This article is part of a series on corporate surveillance, highlighting civil liberty, privacy, cybersecurity, safety, and tech-product user exploitation threats associated with connected products that are supported by the Android (Google) OS, Apple iOS, and Microsoft Windows OS, smartphones and their harmful effects. Part 1 of this article can be read here.
Telecommunication subscribers (“paying customers,” both individuals and businesses) and authorized device users (spouse, children, and employees) aren’t indemnified (protected) from harm even if companies such as AT&T and Google are negligent with the telecom-product user’s personal and professional information (“digital DNA”).
I will present the evidence and let all parties concerned, including the public, decide.
First, in order to understand the law, U.S. telecommunications subscribers and authorized device users need to realize that a smartphone is an integrated cellular phone and computer supported by protected (due process/Fourth Amendment) telecom infrastructure governed by the FCC.
Protected telecommunications mean that telecom-product users are covered by numerous telecom and consumer laws that are meant to protect their privacy, plus protect them from fraud and deceptive trade practices associated with products that require payment, such as smartphones.
Now that we understand that telecom-product owners and users have rights, we can move forward.
Forced Participation and Express (“Lawful”) Consent
I want to state that I’m not against surveillance and data-mining business practices, as long as the telecom-product user has the freedom to opt in or out of said practices at any time.
I also believe that telecom service providers (e.g. AT&T), smartphone manufacturers (e.g. Samsung), operating system (OS) developers (e.g. Apple, Google, Microsoft), and pre-installed content developers (e.g. Amazon, Facebook, Baidu, etc.) should be required by law to fully disclose, in fine detail, all surveillance and data-mining business practices associated with all products concerned, especially telecom-related products such as smartphones.
Due to unpublished (hidden-in-device) application legalese and application product warnings that support the pre-installed content, such as smartphone apps, I believe that telecom subscribers and authorized device users are being forced to participate in a highly exploitative surveillance and data-mining business model.
Surveillance and data-mining business practices enable the telecom provider, smartphone manufacture, OS developer, and pre-installed content developers with the ability to monitor, track, and data-mine the smartphone user for financial gain.
Smartphone users are surveilled and data-mined at the expense of their civil liberties, privacy, cyber security, and safety, regardless if the user is an adult, child, or business professional.
• Social media app includes a product warning to censor speech: “Allows the app to access and sync social updates from you and your friends. Be careful when sharing information—this allows the app to read communications between you and your friends on social networks, regardless of confidentiality. Note: This permission may not be enforced on all social networks.”
• Calendar app includes a product warning: “Allows the app to read data about your contacts stored on your phone, including the frequency with which you’ve called, emailed, or communicated in other ways with specific individuals. This permission allows apps to save your contact data, and malicious apps may share contact data without your knowledge.”
According to the Texas Deceptive Trade Practices Act (DTPA), chapter 17, statute 17.12 (deceptive advertising), I believe that the telecom subscriber is fraudulently induced into purchasing all products concerned, due to misleading advertising, which doesn’t disclose surveillance and data-mining business practices associated with telecom products such as a smartphone.
Furthermore, telecommunication subscribers are being fraudulently induced into purchasing addictive, intrusive, exploitative, and harmful technology, developed by companies such as Google and Facebook.
Don’t take my word for this claim: T-Mobile and Verizon, plus former executives and product developers for Alphabet Inc. (Google) and Facebook, admit that social media platforms, smartphones, tablet PCs, and connected products are supported by addictive, intrusive, exploitative, and harmful pre-installed content that the product owner or user can’t uninstall nor in many cases control or disable.
As noted in previous articles of this series, T-Mobile and Verizon admit that smartphones aren’t private, secure, or safe forms of telecommunications and computing, due to uncontrollable pre-installed addictive, intrusive, exploitative, and harmful content. Advertisements for smartphones don’t disclose this.
Furthermore, ads don’t disclose that the pre-installed content that supports a smartphone is supported by intrusive and exploitative application legalese that includes numerous application product warnings.
Deceptive Trade Practices
It’s impossible for a smartphone owner or user to locate unpublished application legalese and product warnings without proper instruction.
Here’s how to locate Android (Google) application legalese associated with the pre-installed apps that support a Samsung Galaxy Note 8 smartphone.
Step 1: Swipe down top of screen to locate settings.
Step 2: Tap settings icon located in top right-hand corner.
Step 3: Tap “Apps.”
Step 4: Tap on an app.
Step 5: Tap on “Permissions.”
Step 6: Locate and tap navigation buttons located in top right-hand corner.
Step 7: Tap on “All Permissions.”
Step 8: Tap on a master permission to reveal application permission statements and application product warnings.
Step 9: Read hidden application permission statement.
A device user must know that pre-installed app permissions exist in order to try to locate the permissions. The device user has to know what navigation buttons are and how to use them to locate the hidden pre-installed app permissions. The user is led to believe the Calendar app (used in this example) only has five permissions that can be controlled. The user has to know to click on the navigation buttons to locate the “All Permissions” navigation button to find all of the permissions and hidden app legalese attached to the Calendar app. The other hidden app permissions cannot be controlled.
