When people think of VPNs, the first thing that comes to mind is often personal and work computers and the ability to stream movies. However, we are spending an increasing amount of time using the internet on our phones rather than on a computer. The fact is, you face the same privacy risks on your phone as you do on your desktop, whether you’re checking social media or online shopping.
Because apps, not browsers, are the mainstay of mobile internet usage, it’s easy to forget that your data is still vulnerable to surveillance by internet service providers, companies that profit off your data, and potentially the US government.
As a company dedicated to protecting your right to privacy, we hope to build awareness about the ways your data can be collected and what you can do to prevent it. In this article, we cover the types of information that can be pulled from your phone usage, how that information is collected in the US, and how a VPN can protect your privacy.
Increasing screen time
Americans are spending increasing amounts of time using their phones at home and in public. In 2020, the average phone user spent 4.3 hours of their day on their phones. That’s a quarter of our waking lives on average, and it went up by a full hour from the 3.25 hours spent a day in 2019.
As we use smartphones more often, we also store more of our data there: our conversations, entertainment, life schedules, private accounts, and financial information. But privacy often takes a back seat. Once data is allowed to be collected, we lose control over it.
Tracking and surveillance
A wide range of data can be collected or exposed on your phone when you use relatively mundane functions, like GPS for navigation or social media to post an image. This means that outside parties can collect information such as your location, demographics, or account information that you might not want to be accessed.
At some point, an app has probably asked for your permission to track your location, typically stating that it will only be used to enhance your experience with the app. However, sometimes hidden within lengthy privacy policies they reveal that your location data is actually being sold to third parties, with accuracy down to a meter. In 2018, The New York Times found that at least 75 companies were selling location data to marketers and advertisers without being upfront about it. Tracking the location data of users in this way is an invasion of privacy that allows companies to profit off of you without making you fully aware of how your location is being used.
Companies like Google and Facebook make money by collecting your data and building comprehensive profiles of who you are. Your age, occupation, family, interests, habits, and other attributes are monitored and made available to advertisers to influence you.
Many kinds of apps thrive on this kind of data:
- Social media sites such as Facebook track activity on your phone even outside of the app. Because massive data breaches are not uncommon, this also means your data can be leaked.
- Fitness apps, including those used with smartwatches, track your real-time location, and health monitoring apps store your private medical information.
- Dating apps, such as Tinder or Grindr, leak everything from location data to sensitive health information.
Just as your social media information and location can be tracked, so too can your browsing history. ISPs are able to track and sell your browsing history for every website you visit on your phone, and organizations use this data to influence specific demographics. They are also required to reveal this information to law enforcement agencies if presented with a subpoena. These particular practices make your browsing profile liable for use without your knowledge.
The risks described above are especially present when using any public WiFi. Even the WiFi at restaurants and shopping centers can be used to collect and abuse your data. Administrators of public WiFi in places such as airports and hotels can collect data in order to curate specific ads. Just because public WiFi is free does not mean no one is profiting off of it.
Data collection in the US
Since Edward Snowden revealed the extent of NSA data collection in 2013, more people have become aware that the US government can secretly monitor their online activities. An entire technical and legal apparatus has been established for this purpose.
The FISA court, created by the Foreign Intelligence Surveillance Act of 1978, is a secret court that has been allowing government surveillance since long before the days of Snowden. This court oversees the approval of government requests for surveillance on citizens in operations such as wiretapping and data collection. This court is largely seen as a rubber stamp committee: From its inception until 2014, it approved over 98% of requests without modification.
In 2015, Congress passed the Freedom Act, preventing the NSA from bulk collection of data on private citizens. However, this does not prevent them from using the courts to obtain data collected by companies like Google and Facebook whenever they deem it a matter of national security. This, too, has faced little resistance, with 74% of requests to Facebook by the government going through.
Even beyond this, the FBI can issue National Security Letters (NSLs) to secretly subpoena organizations to turn over user data without any court approval. According to our research on these statistics, the trend of governments using companies to collect data on their citizens is only growing.
Securing your phone with a VPN
Given the large amount of time we spend on our phones, it might feel like you are constantly under surveillance by eyes you can’t see. Luckily, features like location tracking can be restricted by denying apps permission to track your location or by simply turning off location services in your phone’s settings. You can also adjust your settings on social media sites such as Facebook to limit what information is stored for advertisers.
While having a VPN does not solve every problem with data tracking on your smartphone, it provides a fundamental level of privacy that in-app settings and other technologies cannot. To make sure you feel secure in making this step, ProtonVPN always places your privacy as the priority. We cover all of the following privacy concerns and more:
- Your data is encrypted when using the internet, so browsing history cannot be tracked by your ISP or mobile service providers.
- We have a strict no-logs policy, meaning you can feel secure that Proton never stores your mobile data.
- When using public WiFi, ProtonVPN keeps you private by protecting your data from being collected by hackers or the WiFi administrator.
We launched Proton in the wake of the Snowden revelations, and one of our major concerns in the US has always been securing the privacy of citizens who find it increasingly difficult to stay private in a connected world. For these reasons, Proton is headquartered in Geneva, Switzerland. Switzerland has some of the strictest privacy laws in the world, which makes it much harder for even the FBI to access our users’ data because even they require a Swiss court order to acquire it. This grants us the ability to pass on the security benefits of Swiss law to those in the US, as well as the rest of the world. For as long as Proton continues to exist, this level of security and privacy is something we will always work towards.
ProtonVPN offers convenient and easy-to-use apps on Android and iOS, so that downloading our VPN for your phone is easy. True privacy can be hard to attain in the US, but with our VPN, you can feel secure whenever you use your phone.
Using a VPN on your smartphone in the US FAQ
Using a VPN on your phone means that your IP address is hidden, and your internet traffic is encrypted and routed through secure VPN servers. This prevents your internet service provider, mobile service provider, and websites from identifying you or collecting your data. You can read more about how this works in our blog post What is a VPN? and you can get ProtonVPN for free on iOS and Android.
A VPN blocks efforts to track your online browsing. Your data is encrypted and passes through a secure VPN server. Your internet service provider cannot see the websites you are visiting, and the websites you visit cannot see your device’s IP address.
Yes, the US government can request that any company assist in an ongoing investigation. This is why reading the policies of the VPN you choose is so important. For instance, ProtonVPN has a no-logs policy. This means that ProtonVPN logs no information on its users. (Our latest security audit results confirm our no logs policy.)
The US government could hypothetically request that ProtonVPN monitor a user in real-time or request that logs be turned on. However, as ProtonVPN is a Swiss company, we are not subject to US law. Any request by a foreign government would have to first be approved by the appropriate Swiss authority.