Protecting your online privacy on a smartphone

Smartphones present a whole new arena of privacy concerns to anyone looking to protect their anonymity online. If you’re a very privacy conscious individual then you’ve probably already opted to avoid using an internet-enabled phone all together. But, for the rest of us, there are a few simple things you can do to help protect your personal data and strike the right balance between privacy and functionality.

Web browsing

If you browsing the internet on your phone over your home WiFi connection then you’re subject to almost all the same online privacy issues as you would be on a desktop PC, such as ISP data retention policies and IP tracking. Luckily there’sĀ  a number of VPN services that can protect your IP address while browsing on your smartphone, including IVPN.

App permissions

If you’re an Android user then you’ll already know about app permissions, which you’re asked to approve every time you download an app on Google Play. App permissions are a tricky area, because even those that look alarming often have benign applications in reality. The main permissions you need to be careful about are ‘Full internet access’, ‘Services that cost you money’, ‘Modify/delete SD card contents’, ‘Your Personal information’, ‘You location’ and ‘Retrieve running applications’.

Again, plenty of completely legit apps require these permissions. But you need to use your common sense. For instance, a file manager app like Astro will need to ‘Retrieve running applications’, but if a collection of wallpapers, or a videogame, wants to access that information then its probably up to something fishy.

Downloading apps outside official store

One of the appeals of Android is the ability to download apps outside of Google Play. However, millions of people use the opportunity to download pirated versions of apps and games. This is a common way that trojan viruses get onto smartphones, so exercise caution. TechnoBuffalo also has some pretty good tips on stopping Android viruses.

EXIF data

Many smartphones will attach EXIF data tags to images taken with the phone’s camera. EXIF data includes info on all sorts of different things, but it has attracted controversy for including geo-specific data. This data can be gleaned from either the GPS, WiFi connection or even triangulation (via mobile phone masts) ā€“ it really depends on your phone. Turning off your GPS and WiFi is one option, but this won’t stop data collected from triangulation. You can view EXIF data from your pictures by simply right clicking on a photo in Windows and checking the properties. You can also remove EXIF data either by deleting it within Windows or using a tool such as QuickFix.

WiFi and Bluetooth

Although it’s pretty unlikely to happen, leaving your Bluetooth and WiFi on while out in public, or on public connections, does leave yourself open to malicious attacks. So make sure you turn off Bluetooth and WiFi connections when not using them ā€“ this will significantly save on your battery life too!

Address book sharing

A number of social apps such as Facebook, Foursquare, Path and Instagram came under heavy fire earlier in the year for uploading user address books to their servers, ostensibly to help you add contacts to your network. The issue got so heated that two members of the US congress wrote to Apple to complain. Most apps, including Facebook and Path, now ask your permission before they access your contacts and Apple has pledged to stop this practice occurring without a user’s permission. But who knows what other information is being shared and what the situation is on less-regulated platforms such as Android. If you’re really concerned about privacy it’s best to avoid using social networking apps altogether.

Comments icon
We invite you to discuss this post in our Reddit community or on Twitter. You can also send your feedback to
Tags: Privacy

Most people don't need a commercial VPN to work from home securely

Posted on April 7, 2020 by Nick Pestell

Many small businesses and their employees are concerned about the security of their data whilst working from home during the coronavirus pandemic. We see a lot of confusion surrounding this topic, even from fairly technical folk and there is unfortunately a lot of misinformation being spread by commercial VPN providers themselves.

You can't always get what you want: the eternal conflict between lawful access and privacy

Posted on April 19, 2018 by mirimir

In late March, the US Clarifying Lawful Overseas Use of Data Act (CLOUD Act) took effect. And predictably, the US Supreme Court just dismissed United States v. Microsoft Corp. In that case, Microsoft was fighting a subpoena for data stored in an Irish data center.

Protect yourself today and get peace of mind

Shut out hackers, identity thieves and the global government surveillance apparatus ā€” every time you go online.