The ubiquitous smartphone has become an integral part of our lives. The American Express advertising tagline, “Don’t leave home without it," could well apply to the instrument in our pocket. More than any other piece of hardware, the smartphone has revolutionised society and transformed how we interact, partake in entertainment, travel, conduct business, acquire information, etc.
All this is made possible by the variety of sensors that exist in a smartphone. A typical smartphone has about 25 sensors, including the accelerometer, gyroscope, GPS, biometric sensors, facial recognition, and proximity sensors, in addition to cameras and microphones.
These help you navigate safely, track fitness goals, capture memories, and keep you connected around the globe.
The smartphone is also a veritable warehouse of knowledge about its owner. The phone continuously tracks your movements; it knows what you surf on the internet, watch, read, and buy. It has a list of all your contacts and knows to whom you speak. More importantly, the data from your social media activity helps draw a psychological profile and identify personality traits that can predict your behaviour.
Govts, Big Corp Mine Phone-Stored Personal Data
All this is precious personal data that is sought after by both corporations and governments, the former for commercial purposes and the latter for surveillance. Let us briefly look at how this data is harvested.
Smartphone manufacturers collect personal data that is shared with business partners. The operating system (OS) on the phone, Android or IOS, is also collecting personal data. A 2021 study by Prof. Doug Leith at Trinity College Dublin with Dr. Paul Patras and Haoyu Liu at the University of Edinburgh found that the Android variants on Samsung, Xiaomi, Realme, and Huawei handsets were sending significant amounts of data back to the developers, and third parties such as Google and other companies with pre-installed apps such as Microsoft, Facebook, and LinkedIn. The users had no way to opt out of this data collection.
Governments, too, collect personal data. This is being done for law enforcement, preventing crime, and improving the delivery of services. These are all legitimate functions and are subject to judicial oversight.
However, there are no such restrictions when it comes to collecting information about citizens in other countries in the guise of intelligence gathering.
From the Snowden revelations, we know that the U.S. global surveillance program named PRISM was retrieving data directly from Microsoft, Yahoo, Google, Facebook, Skype, YouTube, and Apple. Incidentally, India was the fifth most targeted country in the U.S. surveillance program.
Chinese Tech Brands Pass Monitored User Data to Govt
According to a Forbes report of 2020, Security researchers Gabi Cirlig and Andrew Tierney were able to spot various backdoors in Xiaomi phones that help the company obtain user data without getting any consent from its users. This data was sent to remote servers hosted by Alibaba in China.
China’s 2017 National Intelligence Law mandates that “any organisation or citizen shall support, assist and cooperate with the state intelligence work in accordance with the law." Thus, companies like Huawei will be forced to hand over their data if the Chinese government demands it.
There is also a deadly side to smartphone surveillance. Terrorist leaders have been regularly targeted through their cellphone location data. During the ongoing Russia-Ukraine war, phone-derived “heat maps” of Russian phones has revealed troop locations and movements. In at least one case, the use of an unsecured phone allowed Ukraine troops to geolocate a Russian general and kill him and his staff.
Can India Come Up With Military-Proof Smartphones?
These are all well-known facts and necessitate that countries develop a secure smartphone for use by militaries and important government functionaries. The Indian military is also looking for a secure smartphone, with the Indian Army and Navy in the process of conducting trials and the Air Force having issued a request for proposal for the Airforce Cellular network.
The need is well understood, but the approach adopted by the three services differs. The Indian Navy is testing an indigenous solution that includes locally assembled handsets based on trusted supply chains, an indigenously developed operating system, and a network architecture that maximises indigenous ownership. This system was displayed during the recent DefExpo at Gandhinagar. On the other hand, the Army and the Air Force are apparently leaning towards both foreign hardware (perhaps assembled in India) and a foreign operating system. The Air Force has clearly specified that the operating system should be Android 11 or above, which is developed by Google.
Companies like Apple, Samsung, and even Huawei and Xiaomi can perhaps develop secure phones for the Indian military that would pass all security certifications. The real issue that we have to consider is not technical capability but trust. Given all the facts we know about technology companies headquartered abroad and the legal and other pressures that their governments can bring on them, it could be imprudent to trust our military communication networks to them.
India is also committed to Atmanirbhar Bharat, where we want to manufacture the most complex defence systems. It would be a pity if we could not even assemble a simple cell phone and develop an operating system that would provide an indigenous architecture for a secure smartphone.
The capability in India certainly exists, but we need to get less starry-eyed about foreign hardware and software. The Indian military leadership, which is directly concerned with national security, must get this right. Otherwise, the phone in the General’s pocket will also paint a large target on his back.
([(Retd) Lieutenant General Deependra Singh Hooda, PVSM, UYSM, AVSM, VSM & Bar, ADC is the former General Officer Commanding-in-Chief of the Indian army's Northern Command. This is an opinion piece, and the views expressed above are of the author’s own. The Quint neither endorses nor is responsible for the same.)
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)