a3nm's blog

Mobile phones and privacy

— updated

There are multiple independent reasons to oppose mobile phones on privacy grounds, and they should be carefully distinguished. In this post, I attempt to sketch an exhaustive list.

Location tracking
It is easy for your mobile phone provider to know where your phone is located by looking at which cell sites it is connected to. As the provider usually knows your identity for billing reasons, and as your mobile phone is usually located on your person, this means that your provider usually knows where you are.
Avoiding this problem is not trivial. One solution is to use prepaid SIMs or other such systems where the billing is not performed directly by the cell phone operator (although in some countries, for instance France1, it is a legal requirement to provide proof of your identity when buying a prepaid SIM). Alternatively, you could also consider that your current location is not private information, because of all the other trends that tend to make it public (CCTV, etc.).
Internet interference
Internet traffic on mobile phones is often subjected to more invasive analysis than Internet traffic on computers through regular access providers. This may be because of the widespread policy of accounting for the volume of data transferred on mobile phones network, which is not so common (at least in France) for landline Internet connections, or because of the wish of some mobile phone operators to restrict the services that they allow in order to bill different Internet services separately (because they are used to having complete control on the phone used by the subscriber to access the Internet through the connection they provide). Because of such violations of net neutrality, the Internet access provided on mobile phones seems less trustworthy than a regular broadband connection.
The problem can be circumvented by using a different medium to access the Internet on your mobile, such as Wi-Fi. Otherwise, there is little objective reason to believe that the undesirable behavior of your mobile Internet access provider could not be replicated, at least in principle, by your landline Internet access provider.
Transfer security
Even without assuming interference from the phone provider, one can reasonably doubt the security of the encryption used between the phone and the cell site, leaving the transferred data potentially available to nearby attackers: weaknesses of A5/1, possible spoofing of cell sites, etc.
Of course, this is not worse than using, say, an open Wi-Fi network. You just have to put your own encryption on top of the link layer encryption. This may be harder, however, for standard phone calls and texts.
Phone wiretapping
There is a long history of police forces and other governmental services using wiretapping to access an individual's phone calls. This precedent is what motivates intrusive access to mobile phone calls, text messages, and to some metadata (e.g., who calls or texts whom and when) which is specific to telephones in general and mobile phones in particular.
Such wiretapping can be avoided by using encrypted Internet-based alternatives to standard telephony or text, though this is usually inconvenient because of sparser connectivity, more expensive billing, high bandwidth requirements, and reduced battery life.
Non-federated protocols
One can dislike the standard telephone network because it is less federated than the Internet. Of course, one could also criticize the Internet because it is not exactly federated, but it is certainly undesirable to use this additional single purpose network for voice and text messages with its strange historical billing policies.
This is not really a privacy problem, however, except for the reason that poorly federated protocols may promote bad security and privacy violations.
Proprietary software
Mobile phones ship with software that may be proprietary. This is, of course, a danger to privacy, as such software may misuse your data or incorporate deliberate backdoors or involuntary security flaws (conceivably opening your phone's microphone to a third party...) without any possibility of reviewing what is going on. On current smartphones, for instance, Apple iOS is proprietary, and Google's Android is mostly open source but all Google-branded applications (Google Maps, Google Play Store, etc.) are proprietary and some critical low-level components are also proprietary. Furthermore, if you obtained your phone from your phone operator (rather than buying the naked phone with a stock Android install), the carrier may have added its own applications which are probably proprietary and maybe pretty treacherous. Much more worryingly, the radio firmware of mobile phones is essentially always proprietary.
This issue can be mitigated by using free software on your phone. On Android phones, a first easy step, which does not however eliminate all proprietary dependencies, is to use a community-maintained ROM such as CyanogenMod without installing the proprietary Google applications. More radically, you can use Replicant to eliminate proprietary dependencies altogether (except for radio). It is also interesting to investigate existing or upcoming options such as the Maemo-based Nokia N900, the Openmoko-based Neo Freerunner, the Firefox-OS-based GeeksPhone Keon, the Ubuntu Touch OS, etc. As for the radio firmware, my knowledge of this is somewhat limited, but it seems like there is one (only one) open source alternative, namely OsmocomBB, which you can use on some very specific phones (for GSM, not 3G). So the issue of the radio firmware can also be solved, at least in principle.
Undesirable integrated services
Even if you trust the software on your phone to serve your needs, mobile phone operating systems today are usually configured to be very tightly integrated with third party services that you may not trust. For instance, Android phones with Google applications will encourage you to hand over your email, calendar, location (with Google Maps), searches (with Google Search), nearby Wi-Fi networks, etc., to Google.
Of course, to solve this, you just have to avoid the default services recommended by your phone software, in favor of trusted, privacy-aware or (ideally) self-hosted alternatives. This can be easier said than done, however. Most Android software is only distributed through the Google Play Store, meaning that you will be forced to use this service if you want to use such software. As another example, consider the task of maintaining a calendar on your Android phone and synchronizing with the outside world, without using Google Calendar or the protocol of the proprietary Microsoft Exchange: to my knowledge, the only way to perform this using free software has appeared only fairly recently.

My point in making this list is just of making people aware of what I hope is the complete privacy case against mobile phones, so that they can distinguish the various possible dangers and know where they stand relative to each of them. From there, the decision of what to do is a personal choice; for instance, my own choice is to give up on privacy for my physical location, mistrust the Internet connection as I would mistrust an open Wi-Fi, using a VPN and/or SSL connections, use standard calls and texts but keeping in mind that they are insecure, using Cyanogen (without Google applications, but with some proprietary blobs and proprietary radio firmware), and avoiding third-party services in favor of self-hosted ones.

Of course, this list does not cover other reasons to oppose mobile phones, such as boycotting them because of how they are produced, boycotting mobile phone plans, avoiding them on unclear health grounds, refusing to be constantly available and taking time to disconnect, etc. (this latter list is certainly not complete).

1 I tried for about two hours to to figure out the exact law which imposes this, but I couldn't find it. To my knowledge, all French mobile phones operators have a suspiciously similar activation procedure for prepaid SIMs requiring you to provide some proof of ID to use (or continue to use) the SIM you bought; however, it is never explained exactly why this activation procedure exists, the most explicit references in the TOS being "conformément à une demande ministérielle intervenue dans le cadre de la loi 91-646 du 10 juillet 1991 et à l’article L34-1-1 du code des postes et communications électroniques" which is pretty vague: I couldn't find anywhere the exact nature or text of this ministerial demand, and find this vaguely worrying.

comments welcome at a3nm<REMOVETHIS>@a3nm.net