Is my iPhone spying on me?

I went to see a new counselor today. I was telling her that one treatment I tried for depression and anxiety is TMS (transcranial magnetic stimulation).

Tonight on Instagram, for the first time ever, I saw an ad for local TMS services.

How did this happen? Is Instagram using microphone permissions to listen in when I’m not using the app?

Other ideas?

Just because I don’t have anything to hide, doesn’t mean I don’t want privacy.

Our phone apps and the Internet companies are constantly spying on us.

However, this might be a case of the human brain doing its thing again. Like, whenever you buy a car, TV or something else relatively expensive, ads for that thing seem to pop up everywhere. Because you have your mind focused on the topic, your mind’s normal filtering mechanism is letting this information through to your awareness.

I seriously doubt that the iPhone microphone is to blame here. A constant stream of audio from the phone would quickly kill battery and data plans, while the audio file remaining very difficult to make much sense of for an algorithm.

I am more on your other line that it might be a correlation between the location and your duration of the visit, if it indeed was an algorithm behind this ad.

Adding to what @airwhale has said, I would suspect you’ve googled TMS in the past. Perhaps you used a web browser in the waiting room at the counselor’s office? Combine these things and Google can figure out that you’re interested in TMS, and the type of person that seeks help, so you’re a good candidate for an ad about TMS.

I had a similar experience today: I listened to the most recent MPU where Christina Warren mentioned Sony noise cancelling headphones. I just saw an ad on Twitter for the same headphones. The headphones are mentioned in the show notes. Someone (assuming Google) was able to piece the information together in the hopes that I will buy the headphones. They probably mixed in data from Amazon where I bought my last pair of Bose noise cancelling headphones.

In effect, Google is “listening in”, but they aren’t using our microphones, they are using our digital trail, psychology, spending habits, and so forth.

2 Likes

Some tips:

  1. I would suggest you switch to duckduckgo as a search engine.
    I use that as a default with !g as a google bang. Actually I’ve set that up on my macs and iphones as a keyboard shortcut: when I type xg it automatically enters the google bang !g.

  2. Most importantly:
    if you have anything related to facebook installed: delete that immediately.
    (so facebook, whatsapp, instagram etc etc)

  3. I would also suggest going into settings -> privacy -> advertising
    limit ad tracking, and also reset your advertising id there
    (and no: ad tracking mentioned here is not the all pervasive tracking as in google/facebooks case)

Your iPhone itself would not “spy” on you without you saying it can.

Unless you gave an app permission to use your location when the app is not running, there’s no link to ads online and your iphone.

1 Like

The existence of the Facebook Research app (supposedly now shutdown by Facebook + blocked by Apple due to TOS violations) is just one more piece of evidence that Facebook and others view us as host bodies for the parasitical technology they deploy.

5 Likes

I would like to second @JKoopmans’ suggestion to switch to DuckDuckGo.

Several years ago, I already had tried to switch, but I was not pleased with DuckDuckGo’s performance. Not any more. I still think that Google does a better job, but I am not willing to pay the price for that any longer. And DuckDuckGo really has gotten better.

Two months ago, I did the switch to DuckDuckGo again. And I am not looking back. It is my default search engine on all of my devices. And if I really need to to use Google, I use it as a second option: If DuckDuckGo does not provide me with the desired results, I just have to add !g into the adress bar, I confirm it with Enter and my search is being repeated using Google if necessary. The !g is called a Bang. Have a look at: https://duckduckgo.com/bang :slight_smile: I love it!

Setting in iOS to use DuckDuckGo as default:

Settings | Safari | Search Engine -> choose DuckDuckGo

Setting in MacOS to use DuckDuckGo as default:

In Safari: Preferences | Search -> choose DuckDuckGo

3 Likes

Six years ago, on Android only. Relevant caveats.

Not in the same way, with anything like the same effect. Try connecting dots that are closer together.

DDG has gotten much better but it still falls behind if you do targeted searches based on time, or do a lot of image searches, or reverse image searches, etc etc.

I’ve found that Bing is surprisingly good. So is https://www.startpage.com which is as security-focused as DuckDuckGo, but also anonymously blends in Google search results (Google gets the request from StartPage so they don’t know which user is requesting) for good results as well.

When searching ‘macpowerusers’ Google and StartPage give identical results, Bing and DDG aren’t bad, but I personally think they don’t give the best target results (a top result for the last two is the t shirt sales?)




