paint-brush
The Independent Phone :  More Privacy, Less Freedom?by@vtech0xnoon
389 reads
389 reads

The Independent Phone :  More Privacy, Less Freedom?

by Vtech0xNoonSeptember 5th, 2021
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

In the information age, the user of the product becomes the product that many companies want. The best way to gather the most personal information is from social media apps installed on mobile devices. Big tech companies gather user data, which is part of the **TOS (Terms of Service Agreement) that allow free service. Even Google collects personal data, like user preferences, browsing history and cached data. Data analytics are then studied and shared with third parties. The collection of some personal user data has led to more distrust of Big Tech since it violated the rights to user privacy.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - The Independent Phone :  More Privacy, Less Freedom?
Vtech0xNoon HackerNoon profile picture


In the information age, the user of the product becomes the product that many companies want. The best way to gather the most personal information is from social media apps installed on mobile devices (i.e. smartphones). To say that we have freedom when using our phones is actually an accurate statement. Yet, that freedom comes in exchange for our personal data.


In reality, when you are using a paid subscription service to a telco provider you have already agreed to their terms to allow them to monitor certain personal data (e.g. billing, location, data usage) they need to provide you service. When you install apps, it opens up even more collection of your data. This means there is less privacy.


Freedom means being able to use your phone to access anything you want. There is actually nothing preventing you from doing so. Some like to equate freedom and privacy. They should not be taken with the same meaning, because privacy can actually limit your freedom. Let us take a look at what the tradeoffs are and what that could mean for users.


Personal Data Collection

In exchange for free use of an app, the user will have to opt in to providing their data to the company. Big tech companies gather user data, which is part of the TOS (Terms of Service Agreement) that allow free service. This can be as simple as the amount of data, time and engagement consumed on the app. They can also include more personal data, like user preferences, browsing history and cached data. These analytics are then studied and shared with third parties. The third party are often companies involved in marketing research who work for top brands in the industry. They make use of that data to analyze consumer behavior in order to better target certain markets for advertising.


Social media apps gather so much personal data that users may not even be aware of. These apps record locations and activities other users can see. This is what happens when a user "checks in" to a location. This requires the app to have access to location services that is enabled from the smartphone. Other data includes what a user likes based on their engagement with other user's contents. If you "liked" a photo of a certain shoe brand that was tagged, the data can be collected and used later to create a target profile used by advertisers.


Facebook has been notorious for allowing third parties to collect user data from their platform in the past, without the user's direct consent. Even Google collects personal data from users, but for the purpose of better providing services (e.g. understanding how to serve content to a user). Most of the data collection came from using their apps or website using data analytics and AI techniques. It has led to US senate hearings where executives from these companies were grilled before the public. The collection of some personal user data has led to more distrust of Big Tech since it violated the rights to user privacy.


Data protection and regulation have been put in place now to provide some consumer protections. The GDPR laws in the EU are an example of this. This requires companies that collect data from the web to provide disclosure to their visitors regarding the data they collect. While this applies to the EU, it has global impact since visitors to websites are from many regions around the world. This still means that companies can collect data, but they must disclose what data they are collecting and users can decide to opt out.


 Figure 1. We share so much data from our devices every day, sometimes too much personal information.

User Privacy

Freedom and privacy are basic human rights we all can understand. These were included in the ideals that shaped modern democratic values that led to the American and French revolution. Most of our communications from smartphones to Internet use can be tracked and monitored. The right to privacy is under threat from surveillance states and big tech interests. Is there even such thing as totally private, anonymous and non-monitored communication?


The answer is yes, it is possible. However, it will require some effort on the user's part. It does not require buying devices labeled "Freedom Phones". It is more likely than not, those phones are not totally free from monitoring and tracking. If it uses a public network service from a reputable provider (e.g. Verizon, AT&T, T-Mobile), it can be tracked. If it has apps installed from Big Tech companies, that also makes it less private (knowing how they collect data).


What I want to explain is that there is a difference between freedom and privacy. User privacy does not necessarily equate to more freedom. It limits access to certain websites and services for the sake of not sharing your data. You will have to rely more on direct encrypted communications to get or share information. It gives you the privacy you need but it is less open to popular public services on a network.