The above example shows that Google, Samsung, and AT&T are potentially violating consumer laws associated with deceptive trade practices by hiding application legalese and product warnings from the smartphone owner, which, in this case, was me.
Without knowing where to start, plus knowing the exact order of taps, swipes, and touches, the product owner and/or user will never know how to find the application legalese and product warnings that support the pre-installed apps associated with the Galaxy Note 8 or any other smartphone for that matter.
Smartphone users have no idea that the apps can actually identify the product user, plus forward the user’s ID and profile information to the content developer and others.
• Samsung Galaxy Note 2, Personal Profile App Permissions: “Allows apps to read personal profile information stored on your device, such as your name and contact information. This means apps can identify you and may send your profile information to others.”
Examples of Android, Apple, and Microsoft unpublished application legalese hidden in the OS or within settings of smartphones, tablet PCs, and PCs, in general, include statements on accessing your location (determined from network location sources such as phone towers, Wi-Fi, and GPS) or tracking of PC use.
Unpublished legalese such as app permissions explains to the connected-product user the level of surveillance and data mining that the content developer can conduct on them via pre-installed apps.
In addition, many app permissions contain application product warnings, which are not transparent to the product user.
After all, how can a product user heed a non-transparent product warning such as the Android (Google) examples below?
• Phone data product warning: “Allows the app to call phone numbers without your intervention. This may result in unexpected charges or calls. Note that this doesn’t allow the app to call emergency numbers. Malicious apps may cost you money by making calls without your confirmation.”
• Phone log product warning: “Allows the app to read your phone’s call log, including data about incoming and outgoing calls. The permission allows apps to save your call log data, and malicious apps may share call log data without your knowledge.”
This leads to two questions: “How can product owners and users be legally bound to non-transparent legalese associated with a legal contract?” And “What kind of company feels that it is necessary to not publish application legalese that includes application product warnings within the published (online) terms and conditions, privacy policies, or end-user licensing agreements?”
Additionally, unpublished application legalese that includes application product warnings aren’t disclosed within TV ads, the sales process, or published within product packaging.
4. Predatory App Permissions are Defaulted to “On”
Another example of a deceptive trade practice is that content developers default controllable application permissions to “on.”
When a consumer or business first purchases a smartphone and then activates the smartphone, controllable application permissions are defaulted to “on.”
This means that if the smartphone owner doesn’t know how to configure his or her device for optimum privacy, the predatory apps will enable the developers to monitor, track, and data-mine the product user for financial gain without the user’s consent or knowledge.
Without proper instruction, the smartphone owner won’t even know he or she can disable some intrusive permissions associated with some pre-installed apps.
However, the dirty secret is the fact that the smartphone owner only has control over some app permissions but not all app permissions, because the apps are supported by two sets of app permissions that include controllable permissions and uncontrollable permissions.
This leads to another question: “What kind of company intentionally sets controllable application permissions to “on” while not disclosing instructions on how to configure the product for optimum privacy?”
The smartphone user is left with a false sense of security, believing they are in control of their device when the fact is, they are not in control, even though they paid for the product.
5. Two Sets of App Permissions: Controllable and Uncontrollable
As just mentioned, another example of a deceptive trade practice is that some pre-installed apps are supported by two sets of app permissions, of which the smartphone user can control some permissions that are transparent to the user.
However, some pre-installed apps are actually supported by application permissions that aren’t transparent to the smartphone user unless the user knows how to locate the hidden second set of application permissions and application product warnings.
6. User App Permissions and System App Permissions
Yet another example of a deceptive trade practice is that the smartphone is supported by user apps and systems apps, both of which are supported by intrusive and exploitative application permissions and application product warnings.
The user apps are transparent to the smartphone user, yet the system apps aren’t transparent to the user unless the user knows how to locate the system apps.
I believe examples 1–6, discussed above, are all clear violations of consumer laws that are enforced at the state and federal level, which are governed by the FTC and state AGs.
In closing, my analysis of the Texas DTPA revealed numerous violations that I’ve documented and reported to the Texas AG’s office, plus I have reported numerous violations of federal consumer laws to the FCC and FTC.
To date, neither the FTC, FCC, nor the Texas AG’s office has investigated the violations that I’ve reported.
As it remains today, telecom and tech giants may be actively violating consumer laws at the state and federal level if my analysis is correct.
It’s clear that numerous laws are possibly being violated by all parties concerned, yet the FTC, FCC, DOJ, state AGs and law makers aren’t willing to protect citizens, children, and business professionals from predatory surveillance and data-mining business practices rooted in surveillance capitalism.
It’s time they did so.
In the next article, I will reveal numerous privacy and cyber security threats associated with the use of smartphones, tablet PCs, and connected products within the defense industry, critical infrastructure, and enterprise business.
Rex M. Lee is a privacy and data security consultant and an analyst and researcher for Blackops Partners. You can read of his analyses on his website, MySmartPrivacy.com
Views expressed in this article are the opinions of the author and do not necessarily reflect the views of The Epoch Times.