This article is part of a series on corporate surveillance highlighting civil liberty, privacy, cyber security, safety, and tech-product user exploitation threats associated with connected products that are supported by the Android (Google) OS, Apple iOS, and Microsoft Windows OS.
So far, in this series of articles, we have covered “Surveillance Capitalism: Monetizing the Smartphone User” and “Legal Malware: How Tech Giants Collect Personal and Professional Info Through Apps.”
Now, let me pose a question: How is it legal for tech giants to intentionally develop addictive technology in order to lawfully exploit their product users for financial gain at the expense of the user’s civil liberties, privacy, cyber security, and safety?
After analyzing the pre-installed (“rooted”) content that supported a Samsung Galaxy Note smartphone that I had purchased from a T-Mobile corporate store, I was astonished to learn that there were more than 15 multinational companies enabled to monitor, track, and data-mine almost all of the product user’s personal and professional telecom-related digital DNA.
I was horrified to find out that the collective digital DNA being harvested and used for financial gain by all parties concerned included the following:
• Surveillance data, such as location data, geofence data, motion data, health and fitness data, auto-telematics (a car’s speed), biometric data, audio and video of the user, among others. Note that geofence data includes the specific time a user arrives and departs from specific locations.
• Sensitive user data, such as the user’s ID, text messages, email attachments, emails, contacts (electronic address book), calendar events, instant messages, and other particulars.
• Surveillance and sensitive user data acquired from multiple sources (connected to the host device), such as voice-automated products (e.g. Echo powered by Amazon), social media accounts, personal accounts (banking, medical, etc.), tablet PCs, TVs, and vehicles.
I couldn’t find anything specific other than references to the fact that all parties concerned were enabled to share “unidentifiable personal information” with third-parties, such as advertisers, publishers, partners, and other nebulous entities, as confirmed by Google and T-Mobile’s privacy policies.
I had a false sense of security that my ID was at least protected, but I was highly concerned with regard to how much surveillance companies were conducting on my personal and professional activities, plus how much collective digital DNA that said companies were enabled to collect and use.
My research, coupled with the admissions by T-Mobile, Verizon, Google, and Facebook, concluded that social media, smartphone, and connected-product users may be clicking away their civil liberties, privacy, cybersecurity, and safety when they click on “I Agree” without reading the fine print.
Furthermore, users are agreeing in some cases to pay content providers to exploit their personal data for financial gain at the expense of their civil liberties, privacy, cybersecurity, and safety.
In essence, all product users can actually be described as “uncompensated information producers,” who are being exploited for financial gain by the very tech companies that users patronize with their loyalty, trust, and hard-earned money.
Clicking on ‘I Agree’
Now for another question: Why do we click on “I Agree” without reading the fine print, if the consequences are so devastating to one’s civil liberties, privacy, cyber security, and safety?
Answer: We click on “I Agree” without reading the fine print to participate, coupled with the fact that so many of us are suffering from cyber-addiction due to addictive technology.
The first step to recovery is admitting that there’s a problem.
We are so eager to participate due to our addiction to technology that we will actually click on “I Agree” to accept a legal contract without bothering to read the fine print, even if the legal contract is predatory, exploitative, and misleading.
Google, Apple, Microsoft, Facebook, Amazon, Baidu, and other tech giants bank on the fact that people, including children as young as 13, will just click on “I Agree” to accept a legal agreement without reading the fine print.
The fact that product users aren’t reading the fine print has earned billions in profits for said companies by way of exploiting their product users’ collective digital DNA for financial gain.
- terms and conditions (T&Cs)
- privacy policies
- end user licensing agreements (EULAs)
- application permission statements (App Permissions)
- application product warnings
- interactive application permission command strings
Some smartphone and connected-product users are familiar with app permissions associated with third-party content, such as apps that are distributed by sources such as Google Play or the Apple App Store.
However, nearly all smartphone and connected product users don’t realize that the pre-installed apps, widgets, and emojis that support their devices are also supported by app permissions, which are also supported by application product warnings and interactive application permission command strings.
Which leads me to my next question: Why is the pre-installed application legalese so important to the product user?
Answer: The app legalese explains the level of surveillance that content developers can conduct on the product user, while also explaining how much personal and professional telecom-related digital DNA can be collected by the parties concerned.
The pre-installed app legalese is the most important legalese to the product owner and/or user, yet companies such as Google, Apple, Microsoft, Amazon, Facebook, and Baidu hide the application legalese within the operating system of the product.
I believe that all parties concerned hide the app legalese because most people wouldn’t buy a smartphone if they were able to read it prior to making a product purchase.
Don’t take my word for this claim: Read the Android app legalese examples below that are associated with the pre-installed content that supports the Samsung Galaxy Note smartphone.
