digitaLiberties

Who is your phone talking to?

“The Secret Life of your Mobile Phone” is a stage show dedicated to probing how smartphones leak private information. Why are our phones so sneaky?

Matthew Linares
24 April 2015
Shutterstock/OliverSved. All rights reserved.

Shutterstock/OliverSved. All rights reserved.Confusion strikes at the ticket desk: my name is on the iPad guest list, but the attendant has already swiped it off as someone else entered. It's a mistake she quickly overcomes, but tonight's show is about my phone's "secret life" with insinuations on the frailty of my data. I linger on the error, gamely aware of the possible implications for security. Sensing trepidation, she jovially suggests that the fun may already have begun, my identity toyed with in a way I'm yet to fathom. I shuffle on the spot.

Once past the desk, friends alert me to the message on posters dotted around the venue, complicating the matter:

"By entering this venue you accept your mobile phone communications may be intercepted by the show's creators and used in the performance."

The “Secret Life of Your Mobile Phone is hosted by the Cybersalon, a highly sociable "think tank on digital futures" which has run gatherings on related themes since 1997. Tonight the salon lures us in to be entertained as we learn how, and why, our phones leak private information. Channel Four journalist Geoff White takes to the stage with an unnerving raft of provisos in a gloss more apt to the hypnotist's schtick. He promises the audience that "we will not make public your deeply private information." His sidekick, Glenn Wilkinson, an ethical hacker-for-hire with Sensepost, sits fixated at his on-stage computer bank, busy with some nameless task.

 White proceeds to meditate on the phenomenon of smartphones, reflecting on our intimacy with them, noting their peculiarities as continual companions and bed buddies. With their endless, silent signals through apps and otherwise, they actually "talk a lot more than you do. You just need to know how to talk to them...Your phone is a different species. It sees the world differently." So we go on a kind of phone safari, with our in-house hacker tracking the crowd's devices live, deciphering signals and past geographies, all indicative of personality and wealth.

A giant list of the audience's phone connections comes up on screen. They are always having conversations with the networks, known and unknown, that they interact with on our behalf. That list soon becomes a global map of places we, the captive audience, have previously hooked on to wifi connections.

In one demonstrated technique, the wifi networks your phone knows from past logins, and therefore openly searches for, can hint at who you are and whether you're a ‘low roller’ (MacDonalds and EasyJet wifi network names) or a ‘high roller’ (BA First Class Lounge and HSBC corporate networks).

Dustbins do data

Snooping agents can also pick out your phone's unique fingerprint, the so-called MAC address, to track you passing through town. It was something like this legal yet dubious trick that was used by advertising dustbins tooled with snooping equipment. These were eventually banned from the streets of London for tracking unwitting passersby.

In response to that revelation, the CEO of the responsible firm said: "London is the most heavily surveillanced city in the world…As long as we don't add a name and home address, it's legal...some of the technology we will be testing will be on the boundaries of what is regulated and discussed."

Anonymised data only means "we don't have your name"; but names are not so important, since plenty can be deduced without. It has been repeatedly proven that it's trivial to find a name from an anonymous ID anyway.

Wilkinson, reminds us that manufacturers haven't fixed the bug (or is it a feature?) that allows this for a mixture of reasons, not least the commercial importance of convenience versus security: it is more convenient for phones to just seek connections openly than maintain safer standards.

In a similar style, we are told that free internet run by some local UK authorities gathers data on passers-by who use it or not, thanks to firms who offer the "service of free public wi-fi" such as, supposedly, Purple Wifi. Such approaches seem rife, and yet typically we remain unaware.

Why is my phone so sneaky?

Shutterstock/StudioIcon. All rights reserved.

Shutterstock/StudioIcon. All rights reserved.The narrative eventually turns to the causal, as we consider why all this is happening. Folks in the industry are known to utter the mantra that "data is cash". What then, does that mean? Are we to understand that these reams of personal data can be so adroitly employed for targeted advertising that legions of free apps are funded thanks to their contribution to these more focused advertisements?

To the contrary, suggests White, it would seem that even highly targeted advertising is not effective enough to justify the huge sums ploughed in to prop up these firms. The data rush is an oil rush, but the fuel here has not been proven to work. White says he's not certain, but he senses there's a bubble growing on the back of the supposed asset value of user data. A subsequent tech crash is due soon.

Moreover, these data collection methods are hotly debated, where the debate exists. Cybersalon is one of those places. Voices soon chimed in on the ethics of gathering this data, on who drives these trends, on whether website ad-blocking is theft, and where policy stands on all this. This show would rally debate anywhere though.

"Actually don't Google it... Use a search engine! I hate the verb Google," shudders White, correcting himself in the midst of another point. There is the air of a journalist facing up against shadows and giants.

Why did they make the show? "It just pissed me off" remarks White. When it comes to the tricky technicals of the software underpinning our lives, people have a sense, propelled by the industry, that they'll "never understand, it's too complicated; but that's nonsense." People need to understand to engage.

The pair's expertise is nicely offset by their searching approach to the problem, as they turn to the audience for answers about the dizzying state of the business, the politics and the future. They are moulding this show and recruiting as they go, hoping that audience members who have had their phones inspected here might go away and confront the companies gathering data without their knowledge. Fetching USB bracelets are handed out at the end loaded with individual audience data as collected during the show as well as a copy of the sneaky software tools of choice, such as Wireshark. This is to encourage people to get a grip on their data, and perhaps chase up those mystery data farmers mopping it up. Future versions of the performance may feature just such a showdown.

"When you hit one website, data spaffs out to a whole host of other websites" you may never have heard of. I'd not heard of the word ‘spaff’, but I'm convinced that we do need a fresh vocabulary to grasp the choppy reality of this proliferating digital  ‘expansopticon’.

Moreover, we will certainly benefit from more colour and humour brought to the sometimes dreary drudge of data privacy politics. Our hosts are investigators at the cusp who will clearly bring the state of the art to this production as it travels in the months to come. On the mobile question, White and Wilkinson are a skilled and jolly duo to creak open the case.

Had enough of ‘alternative facts’? openDemocracy is different Join the conversation: get our weekly email

Comments

We encourage anyone to comment, please consult the oD commenting guidelines if you have any questions.
Audio available Bookmark Check Language Close Comments Download Facebook Link Email Newsletter Newsletter Play Print Share Twitter Youtube Search Instagram WhatsApp yourData