Digital Fingerprints And Footprints

When surfing the web or visiting a website, users leave behind what are called digital fingerprints or footprints. This is evidence that shows a user visited or accessed a website based on metadata that is specific to that user. This can include IP address, username on the account (if logged in), geographical location based on the Internet gateway router and even personal preferences on the browser settings (e.g. language, fonts, etc.). The data is collected and can be used for analytical purposes for ad targeting and consumer behavior research.


Other ways data can be collected is from the web browser and the device. If a user accepts a cookie from their web browser, it initiates settings that can be specific to what the user wants. This data can be collected and sent back to the company that runs the website. The user can also be tracked by a third party through an API, which can send back more personal data like the last website a user visited, browsing history and most visited website. Devices that have location tracking enabled allows tracking users and share this data with a third party for ads and marketing.


All of this is happening and it is not against any law, so long as there is a disclosure from the company (based on GDPR laws from the EU). This is done by notifying users during their visit to the website, or via the TOS which is found somewhere on the company website (sometimes hard to find). If no such agreement was made then a company cannot collect data, but sometimes that can be hard to find out. It becomes a matter of trust and most of the time users just visit the website because of the content or service it provides. It comes with sacrificing a little or more privacy.

An Independent Phone

If you want more freedom and privacy, then what is needed is an independent phone. In the context of modern telecommunications, this is a device that is not tied to a subscription service by a telco provider or third party app. It is independent of the provider and connects by way of a public data network (i.e. the Internet) or direct peer-to-peer (P2P) communications. All the phone needs is access to an open network protocol (e.g. WiFi) for example, and it can communicate with other devices.


A rooted phone that removes all traces of the operating system and apps installed by the service provider would be required. There are rootkits available that allow users to reformat the smartphone storage and then install a non-proprietary open source operating system (e.g. LineageOS AOSP). The choice of an open source operating system means it is not controlled by any company, whether it is source code or licensing. A user has the most amount of freedom to do whatever they can with their phones, like choosing the services they want to enable without a third party tracking their activity.


After the operating system, consider using non-subscription based open source apps. Not all apps will track you unless there is a catch. In general, open source apps are ideal for independent phones. These are also open source and made free to the public. The use case for these apps are their privacy features that don't allow tracking and collecting of data. Developers of these apps make the source code available as well for more transparency.


Browsing the web is usually the most tracked user activity. A more privacy-centric browser will help. Brave and Tor would be highly recommended. These browsers provide anonymity for users, preventing websites from collecting data. If data collection is required, users can disable it from these browser. A VPN (Virtual Private Network) connection is also reliable for secure communications links, especially when using a public network. While it secures a connection, data collection can still occur with websites. The good thing is users can opt out, thanks to GDPR laws for data privacy in the EU.


Most messaging apps used in the mainstream do not offer robust protection for user privacy. Communications apps like messengers and chat programs are not fully encrypted (e.g. End-to-End Encryption or E2EE). Choosing the right app is important, but it must provide E2EE to prevent third party from eavesdropping or listening in on a conversation. There are some open source apps available like Signal and then there is the more popular WhatsApp. It does provide full encryption for users at both ends (as claimed by the developers).


DApps (Decentralized Applications) would probably be a better choice for independent phones when it comes to both freedom and privacy. These include software that make use of blockchain-based technology to verify among other things, data and identity. There are now many examples of this which integrate with digital wallets for cryptocurrency. Other decentralized apps don't need a blockchain, which include messaging apps. It is just direct peer-to-peer communication using software that users have installed on their device. The good thing about it is that no third party can control these applications, giving users full control of their data or communication.


Figure 2. A truly independent phone is one that has no connection to any centralized authority, be it a telecom provider or ISP (Internet Service Provider).

Some users may be wondering if an independent phone is the same as a burner phone. They are actually not, though they can both be used to provide more privacy. A burner phone was meant to be used temporarily for communications on data access, but never as the primary driver for daily life. It also connects to a network provider using a SIM card, so the communications can be monitored if not encrypted. A burner phone can be discarded after use, making it a better choice for privacy since a user can avoid detection. This is probably not for your average person who wants privacy since they need to keep their phone.