- Access to your personal ID: “Allows apps to read personal profile information stored on your device, such as your name and contact information. This means that apps can identify you and may send your profile information to others.”
- Access to your social media messages (includes product warning to censor speech): “Allows the app to access and sync social updates from you and your friends. Be careful when sharing information—this allows the app to read communications between you and your friends on social media networks, regardless of confidentiality. Note: this permission may not be enforced on all social networks.”
- Access to your text messages: “Allows the app to read SMS messages stored on your phone or SIM card. This allows the app to read all SMS messages, regardless of content or confidentiality.”
- Access to your contacts (includes product warning): “Allows the app to read data about your contacts stored on your phone, including the frequency with which you’ve called, emailed, or communicated in other ways with specific individuals. This permission allows the apps to save your contact data, and malicious apps may share contact data without your knowledge.”
- Access to your calendar data: “Allows the app to read all calendar events stored on your phone, including those of friends or co-workers. This may allow the app to share or save your calendar data, regardless of confidentiality or sensitivity.”
- Access to the device’s microphone and volume control: “Allows the app to record audio with the microphone. This permission allows the app to record audio at any time without your confirmation. Allows the app to modify global audio settings, such as the volume and which speaker is used for output.”
- Access to the device’s camera: “Allows the app to take pictures and videos with the camera. This permission allows the app to use the camera at any time without your confirmation.”
- Access to email attachments and instant messages: “Allows this application to access your email attachments. Read Instant Messages.”
- Access to surveillance data (e.g., location data): “Allows the app to get your precise location using the Global Positioning System (GPS) or network sources, such as cell towers and Wi-Fi. These location services must be turned on and available to your device for the app to use them. Apps may use this to determine where you are, and may consume additional battery power.”
Note that the above app permissions and product warnings are only a few of numerous permissions that support a single smartphone. Some individual apps can be supported by over 60 intrusive and exploitative permissions.
So this then begs the question: If you were enabled to read the enclosed pre-installed app permissions and product warnings prior to making your smartphone purchase, would you have purchased your smartphone?
I believe that it is illegal to hide application legalese and product warnings from consumers and businesses.
Hiding product warnings from consumers is tantamount to a cigarette company hiding the product warnings associated with cigarettes within the packaging.
Smartphones Aren’t Private or Secure
In closing, we can see that telecom-related products such as smartphones and connected products that are supported by the Android OS, Apple iOS, and Microsoft Windows OS aren’t private, secure, or safe forms of telecommunications and computing, due to uncontrollable pre-installed surveillance and data-mining technology in the form of content such as apps.
Don’t take my word for this claim: T-Mobile and Verizon told me that all products concerned aren’t private, secure or safe due to pre-installed surveillance and data mining technology developed by Google, Apple, and Microsoft, plus all relevant pre-installed content developers.
T-Mobile’s admission: “We, too, remember a time before smartphones when it was reasonable to conclude that when you activated service with T-Mobile that only T-Mobile would have access to our personal information. However, with the Samsung Galaxy Note, the iPhone, and many other devices, there are indeed a variety of parties that may collect and use information.”—T-Mobile Privacy Team (FCC Consumer Complaint #423849 filed by Rex M. Lee/Public Record)
In April, I contacted Verizon to see if I could purchase a private, secure, and safe smartphone, tablet PC, or even a traditional cellular phone. While Verizon said they could sell me a private, secure, and safe telecom-related solution, after reviewing the options, I concluded that wasn’t the case.
Verizon agreed with my conclusions that all products concerned aren’t private, secure, or safe telecom-related solutions:
Verizon’s admission: “We have reviewed your request at the highest levels of our organization and have confirmed that the only solutions to make a phone private and secure are available through third-parties, not directly from Verizon. … Additionally, Verizon is not equipped to address preinstalled solutions or applications on any device.” (July 2, 2018)
Note that pre-installed and/or third-party mobile device management (MDM) and security apps, such as Samsung Knox and IBM MaaS360, don’t protect the product user from the pre-installed surveillance and data-mining technology developed by all parties concerned.
My closing question is, how come the Federal Trade Commission, Federal Communications Commission, state attorneys general, and lawmakers haven’t protected U.S. citizens, children, and business professionals from companies that employ predatory surveillance and data-mining business practices rooted in surveillance capitalism?
This question remains unanswered. However, I will be addressing this question, as well as how to understand your rights, the harmful use of digital DNA, and the legality regarding surveillance and data-mining business practices in my next articles.
Rex M. Lee is a privacy and data security consultant and Blackops Partners analyst and researcher.
Views expressed in this article are the opinions of the author and do not necessarily reflect the views of The Epoch Times.