The Electronic Frontier Foundation (EFF) is reporting that Apple, Inc., (AAPL) has filed a patent application for a “Systems and Methods for Identifying Unauthorized Users of an Electronic Device. ” The patent is for a device to investigate a user’s identity to decide if that user is “unauthorized.”
Information Apple plans to collect
The system can take a picture of the user’s face, “without a flash, any noise, or any indication that a picture is being taken to prevent the current user from knowing he is being photographed“;- The system can record the user’s voice, whether or not a phone call is even being made;
- The system can determine the user’s unique individual heartbeat “signature”;
- To decide if the device has been hacked, the device can watch for “a sudden increase in memory usage of the electronic device“;
- The user’s “Internet activity can be monitored or any communication packets that are served to the electronic device can be recorded“; and
- The device can take a photograph of the surrounding location to find where it is being used.
Who is the responsible party
The EFF believes that as a result of this new technology, Apple will know who you are, where you are, and what you are doing and saying, and even how fast your heart is beating. In some embodiments of Apple’s “invention,” this information “can be gathered every time the electronic device is turned on, unlocked, or used.” When an “unauthorized use” is detected, Apple can contact a “responsible party.” A “responsible party” may be the device’s owner or as the EFF points out the “responsible party may also be “proper authorities or the police.” Once an unauthorized user is identified, Apple could wipe the device and remotely store the user’s “sensitive data.” Apple’s patent application suggests it may use the technology not just to limit “unauthorized” uses of its phones but also to shut down a stolen phone.
However, the EFF says Apple’s new technology would do much more. The EFF believes that this patented device enables Apple to secretly collect, store, and potentially use sensitive biometric information about the user. This is dangerous in two ways according to the EFF:
- It is far more than what is needed just to protect you against a lost or stolen phone. It’s extremely privacy-invasive and it puts you at great risk if Apple’s data on you are compromised. But it’s not only the biometric data that are a concern.
- Apple does not explain what it will do with all of this collected information on its users, how long it will keep this information, how it will use this information, or if it will share this information with other third parties. We know based on long experience that if Apple collects this information, law enforcement will come for it, and may even order Apple to turn it on for reasons other than simply returning a lost phone to its owner.
- Apple’s technology includes various types of usage monitoring — also very privacy-invasive. This patented process could be used to retaliate against users who jailbreak or tinker with their device in ways that Apple views as “unauthorized” even if it is perfectly legal under copyright law.
rb-
The EFF says this is a new business opportunity: spyware and what they are calling “traitorware.” The patent would allow Apple to find and punish users who tinker with their devices. The EFF says it’s not just spyware, it’s “traitorware,” since it is designed to allow Apple to retaliate against customers who do something Apple doesn’t like.
This patent is downright creepy and invasive — certainly far more than would be needed to respond to the possible loss of a phone. Spyware, and its new cousin traitorware, will hurt customers and companies alike — Apple should shelve this idea before it backfires on both it and its customers.
Related articles
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
