Mobile phone security
Mobile phones are used by advocates all over the world, but they often store a great deal of information that should be kept private. In addition to contact lists, a mobile phone may contain call histories, calendars, text messages and emails.
Think about the information stored in your phone. Phones are so easily confiscated. You probably do not need to keep all of your contacts in your mobile, for example, if you are doing sensitive rights-focused work, and you should delete information from your phone and SIM card whenever you can. When organising events or mobilising networks it is a good idea to use anonymous, pre-paid SIM cards and to change handsets occasionally. Because SMS can easily be searched and filtered, you should avoid sensitive keywords when sending text messages.
As long as they are turned on, mobile phones can be used to track your location. If you are attending a sensitive gathering, turn off your phone and remove the batteries before setting out. Wait until you have returned before reinserting the batteries and turning your phones back on. Mobile phone providers have access to details about all calls: when and where and to whom they weremade. Providers may have a legal obligation to record or release these details if asked to do so by officials, and may keep such records for several years.
Identifying your security risks
Use the questions below to assess your security risks and help you decide what tools you can use to mitigate them.
Am I dealing with sensitive information?
It is important to know whether you are dealing with sensitive information that may lead others to want to watch what you are doing. Are you involved in activities that might be considered sensitive or disruptive by the government, police, army or a private company? If you are, you might be putting yourself or others at risk unless you implement some security measures.
Do I work with people whose identities and details must be kept private?
Perhaps you are collecting private information from people you support, such as information about domestic violence, forced labour or rape. If people provide you with information that could put them at risk, you must take steps to make sure it is kept private.
Do I sometimes communicate with people online who deal with sensitive information?
Even if you feel you have no security risks, if you are communicating online with people who do run these risks you can be targeted by people who oppose what they are doing. This is because people can use you to access the private information of others.
Do I view or post content to websites that might be considered sensitive?
Perhaps you contribute information to human rights websites, or post articles opposing groups you believe are not respecting human rights. Merely visiting sensitive sites on the internet can make you a target.
Questions to ask about your audience and stakeholders
- Are they in a region that has mobile phone coverage?
- Is your audience prepared to receive mobile communication from you? Or will they view it as an annoyance?
- When would they be willing to provide information? (For example, if you are proposing a project to monitor a public service like water or health, would your audience be prepared to send a text message reporting on the state of the service, or would they be put off by barriers like cost or fear of their report not being anonymous?)
- What is their demographic profile: What age are they, what languages do they speak? Are they literate?
- What information do they consider valuable?
Image: This photo is made available under a Creative Commons by-sa licence via OpenSourceWay on Flickr. https://secure.flickr.com/photos/opensourceway/5537457201/