Your cellphone is a tracking device collecting a lot more information about you than you may think, says ProPublica investigative reporter Peter Maass.
"They are collecting where we are — not just at one particular moment in the day, but at virtually every moment of the day," Maass tells Fresh Air's Dave Davies. "They are also taking note of what we are buying, how we're purchasing it, how often we're purchasing it."
Maass says cellphone companies collect some of this information — such as location data — to monitor patterns of phone use and ensure that their networks operate properly. But while some cellphone providers eventually delete this data, other providers retain it for essentially "indefinite periods of time," he says.
And because there aren't any federal laws on how long wireless providers can retain information, wireless providers may "do as they wish," Maass says.
He calls the information "potentially a gold mine of data-mining information."
"When you know where somebody is, what they're doing, how long you're there for — that could be commercially useful, if not for the cellphone company, at least to other third-party companies who have things to sell," Maass says.
Cell data is also very useful to law enforcement during the course of an investigation and, Maass says, not difficult to access. A report released in July by Rep. Ed Markey, D-Mass., revealed that wireless carriers responded to more than 1.3 million cell data requests from law enforcement in 2011.
"Back in the day with landlines, [there] were pretty clear, pretty strict laws about what the police could access, when it could access it, and what sort of judicial oversight was required," he says. "These days, because cellphone technology in particular and the data it produces is relatively new and so abundant, the law hasn't really kept up with it, so law enforcement is really not faced with as many limits as it used to be."
Maass says regulators at the Federal Trade Commission do not have as much authority or impact as European regulators do — not because they don't wish to uncover privacy violations, but because of a lack of relevant, up-to-date laws and inadequate funding.
While people can reduce the amount of cellphone tracking by not using location applications and turning off their cellphones, Maass says, there is only one way to prevent a cellphone from collecting information: "The answer, pretty much, is don't use a cellphone at all."
On the outsourcing of technology regulation to Europe
"This is one of the very useful aspects of the global nature of Web use. For example, Facebook, of course, has about 900 million customers, and a huge number of those quite obviously are not in the United States. Now, when European regulators ask Facebook to make a change, or levy a fine against Facebook — and I'm just using Facebook as an example here. Facebook tends to apply all these changes, positive changes, to all of its customers.
"So the advantage of this — in a way, it's outsourcing regulation — is when a European regulator gets a major technology company, and most of the major ones are American — we're talking about Google, we're talking about Facebook, Twitter, etc. — when European regulators ask them to make a change, those changes are applied in most cases to all of the technology companies' clients, including those in the United States.
"So we here in America benefit when a European regulator leans for privacy purposes on an American company. And that's one way these days our privacy is protected, because it's not just the federal government, which has its hands obviously quite full, but also European regulators who have influence over American companies. ...
"And there are not the same kinds of concerns as there are in Europe — for example, how is this going to affect Google's bottom line? — as there might be in America among Washington politicians and other folks who do need to be aware of America's, who are aware of America's competitive position and do take that into consideration."
On how privacy violations in the U.S. were discovered by European regulators
"The best example is Google Street View. ... In America there was some opposition to Google taking pictures of everyone's house, but basically the program went ahead fine. ... Google said, 'Don't worry, we're just taking pictures of houses, it's not [a] big deal, we're not downloading any data.'
"In Europe, where there's much more recent history in the 20th century of abuses of personal information, there was a lot more opposition, because people were saying, 'Wait a minute, what are you doing? Do you really have the right to take pictures of our houses? Is that all you're doing with these fancy cars that have all this machinery in them?' And there was a data commissioner — or data protection officer — in Hamburg [Germany] who insisted that Google let him — his office — inspect the hard drive of one of these cars to make sure that all it was doing was taking pictures, and, to make a long story short, what he found out was that Google wasn't just taking pictures. Google was also downloading data from open Wi-Fi networks as its cars went down these streets, and Google had said it wasn't doing this. ... Now, Google had also been doing this in the United States, but American authorities had not really pushed Google to the wall enough on what its cars were doing. ...
"Now, this is the kind of thing one would ideally want our own regulators to be aware of and to have surfaced and punished Google for if indeed this was a privacy violation. But, in fact, it was European authorities who really led the way on this, and I talked with officials at the FTC and they admitted, yes, the Europeans were the ones who found out Google was downloading personal data, not them. And one of the reasons why is European authorities have a bit more authority in some important cases, in important areas, than American authorities do. There are folks in the FTC who are real privacy hounds, who come from the privacy sphere, but they don't have necessarily the funding and they don't necessarily have the authority to get the information and to do what they might like to do in a more ideal situation."
On why we should call our cellphones "trackers"
"We think they should be called trackers because we're no longer using them as phones. There was a study done by a British cellphone carrier quite recently, which asked smartphone users, 'What are you actually using these devices for?' And making phone calls was actually the fifth most popular thing that smartphones are being used for. More popular was checking your email, checking your social media, listening to music, playing games, things of that sort. So phoning people on your smartphone is really not what most of us are using these devices for, so it's not accurate, in a way, to refer to them as phones, when what we're using them for are things other than making phone calls.
"But, more important than that, in some ways, is our understanding of what these things are. When we call them phones, we think of them as phones. This is the whole idea of framing. In politics, if you call something a death panel, that influences what people think about it. If you call something Obamacare, that influences what people think about it, positively or negatively. So with these smartphones, given that they do so much tracking, in the sense of, 'We're keeping track of our lives, we're keeping track of the news, we're keeping track of our friends, and corporate and government entities are keeping track of us,' if we call them trackers, then we're doing a much better job of informing ourselves what these devices are actually doing, and what we're really using them for."