Check email, hunt for a restaurant, alert your boss about a traffic delay and even monitor the polling trends of your favorite political candidate – all simple functions for today’s high-technology smartphones.
But did you know that your trusty tool could make a donation to a political campaign without your knowledge, give someone else your bank account number and password, or even be used in an orchestrated attack on election systems that could disrupt democracy itself?
That’s according to a new report from the Electronic Privacy Information Center.
The assessment, by Lillie Coney, C. Aaron Cois and Beth Rosenberg, urges consumers to exert an extra level of diligence in checking what their digital doo-dad is doing, can do and should be doing.
“Set smartphone locking features,” the recommendations include. “Check the reputation of any app before installing. … Do not click through the installation of apps. Read each decision you are asked to make – some of them may be seeking access to other data hosted on the phone.”
“Beware of the conditions for making text contributions to campaigns.”
The report was assembled because voters of the 21st century “are experiencing a revolution in political engagement through innovations in communication technology.” But the revolution, the report said, “has the potential to deceive and exploit voters.”
While the Federal Election Commission has rules for some political messaging, “There are grey areas regarding smartphones and federal campaign regulations because the types of political messages are not limited to voice, but can include text, apps, video and/or links to online content.”
The influence of the medium is undeniable. In the first quarter of 2012, consumers spent $64.4 billion on landline-telephone services. But they spent $109.9 billion on mobile phone services.
Nearly half of American adults already use smartphones, including units running Apple’s iOS system, the Android system and Blackberries. There are nearly 92 million smartphones in use in the U.S.
While the technology provides access to information, it also can give access to “bad actors, who could use the Internet in general and smartphones in particular to disrupt or skew the 2012 election at all levels,” the report said.
“Smartphones are … intimately associated with their owners and can reveal a great deal about their owners as a result. Researchers who collect cellphone data claim that they can discern ‘hidden patterns’ of social life at home, work, or play that reveal details of life such as travels, risk of disease – even our political views,” the report said.
Applications can “phish,” or present information or ads that are fake but appear to be real, take smartphone users to fake websites, and capture keystrokes or log email.
One of the dangers, the report said, is “auto-dial donation sites that use smartphone auto-dialing features to send funds without user permission or knowledge.”
“Smartphone political apps may prove to be serious challenges to voter privacy,” the report continued. “Some political apps combine the collection of near-real-time location information with access to a voter database. The election season is well under way and emotions are running high on and off the campaign trail. Supporters may not mind their candidate or party’s campaign knowing all about them, but they may not want others to know their political preferences.”
In the 2012 era of digital persuasion, the report said, “Buying gasoline, for example, may prompt the delivery of a political advertisement about the high cost of fuel. If a user went to a major league game or stock car race, visited the local library or participated in a political rally with her smartphone in hand – her location may be in her voter profile.”
Barack Obama’s campaign already uses a campaign app to identify registered Democrats by first name, last initial and age. The Mitt Romney campaign used an app to announce his choice of runningmate.
Further, the government is getting in the act. The report said the FEC has begun to approve a series of programs designed to solicit contributions and engage voters via smartphone.
In June, the agency decided to allow donors to make donations of up to $50 per cell phone number per month, and one of the programs facilitates anonymous donations.
But the report warns that all of the ordinary dangers of the Internet — spoofing, phishing, pharming, email worms and viruses and malware — are looming over the political use of such technology.
For example, the Internet Corporation for Assigned Names and Numbers recently decided to allow non-Latin characters in Web addresses. That means someone could set up a barackobama.com address and replace the Latin “M” with its Cyrillic counterpart, which would look the same.
But it would lead to an entirely different page.
Fake emails easily could offer help locating polling sites and send voters to the wrong location. The digital media can “plant stories that sweep through blogs, on Twitter and Facebook and thus into the mainstream media, causing confusion amongst the electorate. For example, rumors that the election has been canceled or delayed by a week due to an emergency might keep voters from the polls.”
“Attacks may be quite specific. Smartphone-based attacks may use software that activates on a significant pre-programmed date and/or time of day. Upon an update, an application may only activate on the morning of Election Day. Visiting certain politically oriented websites or downloading campaign apps, audio, or graphics files may be enough to identify users’ political affiliation and attack only those smartphones which have visited or downloaded content about an opposition candidate,” the report warned.
“Malicious computer software may be used to launch deceptive campaign attacks that cause serious problems on affect smartphones by disabling or manipulating key applications.”
Education is the defense, the report said.
It suggests consumers know the rules for voting in their state and monitor their digital connections to the world closely.
“Check the settings and selections for all existing apps on your smartphone,” and “maintain good ‘hygiene’ against botnets by ensuring that you have all of the most recent patches and updatesa.”
Another novel idea: “If you have broadband access and are not using your personal computer on Election Day, turn it off. Remember that botnets are not limited to the United States, but can be global. However, botnets cannot use a computer that is turned off.
“The future of campaign and politic communication is on mobile devices,” the report said. “Regardless of the technology used to facilitate U.S. elections, individuals and groups need to protect themselves against online threats to personal autonomy and political freedom.”