In a move that seems Big Brother-ish, Apple has a patent in the works that could use voice and facial recognition technology to activate a “kill switch” on its popular iPhone, shutting it down when hackers “jailbreak” or unlock the phone to install unauthorized programs on it, or try to steal information from an unsuspecting iPhone user.
Apple would track “suspicious behavior,” the company said, including comparing the “identity of the current user to the identity of the owner of the electronic device,” then notify the legal owner of the iPhone about the possible hack.
Marc Rotenberg, Electronic Privacy Information Center executive director, expressed concerns about potential abuses of such a system. “But more to the point, companies that sell products to consumers should not be able to enforce their views as to what constitutes ‘unauthorized use’ post sale,” he said. “Users should be able to control the use of their products, and that includes jailbreaking iPhones if they wish.”
Lee Tien, senior attorney for the Electronic Frontier Foundation, agreed. “The stuff in the patent that has to do with jailbreaking is an obvious concern, because that’s completely legal behavior – it’s not like theft.” And while it is still early in the patent process, Tien said, there are some “scary” issues around the technology, including where data collected by Apple would stored, and who would have access to it.
“Hopefully this would be entirely up to the consumer or user of the device whether or not they were going to buy into it at all,” Tien said.
When asked about the patent, an Apple spokesperson declined to comment.
Both Tien and Rotenberg said Apple’s actions could result in cases similar to what happened in a suburban Philadelphia school district, where tens of thousands of webcam photographs and screen shots on laptops issued to students were secretly snapped by the district.
Officials with the Lower Merion School District officials said the remote tracking system was activated to try to find laptops that had been reported lost or stolen. But the district admitted that the tracking system remained “on” for weeks or months, even after a laptop was found, and wound up taking 56,000 webcam photographs and screen shots from student laptops. So far, at least one student is suing the district over photos taken of him sleeping, as well as on instant messaging and video chats.
Apple’s patent, “Systems and Methods for Identifying Unauthorized Users of an Electronic Device,” was filed in February 2009, but published Aug. 19 by the U.S. Patent & Trademark Office. The “kill switch” would be part of a processor that Apple would create.
The company’s patent includes some “1984”-ish ways in which it would find iPhone scofflaws. In some cases, Apple said, “a photograph of the current user can be taken, a recording of the current user’s voice can be recorded, the heartbeat of the current user can be recorded, or any combination of the above.
“The photograph, recording, or heartbeat can be compared, respectively, to a photograph, recording, or heartbeat of authorized users of the electronic device to determine whether they match. If they do not match, the current user can be detected as an unauthorized user.”
The ways a registered owner uses the iPhone and where it’s used could also be obtained, Apple said. “For example, information such as the current’s user’s photograph, a voice recording of the current user, screenshots of the electronic device, keylogs of electronic device, communication packets (e.g., Internet packets) served to the electronic device, location coordinates of the electronic device, or geotagged photos of the surrounding area can be gathered.”
“Unauthorized users” could be detected, the company said, by monitoring “activities such as entering an incorrect password a predetermined number of times in a row, hacking of the electronic device, jailbreaking of the electronic device, unlocking of the electronic device, removing a SIM card from the electronic device, or moving a predetermined distance away from a synced device.”
Apple is proposing that when an “unauthorized user is detected, various functions of the electronic device can be restricted. For example, access to particular applications can be restricted, access to sensitive information can be restricted, sensitive information can be erased from the electronic device.”
The company would then e-mail, text message or leave a voice mail for the legal owner of the iPhone to provide notification about an “unauthorized user.”
Jailbreaking the iPhone has been an issue since the first model came out in 2007, although it’s mainly limited to those who are technically savvy and are willing to void phone’s warranty by doing so.
The problem of hackers looking to steal information is more recent; Apple released a software patch earlier this month to block hackers from gaining access to any iPhone, iPod Touch or iPad running the latest versions of their mobile operating system after security hole was discovered.
“Just because Apple could shut down your iPhone if it’s ‘jailbroken’ doesn’t mean Apple is trying to seize control of your digital life,” wrote Brian Caulfield of Forbes. “In fact, if you want to keep control of it, you might actually want Apple to step in.”
Said Tien of EFF: “Let’s wait and see; it’s early still with Apple’s patent application. But there really are some serious concerns here.”
By Suzanne Choney