Tags: Personal Privacy
Smart phones conveniently hold, in the Contacts app, the personal information that used to be a paper phone and address book. The names, addresses, and phone numbers of your friends and associates is important private data that should not be shared freely. Why should services like iCloud or Google get ahold of that data?
An issue has been in my head for a few years. The information we manage about our contacts, such as the names, phone numbers, and addresses, is something we should keep private. Neither cell phone makers nor cell phone companies have any need to know who our contacts are. Yet, the existing situation is that data held by the Contacts app is often pushed to a cloud service in exchange for the convenience of sharing contacts between devices.
Anyone with a smart phone will add friends and business associates into the contacts list. With a few taps the phone lets you backup those contacts to a cloud service (iCloud or Google Contacts). With a few more taps, the contacts can appear on a tablet device, or desktop computer, or be used in GMAIL, another phone, etc.
Your data is is then spread around multiple places. That cloud service offered convenience in exchange for your data. The convenience of not having to manually enter contact data into multiple applications, and to not have to update that data between multiple devices. The cloud service takes care of all that for you, in exchange for your data.
The first privacy concern about your smartphone contacts list is if your list is leaked to folks who will do harm. The second privacy concern is what we talk about later, that the big cloud providers have been given hundreds of millions of contacts files with no accountability over what they do with that data. A third privacy concern is the many applications which access your contacts data without disclosure.
The issue is bigger than the Contacts list. Those same companies entice us to store everything in their services. To take Google as an example, anyone can, for free, create a Google account, offering services including e-mail, file storage, photos storage, writing documents, spreadsheets, creating presentations, publishing videos, writing blog posts, chatting with friends, phone calls, text messages, store contacts, maintain a calendar, search queries, and much more. All of this is available for zero cost.
In exchange for these applications, Google has access to all the data managed by those apps. It's completely opaque what Google does with that data. We do know Google snarfles all data it can into virtual dossiers for each person. Any data stored in Google applications could well be mined for those dossiers. What purpose does Google have for doing this? And, it's not just Google, as other companies are following the same game plan.
How do these cloud service providers fund their business?
As they say, "If you don't pay for the product, you are the product". It may seem like you are their customer, but that's not true. Instead, these companies earn their revenue through other means. Google, for example, runs a massive advertising service with amazingly detailed demographic targeting. That targeted advertising is based on Google getting all of us to share our data with Google. Google earns its money through that advertising, showing us the advertisements paid for by advertisers.
The big name cloud service providers entice us to store our data in their services. To what end do they spend the big bucks required for hosting/managing those services? What do they do with our data? Why do they deserve to have that data? What can we do to regain our control over our data?
The enticement is real. Some services help us keep track of our friends and family. Others operate global scale sharing of pictures, videos, or ideas, into a communal pool of global conversation. Others provide the convenience of automatically backed up data that is autosynchronized between "all the screens of our life".
They make it very tempting. One might think it's nothing, so what if Google is placing advertising in front of us? I suggest rereading the book 1984 and realize that vision has become reality at a scale grander than what Orwell wrote.
This is starting to get rather heady. So, lets focus on what the title at the top of this blog post says. The contacts list on our cell phones.
Reviewing how Contacts data is typically stored
A smart phone has a telephone app, and an associated contacts app. The contacts data is used by the telephone app to help folks make phone calls. When making a phone call, we can tap the Contacts button to search for a contact by name, making it easy to phone call. The same action works for sending text messages, send e-mails, making calendar entries, etc.
Therefore each contact can hold a name, phone number, e-mail address, date of birth, physical address, and more. That's a lot of personal identifying data.
The contacts list identifies our relationships with others. Namely, it lists the people or companies with whom we want to easily make phone calls or make other contact. We are rightful owner of that Contacts data.
Our smart phone therefore has several applications which use and/or modify our contacts list. It is easy to find additional apps in the app-stores (like WhatsApp) that can also use the contacts list. That in turn means the contacts list has to be in a standard format for it to be shareable between applications.
The widely used standard format is vCard. A file containing vCard data is often called a Virtual Contact File. Hence, you may come across VCARD or VCF import/export of contacts data.
Sharing of contacts between devices
The cloud services offer the convenience of keeping the contacts list synchronized between multiple devices.
Doing that requires copying the contacts file between the devices. But, how?
