Back tracking | Smartphones & Privacy

Is your phone ‘back’ tracking you?

Billions of people around the world rely on their mobile phones for much more than just communication. In fact, these devices have become inseparable from their owners in every sense – including data privacy.

is your smart phone working for you or against you?

Backing up your data and changing your passwords regularly are good data security habits, but that’s not all it takes to be safe online anymore. Digital devices can track your location and movements, giving cybercriminals crucial information about you, and putting your privacy at risk.

If you’re an Android or iPhone user, you need to know the privacy risks involved in using a mobile device, especially if you’re a big fan of Facebook.

Let’s start with your next selfie.

snap, share, but beware

Next time you add a photo to your Facebook feed, you’ll be sharing a lot more than your latest designer dinner or happy family memory.

  • Digital photos contain a specific signature called EFIL data that includes the time and date the photo was taken, the specific device that was used to take it, and (most worryingly for Facebook users) the location where it was taken.
  • Twitter automatically removes this information when you upload a picture but Facebook doesn’t. In fact, there’s no way to prevent the site from retaining this information –  and that means it could be leaked in a data breach.

Unfortunately, if you’re not comfortable with this information being gathered by Facebook you may need to delete the app entirely.

The decision to do this is entirely up to the indificual Facebook user and you’ll need to weigh the benefits of staying connected with your friends and family or using the platform for business against the risk of having your private data leaked.

staying connected on the go – someone may be watching

Our phones go with us everywhere, and we’re always able to stay in touch with friends, family, and work contacts. This also creates a new risk – especially for iPhone users who have downloaded the  Facebook app.

  • The iPhone accelerometer which tracks your steps and helps you see whether you’ve hit 10 000 a day also gives Facebook the ability to know exactly where you are.
  • Believe it or not, this can even be done indirectly by comparing your accelerometer data with that of people nearby and matching your vibrations to theirs.
  • In other news, your phone’s Bluetooth signature can be used to keep tabs on your location – and switching Bluetooth off may not be enough to prevent this.

We know, this is a lot to take in. But when you’re  ready to take your online privacy to the next level. As a cloud provider with our clients’ best interests as a top priority, we can help.

Take your privacy back with cloud storage

It may not be practical to stop using a smartphone or delete Facebook, but you can take other steps to ensure that your private data – especially sensitive company information – is kept safe.

Secure cloud storage is the ideal solution for businesses of all sizes. Contact us today to learn more about him cloud services are cloud solutions.

Digital Passports | Mobile Apps

Digital Vaccine Passports – Are They a Blessing or a Security Risk?

Digital passports: are they the answer to opening up the country again or simply an unsecured backdoor left swinging in the wind? How would a digital vaccine passport affect, your business, and your personal life? These are the questions that need answering if we are ever to get back to ‘normal life’.

The new normal is fraught with restrictions regarding large gatherings of people, whether for entertainment, sporting events, or larger businesses. Covid has a lot to answer for having wrenched much of our hard-earned freedoms away from us.

With bans and restrictions on international travel affecting tourism and the economy, it’s no wonder the government and the World Health Organisation are looking for ways to remove the Covid shackles. But in order to grant us our freedom of movement, will this be at the cost of our digital security?

digital certificate vs. physical certificate

In South Africa and many other countries, paper-based vaccine certificates are the current form of proof of vaccination. However, the concern is that paper-based versions can easily be forged or tampered with, and even lost. In addition, there is no way to prove the EVDS (Electronic Vaccination Data System) number on the certificate is valid or genuine.

QR based digital certificates would remedy the situation allowing users to either print the QR code or download it onto their phone to present as proof of their vaccine status. This is an attempt by the WHO (World Health Organisation) to standardise vaccination proof globally. This initiative is thought to be a solution to possible fraud using security which meets international standards.

The downside, as we already know, is that QR codes come with their share of digital risks. If you aren’t aware of the risks, be sure to read our blog on the risks of QR codes here.

benefits of a digital passport

The WHO advocates the use of the digital passport which can be used for continued trace. The record will form part of an individual’s medical history and provide proof of vaccination status to places of study, employers, and at international borders.

