Ever since Edward Snowden's revelations about the U.S. government's far-reaching spying capabilities -- especially when it came to prying into our mobile devices -- many people have been insecure about their smartphone's security.
In response to those concerns and criticisms that the tech industry cooperated with the government's surveillance needs, Apple and Google recently announced that they will automatically encrypt data on smartphones running their latest software. That drew praise from privacy advocates and condemnation from the highest ranks of U.S. law enforcement, who asserted that these new security features will make it harder for them to investigate crimes.
But as we reported today, the new data-protection measures aren't quite the foil to serious criminal investigations that some officials are making them out to be. And for us non-criminals who are more worried about privacy than incriminating evidence, the new data encryption doesn't all-of-a-sudden turn our devices into impenetrable black boxes (or, for iPhone users, space gray boxes). When it comes to the protection of our smartphone data, here are three things you need to know.
Phone records, text messages, e-mails
Since phone records and text messages are shuttled by mobile carriers, the telecom companies could still have to divulge these communications at the request of law enforcement. However, some cellular providers don't store your text messages for very long, sometimes only a few days.
As for e-mails, police won't be able to easily look at these messages on the protected devices themselves, but they can still demand records from the e-mail providers, including Apple and Google.
Images are often the most incriminating (or, at least embarrassing) content on our devices. Here's what you need to know: If you take a photo and it never leaves the device -- you don't send it to anyone and it's not backed up in any cloud service -- it will be much harder for law enforcement to access.
This is a legitimate area of concern for law enforcement. Police make all kinds of cases after forcing companies to unlock mobile phones. Photos they've found have been instrumental in murder, child pornography, drug and other prosecutions. Encrypted images can make it more difficult.
It's a similar situation for your contacts. If they're stored only on your device, these too will be hard to access by outsiders. If, however, they're synced with e-mail contacts or cloud services, once they leave the device they could be vulnerable. Again, telecommunications companies and other providers could have to cough these up. All of this also applies to documents on your phone.
Apple says it does not have access to users' passcodes, and Google did not immediately respond to a request for comment. If law enforcement officials want your passcode, they can demand with a court order that you supply it. This is an unsettled area of the law: You may not have to give it under the right against self-incrimination, though then you could get hit with other charges.
What Apple and Google have done with data encryption is take what was once a time-consuming feature and made it the default setting. That protects users from some forms of snooping, although you can bet that the government will be determined to still find a way to penetrate these devices.
The most important protection, though, may be for the mobile companies themselves. Caught between a government that wants to know more and consumers who want it to know less, this may be one way to untangle themselves from that tug of war.