Topics Mobile Phones

All mobile phones have proprietary components, which combined with their always-connected nature and portability makes them inherently insecure. As such, your phone should never be trusted with highly sensitive information involved in browsing, communication, or anything else.

• EFF: The Problem with Mobile Phones

Location Privacy

The design of cell networks necessitates that a given phone’s approximate location be available to the telecom operator in order to provide service. Telecoms generally collect this location data, correlate it with the customer records they have on file, and sell it to marketers and law enforcement¹ as well as unintentionally leaking it to other parties.²

Mitigation Techniques

Here are some ways you can mitigate privacy risks in your day-to-day use of a phone:

• Enable full-disk encryption (on by default in iOS, must be enabled in settings in some versions of Android).
• Use a strong passcode to lock your device (there is no limit to length). Do not rely on methods of authentication that do not require your cooperation, such as the fingerprint reader or facial recognition.
• Set the device to lock after a short period of inactivity, requiring the passcode, immediately.
• Avoid all sensitive browsing on the device.
• Understand the risks of so-called cloud services (especially for backups).
• Never plug your device into an untrusted USB port.
• If you must browse on phone, use Firefox for Android and Firefox Focus for iOS (Focus has stronger privacy features than regular Firefox for iOS).
• Set your device to self-destruct after a certain number of failed attempts to unlock.
• Make sure notifications don’t leak sensitive information when the phone is locked.
• Set your browser not to retain browsing history.
• If you don’t want your location tracked, leave your phone at home.
• If you are concerned about being recorded, keep all phones out of listening range.

All in all, consider what information will be exposed if your phone is confiscated or otherwise compromised.

Many of these tips are elaborated upon in Freedom of the Press Foundation’s training guide:

• Mobile Security Prevention Tips
• Rapid Responses For Compromised Phones
• What To Do If Your Phone Is Seized By The Police