A global digital passport –

  • Provides health workers with necessary information regarding subsequent doses or health services required.
  • Provides information regarding vaccine dose, vaccine type, and schedule of when the next dose is due.
  • Enables investigation into adverse vaccine effects and vaccine safety.
  • Allows for monitoring of vaccine status of individuals.
  • Proves vaccine status after a positive Covid-19 test and helps to understand vaccine effectiveness.
  • Provides proof of vaccine status for tertiary education, work, and travel.

when can we expect the digital passport?

Health minister Joe Phaahla announced that the government is looking at launching a digital Covid-19 vaccine certificate in the coming weeks. However, this is still very much a work in progress, and currently, no country offers this digital passport.

Once released, the digital passport would be available to all those who have their personal information stored on the EVDS system, including those vaccinated over the past months. The government plans to request that the passport is used to gain access to sporting events, large entertainment areas, and some businesses. However, public facilities and services will not be subjected to this requirement as the vaccine is not mandatory.

final thoughts

A digital passport could be the answer to all our freedom woes. However, as with any app or technology that uses your personal information, you should be aware there are always risks involved. All eyes are on world governments to see how they plan to roll out digital vaccine passports and what security measures will be in place.

Mobile Apps – a threat to our digital privacy

Some would say that mobile apps pose a serious threat to our digital privacy. And surely anything that represents a threat should be quickly and effectively eradicated, especially when it comes to our privacy?

However, the suggestion of a world without Apps is sure to raise more than a few gasps. These nifty bite-sized pieces of software are easily downloaded onto our smartphones at the tap of a finger and quicker than you could make a cup of tea. And more often than not, downloaded without stopping to consider if the app could be a threat to personal information.

Responsible App Development

App developers following a ‘privacy by design approach should be aware of the laws that now govern and demand that a users’ data be protected irrespective of where they live on the globe. The complexities of being compliant with data protection laws in multiple countries can cause many a headache for the app developer though. The real concern is that developers often lack the technical understanding or interest to review privacy terms, and don’t actually speak the same ‘legalese’.

However, headaches aside, the responsibility of protecting the end users’ privacy is down to the developer from the moment they start to create the App.

While most apps have embedded technology that allows for the sharing of data with third-party platforms, privacy laws don’t do a particularly thorough job of ensuring that third parties abide by the compliance rules. Often, third parties have terms and conditions that push the responsibility of considering the user’s privacy upfront and onto the shoulders of the App developer.

This leaves App users unprotected, with the App developer legally liable for any misuse of data as determined by the Protection of Personal Information Act and the GDPR. Furthermore, App developers will ordinarily decide why and how the App collects data.

These protection acts make the App developer, the ‘data controller’ and thus responsible for the data’s use where ever it may end up.

If this information leaves you feeling vulnerable, the truth is you are and need to be implementing steps to safeguard yourself.

How an App Developer Needs to Safeguard Themselves

One of the seven foundational principles of the ‘Privacy by Design Approach’ is ‘Visibility and Transparency.’ By following this principle, App developers should be putting best practices into action to ensure they don’t face unforeseen legal liability.

A privacy by design approach for developers should follow the following principles:

  • Monitor developer platforms for security and privacy
  • Notify users of any data transfers to third parties
  • Provide easy to use privacy controls
  • Ensure that all privacy policies and procedures are documented, communicated, and assigned

In addition, app developers should always check the contract and third-party code carefully, ensuring that they are not saddled with all the responsibility.

Concerned about your Digital Privacy?

A few simple behavioural changes will ensure that you maintain security on your digital devices. Here’s our quick takeaway on how to protect your information online.

  1. Secure your accounts by using a password manager to save your passwords and generate different, complex passwords for all your accounts. Once setup you will end up with new passwords for all of your accounts.
  2. Protect your web browsing with a browser extension to block ads and the data that they collect.
  3. Use antivirus software to protect yourself from viruses and malicious software which can wreak havoc to your business and personal information.

Lastly, be sure to do regular online cloud backups for off-site data protection. Get in touch with us today for your free 30 day trial.