The latest tech scandal shows how much Surveillance Capitalism violates people’s privacy. A Panamanian company named Measurement Systems was paying developers of Android apps to include its SDK which was harvesting data from users, including the user’s phone number, email address, IMEI information, GPS data, router SSID and information in the clipboard. Measurement Systems was registered in Panama by Vostram Holdings, which is a private national defense contractor based in Virginia.
Reading the details of this scandal, I was struck by the fact that Measurement Systems was using the same logic of monetizing users’ personal data under Surveillance Capitalism as Google, but the only difference is that Measurement Systems wasn’t informing its users that it was collecting their data and wasn’t abiding by governmental regulations such as GDPR. Google spent billions of dollars developing Android and its apps such as Chromium and its web services such as Google Maps and YouTube and it set up an app store which encouraged app developers to create apps based on Surveillance Capitalism.
While I find the actions of Measurement Systems to be egregious, I can’t help thinking that the Surveillance Capitalism being practiced by Google, Facebook, Microsoft, Twitter, Tik Tok, Rovio Entertainment, etc. is worse because it is so pervasive. The vast majority of people using these services have no idea how much data is being collected about them or how it is being used, so I wonder how much people are truly consenting to giving their data to these companies. For most people, they don’t see much of an option, so they accept the loss of privacy as a necessary evil for the conveniences of a modern smartphone.
Apps using Measurement Systems’ SDK were downloaded over 60 million times from the Google Play Store. Security researchers reported the problem to Google in October 2021, but it wasn’t until March 25, 2022 when Google took action to remove the offending apps from the Play Store.
It is worth pointing out how long it took Google to act. In terms of kernel hardening, app sandboxing and verified boot, Android is better designed for security than a standard Linux system like Debian, but I believe that the average Linux user is far safer than the average Android user, because the probability of installing malware and spyware is so much lower in a Linux system.
Just the requirement that the code be free/open source keeps out most of the bad actors. I was struck by the difference between getting my own app included in the Google Play Store vs F-Droid. It took 1 day with the Play Store vs 2.5 weeks in F-Droid. The F-Droid volunteers took their time, but they actually looked through the code and pointed out that we were calling a non-free library to do downloading and made us include extra information (license file, readme, etc.) about our code. It was frankly a hassle, but it also gave me a lot more confidence that volunteers who care about free/open source software are far better stewards of our privacy than a multi-billion dollar corporation like Google with an ethically-dubious business model.
I decided to back the Librem 5, because I don’t think that AOSP-derivatives are a good vehicle for fighting planned obsolescence and Surveillance Capitalism, which in my opinion are the two great evils of the modern tech industry. Currently Google is happy to allow modders to play with AOSP, but I have little hope that AOSP will ever reach the mainstream, because every phone maker needs their Android license to access Google Web Services, and aftermarket AOSP resellers like /e/ Solutions, Rob Braxman, jolla-devices.com, etc. will always be fringe players. Google holds enormous leverage over the big phone vendors to prevent them from releasing AOSP phones. If AOSP ever starts seriously encroaching on Android’s market share, Google can simply stop releasing new versions of AOSP, so we have little hope of AOSP phones ever becoming more than a fringe movement for geeks and privacy/security fanatics.
I have no idea if mobile Linux will ever reach the mainstream, so it is a viable option for normal users, but I think that it is the best option that we have for fighting Surveillance Capitalism. Nonetheless, there is nothing about mobile Linux that prevents the creation of apps based on Surveillance Capitalism. KaiOS, which is based on Firefox OS, is turning into a vehicle for Surveillance Capitalism, just like Android. Nearly major Linux distro includes Firefox, which depends on Google’s search engine for its revenue. However, Surveillance Capitalism hasn’t been part of the ethos of the principal Linux distros and is strongly discouraged by the community, so developers of apps based on Surveillance Capitalism have generally steered clear of the platform.
A lot of people think that mobile Linux needs a repository that allows Surveillance Capitalism, like the Google Play Store or Apple Store, in order to attract developers to the platform. However, I see a lot of code from desktop Linux being adapted for mobile Linux without the economic incentives of Surveillance Capitalism. In the FOSS world, which is based on encouraging developers to join existing projects and reusing existing libraries, fewer developers are needed and there is no need to have millions of apps like in Android and iOS.
It is my belief that mainstream users will never adopt mobile Linux if it operates like Android and the Play Store. However, I think that mobile Linux has a shot at actually reaching the mainstream, if it keeps out the kind of predatory developers who rely on Surveillance Capitalism, because it will attract more and more users who see a compelling reason to use the OS, even though it offers far fewer apps than Android and iOS. Many companies have tried to compete with Google on its own terms and lost. People couldn’t see a good reason to use less-capable mobile OSes like Symbian, Windows Mobile, Blackberry OS, WebOS and Firefox OS, but a mobile Linux which provides privacy and lifetime software updates gives people compelling reasons to use it, despite its deficiencies compared to Android and iOS, so it has a much better chance of succeeding where others failed in the past.