Washington, DC, December 7, 2021 --  

Fears of spying over mobile phone cameras are overblown. Far bigger privacy risks lurk elsewhere.

When Qualcomm announced an "always on" camera for its new Snapdragon mobile processor¹, the privacy-minded freaked out. The company tried to calm things down with facts. The camera processor will not record anything in its idle state -- it will simply look for general patterns like faces or QR codes,to alert the system that it might want to activate the camera, if allowed.

They're Not Watching You © 2021 David G. Young

So why all the fuss?

Hollywood movies have taught us that laptops and mobile phones are vectors for espionage. Hackers in movies take over a laptop, then stream the camera and microphone to HQ where a giant screen shows dramatic action.

A much more boring version of this might happen if you are a mafia type, terrorist, or political dissident in China or Russia. But it isn't likely. Think about it: There are 7.1 billion mobile phones in the world. All the secret police and intelligence agents in the world would be unable to monitor a fraction of that video. They must focus on the small number of people they care about. And those people almost certainly do not include you.

Here's the hard truth: you are just not that interesting. Nobody wants to see your expressions change as you look at silly videos on TikTok, play Candy Crush, or look at smutty pictures on Pornhub. Having to watch your cell phone camera would be the most boring job in the world. The camera is almost always looking at the lint inside your pocket or purse or staring up at the ceilings it rests on a table. When you pick up the phone, it is almost always pointing at your face. Well guess what Sherlock? If somebody has managed to hack in to your cell phone to get a camera feed, chances are they already know what your face looks like. The most exciting thing they might monitor is the growth of a big zit on the tip of your nose.

Yes, it is theoretically possible somebody could watch you take a sexy selfie. But in all likelihood, you just aren't all that. Few people care what you look like clothed, let alone naked. Even if you are good-looking enough to warrant a second glance, there are probably many millions of people who are better-looking. Why would anyone with super hacker powers choose to target you?

The privacy implications of an always-on cell phone camera are practically nil because it is difficult to monitor and offers little value. A much bigger threat to privacy comes from other cameras -- the countless security cameras deployed around the world. China's communist regime has delayed facial recognition software for mass surveillance that tracks people around the country. It knows where people go, everyone they meet, and what times these events happen. This info is collected in an automated way and stored in enormous databases without human monitoring of the video streams.

Big corporations pose different threats -- particularly with he emails and text messages that you send. Google's ability to read everything in your gmail gives the company a stunning amount of information about you. Your cell carrier's ability to read SMS messages gives it similar insight. While these comapnies may pledge to respect your privacy -- at least today -- that can change with the next corporate reorg, or the arrival of government thugs carrying a warrant or a briefcase full or bribe money.

Unfortunately, people focus on small risks that feel personal rather than more serious privacy threats Spying on our mobile phone cameras, listening to our Alexa speakers, and tracking purchases with grocery store cards are all things that feel personal. The disconnect between feelings and risks is dangerous, because it focusses precautions on things that don't matter instead of things that do.

Qualcomm's always-on camera highlights another example of this disconnect. Thais camera is partly intended to optimize a face lock capability like on the iPhone. Such biometric locks are themselves a huge risk to privacy. Anyone detaining you can hold your phone to your face or force your hand to the fingerprint reader. In the United States, courts have repeatedly ruled that suspects can be made to unlock their devices with biometrics to allow a search by law enforcement².

Next time you go though customs at the airport, remember that you are just one dirty look away form having your phone or laptop undergo a forensic scan. If you use a fingerprint reader or a face lock, make sure the tax records on your device are squeaky clean. And make sure that any online records where you have enabled auto-login from your device are squeaky clean, too.

If you really care about privacy, stop the hand-wringing about spying over that camera. Focus instead on how that same camera might unlock the most sensitive records you own.

Related Web Columns:

Liberty Isn't Privacy, June 25, 2013

Mr. Hu, Tear Down This Firewall, January 26, 2010

Good Corp, Bad Cop?, December 25, 2007

Trolling Though Your Life
The Betrayal of Telecom Customers, May 16, 2006

Notes:

Android Police, I’d Rather Have Qualcomm’s Always-On Camera Than Not, December 1, 2021

ITPro, Judge Forces Capitol Rioter to Unlock Laptop Using Facial Recognition, July 22, 2021