- There could be an application to export the contacts to a file, that you then copy to other devices for import. But, what if you've made changes on multiple devices?
- The devices could directly connect to each other to exchange files. But, if they were behind two different routers they'd be unable to connect with each other.
- There could be a central service to which all your devices synchronize their changes, and they look at that device for updates.
While there are applications for exporting and importing contacts you're then faced with transferring the file between devices and then merging any updates into the contacts on the other devices. What if your contacts list is different between devices, because you made different updates to different devices?
The cloud service approach is the commonly used solution. It automatically takes care of everything so we don't need to bother our heads with this.
The actual implementation for synchronizing the contacts list between multiple client device (phone, tablet, or computer) uses the CARDDAV protocol, and the vCard data format. These are openly defined protocols. There is a wide range of software applications utilizing this format for a variety of purposes.
The typical situation looks like this:
- The Contacts list started in a phone
- On iOS devices, the contacts list is very likely synchronized to iCloud
- On Android devices, the contacts list is very likely synchronized to a Google service
- Any GMAIL user has very likely synchronized their contacts lists to that Google account
- The user then buys another device (a tablet?), connecting it to the same synchronization hub
On the desk where I'm writing this, we have at least 6 smart phones, two laptops, and two other laptops nearby, for two people.
Sitting with Paranoia, thinking about why cloud services collect contacts data
The contacts file created by one person lists their contacts. Each of their contacts has their own smart phone, along with their contacts file listing their contacts. Each person with a smart phone has a contacts file listing their contacts.
Gather all those contacts files into one location, and you can make a diagram like this:
Consider each circle as a person, with their smart phone(s), and contacts list. The arrows represent a connection to another person, as recorded in their contacts list.
This represents the interconnectedness of the human species. We are social animals (most of us) and like to be connected to others.
Any person or organization collecting the contacts lists of a large number of people can create a precise diagram of clusters of relationships.
What comes to mind is the ending of the movie Casablanca where the police guy orders Round up the usual suspects. If, instead, he had access to the totality of contacts lists in his city, the order could instead of been Round up the friends of so-and-so and such-and-so.
In other words, the contacts data collected by Apple, Google, Facebook, Twitter, et al, is an attractive resource that police and intelligence agencies around the world desire to possess.
It's altruistic that the cloud service providers want to help us record our list of contacts. Right? No. It costs them money, they are business people, and they need revenue for the investment.
Another issue shown here is, what happens to the contact files uploaded by all users of the particular cloud service? Does that cloud service connect the dots (literally) between those contacts files? Do they supply the contacts data to intelligence or police agencies?
Another issue is the many applications that access the contacts list. Many social-media apps want to quickly on-board users, and helpfully list people someone might know. But, how does the app already know your friends? Your friends might have shared their contacts list with the application. See How to prevent smartphone apps from accessing the Contacts list
While preparing this article, I received the following from Google:
Clicking through to the "Learn more about" link, I learn this is about home & work street addresses.
Is it altruistic that Google offers the convenience of filling our home address into forms on websites? So that we do not have to remember our home address? Offering a convenience in exchange for data could not be more explicit. Is this Google looking to gather even more data, and connect even more dots?
An agency that has data on connections between everyone in society has more control over that society. For example, the first step at investigating a crime is to look at the friends or friends of friends of the suspected perpetrator. An agency already with access to friends lists for every person need only pull up the database to list out friends and friends of friends.
Then what? What could go wrong?
Summary
I don't think my friends list is dangerous. I'm not committing crimes, and I think my friends are not committing crimes. There's little danger to me if a spy agency had my friends list. Right?
How many of us see it that way? Most of us aren't even thinking about this issue, we're too busy with various life things.
Thinking there's no danger, we've all uploaded our contacts lists to a small set of cloud services. Primarily that's the iOS and Android clouds, yes?
What could go wrong?
It's not paranoia when you know they are watching everyone and collecting data about what we all are doing. Even if we live in a country with a fairly strong rule of law, recent elections have shown that we're always one election away from an authoritarian being elected who changes all the rules.
That's why we should think about alternatives to the status quo. The status quo has given Big Brother a complete map of the friend relationships between everyone. What could go wrong?
The solution is to do something different than the status quo. Instead of using the cloud provider system for synchronizing contacts data, use a different system.
What could go right?