The Caveats

With browsers that protect user privacy, it may not work with certain websites that require data collection. That is why users can opt out of browsing a website that requires your data. At least they have to be up front about it now due to GDPR requirements. If a user refuses to provide their data, then they will have no access to a website. This is unfortunate to accessing information or using a service. At times you really do have to provide some data (e.g. location, browser used, operating system, etc.), but nothing too personal.


Since the web works on plenty of data collection, if a user blocks certain ads they may not have access to a website. Users who don't want to be tracked would have to stay away from such websites. Most of these websites are related to news and culture, and they do want to have information about their visitors. These are all for analytics to allow for keeping statistics on whether content is getting enough traffic and engagement from users.


Certain websites and services also want to track users. They will need this either for ads or for billing purposes. A telco needs to know a user's location in order to apply charges to calls. Social media platforms need to know user preferences so they can set the data in cookies to give user's easier access to the app. The data being gathered is not nefarious at all, but rather beneficial for user experiences. By not installing these apps, users do have more freedom from being tracked but will have no access to social communications and connections.


Open source apps also fall into a niche market. They are not easy to use and sometimes even harder to figure out. Their privacy-centric feature is the main reason for their use case, but users are more often tech savvy than the average user. There is also limited support to expect from these apps since they are provided as is. No guarantees, no liabilities and certainly no compensation provided for any damages caused to the user (physical or digital). This can be exploited by bad actors to spread malware and computer viruses, so be very careful.


An independent phone can be used to access the Internet securely via public data networks, but there is still exposure to data collection from surfing websites. Even if a user were to use a VPN or a browser like Brave, there are certain websites that will still require access to your data for purposes they can specify based on GDPR laws. Unfortunately for smartphone users, if they subscribe to a plan from a telecom provider they will be tracked by the network. An independent phone would thus require no access to telecom and ISP provider networks, and rely on the decentralized Internet for all communications.


Figure 3. Despite being free from third party tracking or tracing, you limit what you are accessing by being more private with your data.

Final Thoughts

There is not much freedom anymore since services (e.g. telecom) and Internet (e.g. ISP) access are controlled by big companies. Even the devices used (e.g. tablets and smartphones) can be tracked by the vendors who developed them. The access to information and communications is controlled by centralized organizations that are the tech companies. They still provide you the freedom to use their service, but in exchange for less privacy.


A truly independent phone is one that is not connected or controlled by any network or vendor. It would rely on a decentralized manner of connectivity that is not running on a single network. There must also be no backdoors or vectors for forced access by any entity. It is hard to fully certify any device, be it smartphone or computer, that is totally free from these controls. It can truly be independent if the user can also encrypt their information and communications. This also gives more freedom to the user, but there is a tradeoff.


It is a matter of choice on what sort of tradeoff there is for an individual for using an independent phone. If a user wants to truly disappear in the hopes of not being tracked, an independent phone is the way to go. It just requires so much more effort on the part of the user to hide their digital fingerprints and footprints, it must really be for valid reasons (e.g. politically exposed person, legitimate spy). You would have to give up certain things in order to achieve this. Going through all those steps would be necessary but does it really give them more freedom? It means no access to very popular apps and websites.


Most people will remain with what they already have through a paid subscription. It is just the way life works, because these are now essential to modern living. Subscriptions offer convenience and easy access to information and communications services. Consider the tradeoff with more privacy vs. lesser access to services on the Internet.


That would mean having to give up using popular apps (e.g. social media), many free services on the web (e.g. e-mail) and no more cellular phone subscription (e.g. voice calls, SMS text). That could mean less freedom of access to information and communication if it is being limited by more privacy measures. The good thing to know is that there are still ways to protect your privacy, even if you are not using an independent phone.



Credits:

(Photo Banner Credit by Artem Podrez)


Figure 1 - Photo by Giftpundits.com

Figure 2 - Photo by Eren Li

Figure 3 - Photo by Karolina Grabowska