I asked a police officer if I could hold his wallet. He obviously said no.
I told the officer that if he let me hold it, I would not glance at his license or look at how much money he had. I’d just hold it.
You are likely wondering what would transpire to get me to ask an officer if I could hold his wallet. While this might sound like a crazy situation, my question to the officer was to help illustrate that a point he had made earlier in a presentation was flawed. Specifically, it was to help illustrate that if you download applications and visit websites, then you are likely in a similar position of being asked to hand over something important to someone asking you to trust them. Unlike the officer, if you are like most people, then you will probably not say “no” when asked if you are okay with handing over personal stuff.
The officer had just done a fantastic presentation on his role with internet safety in the local school system. He had presented information to help parents understand more about cyber bullying, internet safety, and several other student issues in a digital age. It was one comment relevant to the latest fad, Pokemon Go, that caused me to ask for his wallet, and then to write this blog.
Accessing Web Sites and Using Mobile Apps
When you use a website or when you download and use an application, you are generally are agreeing to a license or term of service (ToS) for that site or application. Many sites and nearly ever application will have you confirm that you agree to their ToS by having you click a small checkbox that often simply says you agree. If you download an app from one of the app stores, you will often get a screen that says that the app wants access to some services on your machine or phone. Chances are, you simply click the box or button and continue. This action is generally required to use the software; otherwise, if you don’t agree, then most installation ends or the page doesn’t load.
Have you ever actually read or paid attention to what you agreed to? If you have kids that are allowed to install applications, do you know what they have agreed to when an application is installed?
The Danger of Phone Apps
Many mobile applications require you to agree to give access to features on your phones. These features could be access to your contacts, to your phone, to your files, or more. Pokemon Go has gone supersonic in popularity. One of the areas where Pokemon received a lot of attention was that it requested access to features and information that didn’t seem to be necessary for playing the game. This included access to contacts, files on your mobile device and even to your calls.
Chances are, if you installed the Pokemon Go app, you clicked the button and blew past the screen asking for permission to access all of this information. The following picture shows you want Pokemon Go asks for today.
You should consider what permission you gave when you installed the application.
If you were asked for contacts, then that is access to people listed on your phone. The app might choose to contact those people. If you said okay to location, then the application can keep track of where you are, where you go, and when it was you did this. If you said okay to access to your files, then you likely gave access to everything that is on your device since everything is stored in files. if you gave access to your “phone and calls,” then you are basically agreeing to allow your calls to be monitored.
When Pokemon Go first released, contacts, files, phones and calls were included in the permissions granted by users that installed the app through the Google App Store. When Google was asked if the data on a person’s phone was going to be accessed, the reported response was that the information such as contacts and email were not being accessed. Just like I said I wouldn’t look at the officers wallet, Google said the data on a person’s phone wouldn’t be looked at.
Regardless of what a company says, if they are asking you permission and you grant it, then you have granted them access. They can say they have not accessed the information, but you gave them permission, so they could access it at any time. You removed your ability to complain when you agreed it was okay.
This is not only apps
The idea of giving away information or of giving away your rights is not limited to mobile applications. This also applies to websites. There are two common areas where people tend to misunderstand or ignore what permissions or access they’ve given away. These are in:
- Creating accounts
- “I Accept” check boxes for Terms of Service (ToS)
Do I own accounts I create on the web?
When creating an account on a site, whether it is on a service like an online email provider, a localized forum, or a social media site, you should be aware of who owns the account. Most people assume the account is theirs. They also assume it is private. Depending on the terms of service, all of these assumptions could be wrong. For example, there are some email services that can monitor your activity and then use that information to market to you.
When you create an account on the internet, it is important to realize that you are creating that account on a machine. This is a machine owned by someone else, and often owned by a company. As such, it is their machine, so they have any access to what is there that they want. This can include anything you happen to put into your account.
Accepting Terms of Service
Relevant to an account you might create is a site or apps Terms of Service (ToS). A site’s ToS is a list of rules that you agree to by either agreeing to a request, or simply by accessing a site. On many cases, you are asked to check a box saying you agree to the terms. If you say no, you are often bounced off as site. As a result, many people simply check the box and continue.
Reading the terms of service is wise. Most will state what the site or company plans to do with the information you provide. The information you provide might not be obvious. It can be as simple as your IP address along with browser information, such as your location, the machine you are using, and other sites you have possibly visited. If you create an account, that ToS will also define the privacy they are willing to provide.
The ToS might have other statements in it as well. The following is from a popular home services site:
“You agree to promptly pay <site> One Thousand Dollars ($1,000) for each item of Content posted in violation of this Agreement.”
Per this clause, if you use this site, you are exposed to being fined for thousands of dollars. This is not as unusual as you might think, but you’d only know that if you read what you are agreeing to.
Conclusion
You need to be aware of what you and your kids are agreeing to when you click on buttons or use a site. In many cases, the information you give away could be equated to handing your wallet to a stranger. This is true of all applications and all sites. You should always try to be aware of what you are agreeing to in the digital world. Not everyone is as trustworthy as your local police officers.