THE BLOG

Corporate Phone Spying Is Becoming a Big Deal

08/09/2013 09:34 am ET | Updated Oct 09, 2013

Co-authored by Dr. Stephen Bryen, CEO of Ziklag Systems

The story of the Major League investigation of Biogenesis and the use of banned substances by major league players has a sub-text --the use of technology to recover information from mobile phones used by the players and the Biogenesis managers and staff. To get at the information, according to excellent reporting by the Associated Press, MLB filed a civil lawsuit against Biogenesis, alleging the company was interfering in MLB's contracts with the MLB Player's Union. The lawsuit made it possible for MLB to subpoena AT&T Mobility, T-Mobile, Metro PCS and Federal Express and UPS (the latter presumably delivered the banned substances to the players). MLB was, according to AP, able to recover BlackBerry messages and emails.

Americans are increasingly aware about government spying activities, which are getting more and more scrutiny as leaks about the range and extent of "official" spying become known.

But Americans are far less aware that spying is hardly limited to our government, or any other government for that matter.

The rise of the mobile phone and tablet has created a field day for exploitation of private information.

MLB primarily followed a legal route to get information from mobile phone companies. Yet the idea that a non-consequential legal action can expose a wide range of mobile phone records in a civil, not a criminal action, raises a host of questions about whether MLB's action crossed a constitutional line.

Beyond legal questions, there is the fact that mobile phones are easy to hack. Today it seems there is not a single commercial mobile platform, whether Android, iPhone, RIM (Blackberry) or any of the others, that has not been hacked. More than that, it is legal to sell spy software and there are hundreds of companies advertising products that can plant a "spyphone" on a mobile phone.

What can a spyphone do? A good spyphone can take full control of a mobile phone, operate its microphones and cameras, transfer its email, calendar and SMS records to an intruder. In fact, the really good spyphone products are very difficult, if not impossible, to detect. The infections can be hidden as attachments to emails, embedded in photos, pushed inside SMS messages, or transferred by WIFI or Bluetooth, hidden inside an APP, or be installed by an employer or a family member.

Who is using spyphones? Unfortunately there is growing and compelling evidence that not only are governments and criminals taking advantage of mobile phone vulnerabilities, but increasingly major companies may be engaged in collecting information through these mechanisms.

How do we know this to be the case? In the UK a report has been turned over to the government which names over a 100 major firms (some corporate, some legal) engaged in phone spying. There is a huge scandal attached to the UK hacking report, and any day now the names of the companies and organizations doing the spying will be made public.

It is true that many companies hand off the spying to private investigators or third parties. This is done to try and hide the fact that there is illegal activity taking place. A company can assert that it would never countenance illegal activity and cannot be held responsible for what a hired hand might do on its own. This excuse, which we will hear more and more is, of course, bogus and will not pass the giggle test.

We have clearly entered a new world where what might have been regarded as safe and secure in the past, no longer is so. So far American courts have been of no help whatever in protecting our Constitutional rights. It remains to be seen if Congress will act in a serious way to put a stop to the evisceration of American liberties.