Skip to main content
Surveillance
Self-Defense

Mobile Phones: Other Surveillance Techniques

This page was translated from English. The English version may be more up-to-date.

Malware anchor link

Phones can get viruses and other kinds of malware (malicious software), either because the user was tricked into installing malicious software, or because someone was able to hack into the device using a security flaw in the existing device software. As with other kinds of computing devices, the malicious software can then spy on the device's user.

For example, malicious software on a mobile phone could read private data on the device (like stored text messages or photos). Malware can normally accomplish this by exploiting a security flaw, such as an outdated phone operating system. It could also activate the device's sensors (such as microphone, camera, GPS) to find where the phone is or to monitor the environment. Some malware is capable of turning the phone into a remote listening or surveillance device by covertly turning on the camera or microphone. Malware can also be used to read the contents of encrypted messaging services such as Signal or Whatsapp when such messages are unencrypted on the phone for reading or writing.

Governments themselves often forbid people, even government employees, from bringing personal cell phones into certain sensitive facilities—mainly based on the concern that the phones could be infected with software to make them record conversations.

We’ve seen a variety of malware targeted at mobile phones over the years. For example, hackers targeted Jeff Bezos with a malicious video file in a WhatsApp message which gave them access to large amounts of data on the phone. A journalist for The New York Times was targeted with a hyperlink attempting to install Pegasus spyware, as were activists and members of European Parliament. Journalists, political opposition figures, and an NGO worker were targeted with a zero-click exploit that used an invisible iCloud calendar invitation to install spyware. And EFF is representing a Saudi human rights activist whose phone was allegedly hacked by contractors for the UAE to secretly track her communications and whereabouts. 

What you can do: It’s difficult to mitigate all malware all the time, but both Android and Apple have some approaches to slow down malware. On iPhone, Lockdown Mode can prevent certain types of malware from getting installed.

Google offers a different type of approach, called Advanced Protection Program, which adds certain types of safeguards to your Google account as a whole and isn’t restricted to just Android.

Pros and Cons of Turning Your Phone Off anchor link

There's a widespread concern that phones infected with malware can be used to monitor people by turning on microphones even when the phone isn’t actively being used to make a call. As a result, people having a sensitive conversation are sometimes told to turn their phones off entirely, or even to remove the batteries from their phones.

The recommendation to remove the battery seems to come from the idea that there’s malware that makes the phone appear to turn off upon request (showing only a blank screen), while really remaining powered on and able to monitor conversations or invisibly place or receive a call. Thus, the malware tricks you into thinking you successfully turned off your phone when you actually didn’t. Such malware does exist, at least for some devices, though we have little information about how well it works or how widely it has been used. In any case, the recommendation to remove the battery isn’t terribly useful these days, as few smartphones make that possible.

A better method of blocking signals is using Faraday cages or (much cheaper) Faraday bags. These block signals from reaching the phone while in the bag, even if the device is compromised. These signals include 2G, 3G, 4G, 5G, Bluetooth, Wi-Fi, and GPS.

Burner Phones anchor link

Phones that are used temporarily and then discarded are often referred to as “burner phones” or “burners.” People who are trying to avoid government surveillance sometimes try to change phones (and phone numbers) frequently to make it more difficult to recognize their communications. To do so, they need to use prepaid phones (not associated with a personal credit card or bank account) and ensure that the phones and SIM cards were not registered with their identity. In some countries these steps are straightforward, while in others there may be legal or practical obstacles to obtaining anonymous mobile phone service.

There are a number of limitations to this technique around how SIM cards are purchased and used, alongside other tracking techniques where law enforcement could figure out who you are.

SIM Cards anchor link

Swapping SIM cards or moving a SIM card from one device to another offers minimal protection. In both cases, the mobile network observes both the SIM card and device together. In other words, the network operator knows the history of which SIM cards have been used in which devices, and can track either individually or both together. The same remains true for eSIMs (embedded SIM), which even though the process is done digitally, still work effectively the same as a physical SIM card in regards to tracking.

But even with different SIMs, governments have been developing mobile location analysis techniques where location tracking can be used to generate leads or hypotheses about whether multiple devices actually belong to the same person. There are many ways this can be done. For example, an analyst could check whether two devices tended to move together, or whether, even if they were in use at different times, they tended to be carried in the same physical locations.

Tracking Patterns and Burner Phones anchor link

A further problem for the successful anonymous use of telephone services is that people's calling patterns tend to be extremely distinctive. For example, you might habitually call your family members and your work colleagues. Even though each of these people receive calls from a wide range of people, you're likely the only person in the world who commonly calls both of them from the same number. So, even if you suddenly changed your number, if you then resumed the same patterns in the calls you made or received, it’s straightforward to determine which new number was yours. Remember that this inference isn't made based only on the fact that you called one particular number, but rather on the uniqueness of the combination of all the numbers that you called. 

This isn’t theoretical, we’ve seen examples of this exact sort of inference with the U.S. government’s PROTON system and in the Hemisphere Project. This has continued in a program called Data Analytical Services (DAS), which uses a technique called chain analysis to track who individuals have been in contact with.

Putting all these details togethers means that effective use of burner phones to hide from government surveillance requires, at a minimum: 

  • Not reusing either SIM cards or devices 
  • Not carrying different devices together
  • Not creating a physical association between the places where different devices are used
  • Not using the burner phone as a long term solution
  • Not calling or being called by the same people when using different devices. 

This likely isn’t even a complete list, and it already shows how difficult this is to do correctly. There are other means to find out who a phone belongs to, ranging from physical surveillance of where the phone was sold to using software to recognize a person’s voice.

Phone Analysis and Seized Phones anchor link

There is a well-developed specialty of forensic analysis of mobile devices. An expert analyst will connect a seized device to a special machine, which reads out data stored inside the device, including records of previous activity, phone calls, pictures, WhatsApp messages, location history, app data, and text messages. The forensic analysis may be able to recover records that the user couldn't normally see or access, such as deleted text messages, which can be undeleted. Forensic analysis can sometimes bypass passcode-protected screenlocks, especially on older phones.

Police generally need physical access to your device to use forensic tools. The first step is to unlock it. Security features in our mobile devices can help thwart such police intrusion, such as an iOS device’s Secure Enclave. But these protections have sometimes been defeated by forensic devices. 

Forensic tools can collect a wide swath of information from your devices. This may include photo album pictures and videos, text files, contacts, private and group conversations (even from encrypted messaging apps such as Signal and WhatsApp), any stored location data, events in your calendar, browsing history, and your digital wallets and payment methods.

There are many smartphone apps and software features that try to inhibit or prevent forensic analysis of certain data and records, or to encrypt data to make it unreadable to an analyst. In addition, there is remote wipe software, which allows the phone owner or someone designated by the owner to tell the phone to erase certain data on request. However, not all wiping mechanisms are the same and can be potentially prevented, especially if the designated party needs remote access to the phone in order to wipe it.

Remote wiping software can be useful to protect against data being obtained if your phone is lost or taken by criminals. However, in the case of seizure by law enforcement, the intentional destruction of evidence or obstruction of an investigation can be charged as a separate crime, often with very serious consequences. In some cases, this can be easier for the government to prove and allow for more substantial punishments than the alleged crime originally being investigated.