Totok, an app billed as an easy way to send messages and call people, was recently taken off the App store. The reason? Totok was recently outed by American intelligence officials as a spying tool used by the United Arab Emirates to spy on whoever downloaded the app, by tracking their conversations and movements. The app is hardly the only one on the market, however – the Privacy Project, a project by Stuart Thompson and Charlie Warzel of the New York Times, recently acquired a data file tracking a large number of smartphone users’ locations. With that in mind, exactly how safe is our data?

We must first determine how our data is being used. In a nutshell, our daily lives are open to scrutiny through our online purchases as well as the content we read. Our content preferences are tracked by companies with vested interests in selling us their products, and our political leanings can be similarly hoovered up by governments releasing targeted advertisements in order to sway us. This technology is not new. The Patriot Act gives the US government an excuse to spy on its citizens in the wake of the 9/11 attacks. However, the difference now is that the influx of apps with these surveillance software tacked onto it result in consumers giving up their data willingly. Where governments previously had to invest in spyware to forcibly collect data, people are now giving up their data willingly, albeit unknowingly.

What does this have to do with the average person? For starters, there may not be any legal recourse for those looking for remedies from the courts. A lot of these apps bury exclusion clauses deep in their terms and conditions, which are agreed upon when users first boot up the app. Agreeing to these terms and conditions effectively absolves companies of any legal liabilities should they get caught handling data inappropriately. Secondly, true “anonymity” cannot be reliably guaranteed, despite this feature being a tagline of many apps that require data tracking. In the Privacy Project, the anonymity of the people whose data were being tracked did not stop the Times team from piecing their identities together through context clues. For example, a schoolteacher’s identity was guessed as there was only one person who travelled to and from a highschool at a given time. The fact that intimate details such as where one is going at any given time are being tracked through one’s phone is a disturbing thought.

National security is also, unsurprisingly, put at risk when consumers do not pay attention as to what details they are broadcasting. For starters, the US army has banned TikTok, a video app popular amongst youths today, under fears that its parent company, a Chinese company called Bytedance, would release sensitive data about army bases and movement details to foreign powers. Smart watches have also inadvertently sent out data about military base layouts when their users take the watches on runs, which allows the data collected to map the layout of the base.

Clearly, the danger to unforeseen data collection is both immediate and far reaching. How can we hold governments to regulate such technologies when even the government has a vested interest in collecting information on our political preferences and daily movements? The Times has a handy article on how to reduce the data one sends out unknowingly. Ultimately, it is hard to limit how much data we release to companies on a daily basis. Only through a change in mindset where security is prioritised over convenience will we be able to regain some semblance of privacy.

By Ronald Poh

How dangerous is non-consensual data collection? How some companies are misappropriating our data.