Language selection

OPC Logo Office of the Privacy Commissioner of Canada

Search

How your handheld handles your data

This page has been archived on the Web

Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

Archived

This page has been archived on the Web.

E.M. Stark, Guest blogger, November 5, 2008 - Identity theft and fraud

The popularity of mobile computing is skyrocketing – from teenagers to business travelers, hand held devices such as Blackberrys, iPhones and smart phones allow users to surf their favourite sites, manage their relationships within a social network, review work documents or download music.

Using traditional privacy protections such as passwords on your handheld device is a step in the right direction, but there are a number of other privacy concerns that are worth considering.

According to a CTV news report, personal information is turning up in refurbished handheld devices being purchased by Canadian consumers.

Reselling refurbished devices, whether by a large company or an individual on EBay, is a common practice. Many people also donate or recycle their unwanted electronic equipment, but never really know where those old handhelds may end up.

Sensitive files stored on handhelds can provide a wealth of personal information or valuable company data.

Despite their widespread use, the full privacy implications of losing a device are still largely unknown. A lost or stolen handheld can expose personal data to unintended parties, and this could be used for illicit or simply mischievous purposes.

As well, some devices appear to be susceptible to unauthorized access – whether through the carrier’s network, the phone’s built-in WiFi capabilities or with the intervention of a nearby Bluetooth device.

So how can we protect privacy while using mobile devices?

  • First off, always use the built-in password protection. Use a strong password, with a combination of lower case and capital letters as well as numbers.
  • Remove sensitive files from handhelds once you are finished using them.
  • If you have to keep sensitive files on a mobile device, encrypt the file, install a correctly configured firewall and/or password protect the file.
  • If your device is Bluetooth enabled and you do not use it, disable the feature.
  • When you upgrade your device, take the time to wipe it of personal information. A quick search will provide resources that will show how to clean a device such as a Blackberry or an iPhone. Installing anti-theft software on a device can allow a user to erase personal data remotely and even render the device unusable if it is ever lost or stolen.

There’s a further risk involved in mobile computing, a risk that we are in the process of evaluating: the privacy protections found (or absent) in the third party applications (apps) now common on handheld devices.

By their very design, apps installed on or downloaded to mobile devices may put personal data at risk.

It appears that apps are being built by a range of developers – from students to multi-national companies. As you would expect, these developers can have very different standards when it comes to accessing and protecting your personal information.

  • Before installing an app, check out the developer. You may need to make a personal judgment about whether you trust them with access to your device and your information.
  • Check your favourite apps for safeguards like password protection.
  • When you change your password on a non-mobile application (the web site), make sure the app reflects that change.
  • Make it a habit to log out of apps on a regular basis.

Mobile computing offers the opportunity to carry more of your life around in your pocket. Taking a bit of time to secure your device and personal information can help safeguard your privacy.

Date modified: