1.1.1.

        And all CloudFlare knows about me is that I use Tor, various TLS-secured services, and banking sites.

        That's a lot better than the cheaper phones, where multiple orgs know exactly what I do on my phone, where I go, and when.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 16 Oct 2019 @ 1:15pm

          Re: Re: Re: The rich don't have it much better

          And all CloudFlare knows about me is that I use Tor, various TLS-secured services, and banking sites.

          If you're routing your DNS traffic to 1.1.1.1 across Tor, they shouldn't even know it's you using those sites.

          reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 16 Oct 2019 @ 1:17pm

          Re: Re: Re: The rich don't have it much better

          Telcos can always track their SIM card via IMEI connections to the towers.

          They can, but they could give up that ability and give a random TMSI based on a zero-knowledge proof of subscription. Presumably this service would cost extra, so as to be out of reach of the poor.

          reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 16 Oct 2019 @ 1:02pm

        Re: Re: The rich don't have it much better

        I don't think so. They use your IMEI talking to a tower for this.

        Yes, that's why the telcos would need to cooperate. They'd need to accept a zero-knowledge proof that I subscribe to their service (or a roaming partner's) without revealing my identity. By law, they might need a similar proof to show the phone's not stolen. Otherwise we're stuck with Wifi and randomization of MAC addresses.

        Actually it's IMSI I think, and the TMSI (Temporary Mobile Subscriber Identity) exists already to avoid IMSI-tracking by non-telcos sniffing traffic. So we wouldn't be starting from scratch.

        reply to this | link to this | view in chronology ]

  • icon
    ECA (profile), 16 Oct 2019 @ 12:20pm

    "letting users opt out of online snoopvertising if they're willing to pay $500 more annually for telecom services."

    And why not goto court and ask the judge to have them PAY US, that $500 worth of private adverts??
    Deal with this as a privacy issue, and get everyone to understand it AS PRIVACY.. either give me the phone and service FREE, or Give me the money..OR leave us alone.

    Its always a pain to think you can Link/tether your phone, But thye wont let you, they turn off that ability, and ASK(?) you to buy and pay for another unit to do the same.($35 per month, LIMITED)

    If they opened this 1 feature, they could say that every person IS/has access to the internet, where ever a signal is able to be used.
    what A way to by pass installing Internet service. Everywhere.

    reply to this | link to this | view in chronology ]

    • icon
      ECA (profile), 16 Oct 2019 @ 12:26pm

      Re:

      Just so that you all understand Cellphones....
      This was from the past, and hasnt been fixed...
      That if you are stopped and they search your phone...
      And you have music/movies on the device, they can ask you for a receipt or Proof that you own the movie.
      This is like having a DVD player to keep your kids entertained, and only using COPIES of the Disks while traveling..
      I dont know if current laws let us do this, but who knows the ramifications of then enforcing laws Against removing DMCA, Copy protections even for your OWN use..

      reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    identicon
    Dark Shops Spotty Phones Rotting Fish in SF, 16 Oct 2019 @ 1:06pm

    By no coincidence GOOOOGLE / Android not mentioned!

    Always omitted. That's all about the Benjamins that Maz gets from GOOGLE and Silicon Valley:

    https://copia.is/wp-content/uploads/2015/06/sponsors.png

    Google's privacy policy is: YOU HAVE NO PRIVACY.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Oct 2019 @ 1:10pm

      Re: By no coincidence GOOOOGLE / Android not mentioned!

      All your privacy are belong to Google.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Oct 2019 @ 1:30pm

      Re: By no coincidence GOOOOGLE / Android not mentioned!

      1) This story is by Karl, not Mike.
      2) Literally the first sentence: "Even when you're shelling out thousands of dollars for the latest smartphone … that cost expenditure still puts you at great privacy risk."

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Oct 2019 @ 1:41pm

      Re: By no coincidence GOOOOGLE / Android not mentioned!

      And here we have proof that you did not read the article, as Android is specifically mentioned.

      reply to this | link to this | view in chronology ]

    • identicon
      Rocky, 16 Oct 2019 @ 1:43pm

      Angry troll shorten lifespan by shitposting

      I see you are here shortening your lifespan again, blue...

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Oct 2019 @ 2:10pm

      Re: By no coincidence GOOOOGLE / Android not mentioned!

      Android is mentioned. You should read the articles you're attacking at least before coming up with whatever idiotic attack you're going to conjur up out of nowhere.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Oct 2019 @ 2:28pm

      Re: By no coincidence you’re a pirate and a liar

      You mean the link on the front page of the website?

      https://copia.is/

      That one right there?

      The one that I alone have told you about no less than four times?

      Come on bro

      reply to this | link to this | view in chronology ]

      • icon
        PaulT (profile), 17 Oct 2019 @ 8:58am

        Re: Re: By no coincidence you’re a pirate and a liar

        "The one that I alone have told you about no less than four times?"

        I'm still waiting for him to tell us what nefarious things the MacArthur Foundation are up to. I mean, since they're far more prominent on the only evidence he has that Google are doing something bad here, they must be doing something really bad, right?

        reply to this | link to this | view in chronology ]

    • icon
      PaulT (profile), 17 Oct 2019 @ 9:00am

      Re:

      So... you're saying that you're too dumb to understand that "cheaper smartphones" usually infers Android-based phones?

      I mean, don't be afraid to admit you need a little more hand-holding, I'm sure people will add some extra details in if it avoid you having further seizures. It's not bad to admit that you aren't intelligent enough to understand things at the same level as the rest of the class.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Oct 2019 @ 2:22pm

    this isn't an issue of low-cost phones

    spyware apps are preinstalled on even the highest cost phones and can't be uninstalled. but most of them can be easily disabled. the bigger issue is the spyware that's baked into the OS itself or google services, which are a core part of the ecosystem. that's harder to disable

    and AT&T's packet sniffing extortion is its own issue

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: I Invented Email
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.