While buying new smartphones has become much easier thanks to attractive installment plans offered by brands, some people would rather buy a second-hand phone for various reasons. Hence, the second-hand phone market continues to this day but with one caveat, a problem of user privacy which goes both ways.
For the buyer, it’s more of an issue that the seller could have left certain malicious software parting from their phone which could be used to spy on the new buyer. Although a possibility, this isn’t reported or done very often. Yet, on the other hand, what about the seller leaving their data mistakenly to the mercy of the buyer?
According to a study done by the University of Hertfordshire and commissioned by Comparitech, it has been found that among the 100 second-hand phones purchased by the former on eBay specifically for the study between January and June in 2018, 17% of them contained the previous owner’s personal data.
See: Most & least radiation-emitting smartphones in 2019
As seen from the data compiled, 17% which equates to every 1 in 6 of those phones has personally identifiable information(PII) including “thousands of private emails, intimate photos, contact lists, text messages, tax documents, bank account details, web browsing histories, and personal calendars.”
To be more specific with an example, one of these contained,
“A contact list with 30 entries, including the previous owner’s number, a recent calls list, and 114 text messages including sexts and seven multimedia messages.”
Perhaps, the seller was giving an invitation to get blackmailed so he could come back as John Wick? You never know.
Nonetheless, all of this data could be used to engage in criminal acts like blackmailing, identity theft, sextortion, robberies with the help of personal calendars and something as simple as spamming.
Coming to the smartphones themselves, they compromised several brands to give a more representative picture as the researchers elaborated by stating that,
“The purpose of including a wide range of devices was to compare the amount of data that could remain in conventional devices to more technologically advanced devices.”
Regarding how the analysis was conducted, an image or exact copy was created of each phone’s memory which was then used to get an accurate picture of the data within. However, out of these, 28 smartphones didn’t yield any results, the majority of them being old devices.
See: Google confirms presence of Triada backdoor in cheap Android phones
The only lesson we could impart from this research is that it takes not more than 5 minutes to factory-reset one’s phone. Sure, you don’t need to actively advocate against social media giants on Twitter for privacy but doing such a simple act would help greatly in protecting yourself and the ones you maintain communication with. It is time that such simple precautions taken by every smartphone owner.