February 15, 2023 | By Daniel Kahn Gillmor & Jay Stanley | ACLU.org |
Despite the desires of companies to monetize our data, we must insist that privacy be built into the technologies we depend on.
The recent launch of a new mobile phone service introduced significant new privacy protections into the mobile phone system. This exciting new approach highlights the failure of the existing mobile phone infrastructure to protect privacy, and points the way forward for a wide variety of technologies besides mobile phones.
Today’s cellphones are generally a privacy disaster. Partly that’s the result of the two companies that control the operating system software on the vast majority of the world’s pocket computers. The most common operating system, Android, is controlled by an advertising company (Google) and is notorious for leaking information about its users. Apple, which controls iOS, while excellent on privacy in many respects, is also becoming increasingly interested in monetizing its customers’ data, and lacks adequate controls to prevent rogue apps from many forms of spying. The result is that a lot of the activity we engage in on our phones is tracked.
There are already solutions out there for the privacy problems posed by Android and iOS: privacy-focused operating systems such as CalyxOS and GrapheneOS. Widespread adoption of those would be a step in the right direction. But the operating system can’t defend against another major obstacle to phone privacy: the architecture of the cellular network itself. In order for your carrier to route calls and data to your phone, the network needs to constantly know which cell tower your phone is near. And when you make a call or use data, the provider can see where that traffic is going. Cell carriers track and store this accidental byproduct of the technology in order to record people’s location history and network activity for marketing purposes and, in certain circumstances, for sharing with law enforcement.
This tracking happens through a standard identifier tied to each SIM card called an Internal Mobile Subscriber Identifier (IMSI) — basically an account number used, among other things, to verify that a phone’s mobile service is paid for. The new phone service, called Pretty Good Phone Privacy (PGPP), uses encryption techniques to deliberately blind itself so that it can’t know that the user of a mobile device is you, or what data you are sending from that phone. You connect to the PGPP service for payment, and that’s all.
The service has some limitations. It covers data only, not voice calls. For complex technical reasons (that Apple could fix if it wanted to), it doesn’t work on iPhones, which represent about half of U.S. phones but only 16 percent of phones globally. And certain other techniques for tracking phones remain in place. Nonetheless, it is an important step forward in protecting privacy.
Location data is so sensitive that the Supreme Court agreed with the ACLU that law enforcement should not be able to obtain it from the carriers without a warrant. Such data can reveal things about our associations, our habits, and our political, sexual, religious, and medical lives that no telecom provider has a right to know just because of the way cellular technology happens to work. With PGPP’s approach, the carrier simply does not have the data to turn over to anyone. It cannot be sold, leaked, or hacked, let alone offered to overreaching law enforcement agencies…
Continue reading HERE.