1 Like

Aside from the possibility you visited relevant pages on Instagram or Facebook (which would neatly explain seeing that ad), Instagram ads are based on Facebook and Instagram usage, as well as “the websites and apps you visit

I suggest you Google (or Bing or whatever) facebook tracking ios to get an idea of the network (and network effects) involved that allow FaceBook to track users even not logged in to FaceBook. Those FaceBook ‘like’ buttons are essentially cookies which funnel web browsing data into the Facebook advertising algorithm. Each site with a Facebook button places an individual cookie on your computer. Along with the “normal” tracking information, this file can contain your individual Facebook id number. And even if you’re signed out of Facebook, the tracking id contained in the cookie can still inform. That’s why it’s a good thing to block social media buttons when web browsing.

This is one good reason to use a blocker to kill off social media buttons via browser plugins or other software when surfing.

Thank you for the good input.

I am already using DDG.

I use a VPN on any network other than my home network, and most of the time there too.

Facebook is not on my phone. In fact, I use a blocker so FB can’t be accessed on Safari either.

Didn’t use my phone at the office at all.

I don’t give apps permission to use my location when I’m not using them.

So, sounds like Instagram itself may be the culprit.

Yuck.

Not specifically directed at you @Namu, but more of a general observation: lots of people seem to compartmentalize their feelings for Facebook and Instagram (I’ve noticed quite a few podcasters like Myke, Federico, Casey, and Marco doing this lately to justify their continued use of Instagram despite their anger at Facebook). Instagram may not have some of the problems with offensive users that Facebook suffers from, but at its heart, it’s still the same company, that makes its money in the same way from both services, and has the same incentives to violate its users’ privacy.

6 Likes

The same for WhatsApp and OculusVR, both subsidiaries of Facebook, Alphabet/Google’s Android, the list goes on…

There are many ways to track people without apps as well, e.g. setting up WiFi networks that know of your presence even if you don’t connect. Your phone’s MAC address is globally unique, so it’s easy to tie that back to everything we discussed above - as you’re walking through a mall, for instance.

Thankfully, under many conditions, iPhones present a randomly generated MAC address to wifi access points and other networking devices when it’s not already connected to a wifi network and when it’s asleep (e.g., if you’re walking around a city or a mall with the phone in your pocket, it’s presenting a random MAC address).

3 Likes

I’ll just leave this right here…

@namu I wonder if GPS tracking could lead to the same ‘leak’? I would consider sources related to GPS tracking… in case the doctor’s office is readily identifiable geographically.

Interesting article on NBC News related to this topic.

Basically, the article suggests that compilation of big data on users allows certain companies to build a predictive model of you to anticipate your needs or behaviors. Apparently this is being done in spite of privacy protections being put in place.

1 Like

Got a link to that? Here’s the Android-only 2014 exploit I referred to for the Facebook app from the Google Play Store:

That link refers to a battery drain (not uncommon - we’ve periodically seen that in apps from all sorts of devs, including Apple), followed by a speculation (by one person, on one site) guessing that it’s audio related.

Was that ever confirmed, or was it just idle speculation about an audio exploit on iOS?

I’m definitely compartmentalizing…that little niggling in the back of my brain that knows Instagram is owned by Facebook, yet still wanting IG as a platform to help grow my business.

I keep my FB account because of all the contacts I’ve made through it, and classes I take often use it as a discussion forum, though I’m trying to limit my use.

I heard on a podcast about tech that allows business to play an ultrasonic stream that is detected by specific apps on your phone, so the app knows you’re in this store or that store…marketing things that send you pop up ads and coupons, although if that tech exists, it’s reasonable that other apps bury those permissions in TOS.

Right now I’m connected to a Google Starbucks network…with a VPN. But still I wonder about not security.

Let’s face it, there’s cameras almost everywhere, besides the ones we EDC, and if the rumors are true, the government has been listening to phone calls since the 40’s.

I remember hearing a news story in 2013 about how Google was data mining GPS locations to create accurate ETA’s for their maps app…and people didn’t know it.

Makes sense of course. Now Waze is trying to distract me with pop ups for Dunkin‘ Donuts and the like…

I guess 1984 is in the back of my mind…Winston thought he was careful, he thought he was safe, and the Thought Police got him anyway.

For me, they may end up sniping my data, but it doesn’t me I’m not going to make it hard for them.

Which is not permitted everywhere. One example I remember: https://www.boelszanders.nl/en/publication/ap-issues-cease-and-desist-order-to-wi-fi-tracker/ or https://www.stibbe.com/en/news/2016/september/dutch-data-protection-authority-imposes-an-order-subject-to-penalty-on-wi-fi-tracker-bluetrace

BTW: GDPR raised the maximum fine to 4% of global revenue.