The capability of repressive governments to monitor users of mobile phones and block access to internet content is far beyond levels realised by users and presents significant risks for user privacy and safety, according to a new report released on 30 July 2012 by Freedom House and the Broadcasting Board of Governors (BBG).
This is a serious problem in countries that lack the rule of law and where civil liberties are not respected.
The report, entitled ‘Safety on the line: Exposing the myth of mobile communications security’, evaluates the ability of mobile phone services to protect security and privacy and to circumvent censorship in 12 countries: Azerbaijan, Belarus, China, Egypt, Iran, Libya, Oman, Saudi Arabia, Syria, Tunisia, Uzbekistan and Vietnam.
The assessment covered a range of mobile technologies, including operating systems, applications and mobile protocols. Findings showed that, across the spectrum, these technologies fail to protect users and are highly vulnerable to misuse by autocratic regimes.
“Mobile phones have become integral to daily communication around the world and most of us use this technology with some expectation of privacy,” said Daniel Calingaert, executivevice president at Freedom House.
“However, governments are fully capable, particularly when laws and other protection mechanisms are not in place, of using these devices to track and monitor users for nefarious purposes. This is a cause for deep concern, and it must become part of the dialogue about how these technologies are developed now, and in the future.”
Among the report’s key findings:
- High mobile penetration rates in the studied countries — often above 100 per cent — indicate that mobile networks are the communications method of choice, making these platforms a priority target for monitoring by repressive regimes.
- Mobile phone users are vulnerable to highly intrusive surveillance, including the remote activation of cameras and microphones and the tracking of users’ movements through global positioning systems (GPS).
- The default settings of mobile operating systems provide inadequate security, and in repressive environments, adding security options is problematic.
- Virtual private networks (VPN) are designed to facilitate corporate use but do not adequately protect individuals attempting to avoid surveillance.
Because mobile security is threatened at multiple levels — of mobile networks, operating systems, applications, handsets, and users — it is nearly impossible for any single actor in isolation to change the situation, according to the findings.
The report recommends improved awareness of mobile security threats among users in repressive environments and development of mobile phone handsets, operating systems, and applications that better protect user privacy in countries where human rights violations are common.
“Every stakeholder in the process plays a role in the vulnerability of mobile technology to misuse, from the developers of the devices themselves to those who create the associated applications,” said Cormac Callanan, one of the report’s authors.
“There is a real and immediate need for more cooperation and joint action between all stakeholders to improve safety and privacy for mobile users.”
Read the full report here.