A new study says that phone manufacturers and developers aren’t doing enough to preserve the anonymity of users. Researchers found people can now be identified with just a few details of how they communicate with apps. The news comes amid growing concern about the diminishing level of privacy on the internet.  “Most people don’t know what information can be used against them until it’s already too late,” John Bambenek, a researcher at the cybersecurity company Netenrich, told Lifewire in an email interview. “Domestic violence victims, toxic employers, and scammers can all make use of the copious amount of information on our smartphones (or generated by our smartphones) and use it against us in a variety of ways.”

Watching You

Anonymity on the internet is harder than you might think.  The recent paper in the peer-reviewed journal Nature Communications explored anonymized data from more than 40,000 mobile phone users, mainly from messaging apps. The researchers from European research institutions searched for patterns in the data and found they could identify the person 15 percent of the time. “Our results provide evidence that disconnected and even re-pseudonymized interaction data remain identifiable even across long periods of time,” wrote the researchers in the paper.  The study results come as no surprise to Bambenek. As long as you can tie a unique data point to someone’s identity, it can be used to deanonymize data, he said. For instance, some research has shown that smartphones can be uniquely identified to an individual by looking for a correlation of as little as four common locations the device is seen at.  “Unique usernames (for instance, for games) correlated across applications could help create an identity as well,” he said. “Most online dating apps have unique identifiers that can also be profiled to allow stalkers to research potential matches outside the dating apps (and their safety teams).

Times Are Changing and So Is Your Data

It used to be easier to hide on the internet. In the past, when data was collected with a direct connection to a mobile phone number or a name, it was difficult to connect a user and their habits, cybersecurity expert Scott Schober told Lifewire in an email interview.  “This has drastically changed, especially over the past few years where now you really do not need the mobile phone number or name of the user to make the connection as there is so much rich data that is collected from a smartphone,” he added.  Much of the data that spills from users is called metadata (data that provides information about other data) but not the actual content, Schober said. By closely analyzing the collected metadata, hackers could determine facts about individual data sets such as phone calls, SMS texts, and photographs.  “Often there are date and time stamps associated which share habits, interests, and activities the individual is intimately involved in,” Schober pointed out. “This collected data set with the phone number and name removed still provide a complete glimpse into one’s life enough that they are no longer an anonymous user and much about their daily lives can be learned.” Maintaining your privacy on the internet is a complex problem, but there are some steps you can take that can help.  If you’re an iPhone user, keep in mind that Apple allows you to reset your Advertiser ID at any time, pointed out cybersecurity expert Vikram Venkatasubramanian in an email interview with Lifewire. Periodically resetting the ID delinks your data from you.  “This is a good thing to do as a privacy hygiene habit,” he said. “But the biggest bang for the buck comes from giving apps and services only the least amount of privileges needed to run on your phone.”  Users should make sure to never give apps access to their social media profiles. It’s also a good idea to be careful about which apps can access your camera and microphone, Venkatasubramanian said. “There is absolutely no reason why a ‘weather’ app should be allowed to access your camera, microphone, or local files,” he added. “And last but not the least, always download apps only from reputable app stores.”