The more the phone "understands" you, the more transparent the privacy?

The more the phone "understands" you, the more transparent the privacy is?

cell phone wisdom TO user Accessibility Liu Huiyong data privacy Global Network Technology

Updated on: 13-0-0 0:0:0

◎ Reporter Wang Yan-jia

Just send a command to the mobile phone to "order a cup of coffee for me", and the mobile phone can identify the user's brand and taste preferences according to the time, positioning, behavior habits and other information, and then actively open the commonly used food delivery app, complete the order, fill in the delivery address, make payment, etc., without manual work. Such a convenient life scenario has now become a reality.

Recently, many mobile phone manufacturers have launched self-developed or connected to third-party large models of mobile phone smartphones, such as Super Xiaoai, Lanxin Intelligence, Bixby, etc. With the support of large models and artificial intelligence (AI) technology, these agents can become users' "personal assistants" and independently complete tasks such as ordering coffee and sending WeChat red envelopes in groups.

"While enjoying the convenience brought by mobile phones, smart phones, and smart phones, we must also be soberly aware that this convenience is obtained through the transfer of personal privacy data." Liu Huiyong, director of the Department of Information Security and associate professor of cyberspace security at the School of Computer Science and Technology of Beijing Information Science and Technology University, told Science and Technology Daily that when AI began to "take over" mobile phones, the old problem of "exchanging privacy for convenience" reappeared in new technology application scenarios. How to protect user privacy is an unavoidable issue for the healthy development of mobile phones, smart phones, and smart phones.

Accessibility is a risk

The reporter found that most of these agents are based on AI technology, integrating speech recognition, natural language processing and multi-modal perception capabilities, and have functions such as information query, AI writing, sketch to picture, video lock screen, etc., realizing the leap from basic Q&A to active service, and the mobile phone has become a "personal assistant" for users. Among them, a small number of mobile phone manufacturers have further improved the natural fluency of human-computer interaction by building in a localized device-side large model.

"The use of mobile phones is based on the collection and use of a large amount of data. To implement features such as AI screen reading and simulated clicks, users often need to turn on accessibility features. Li Ruiyuan, an associate professor at the School of Computer Science of Chongqing University, said in an interview with a reporter from Science and Technology Daily.

He explained that the accessibility feature is an exclusive feature created by Android for people with disabilities, including screen reading, screen magnification, automatic tapping, audio enhancement, subtitle change and other convenient features, aiming to allow people with disabilities to use smartphones in the same way as ordinary people. In order to "take over" the mobile phone, the user needs to authorize the user to enable the accessibility service permission, and then use the AI screen reading function to access all the applications of the mobile phone, and obtain, understand, and analyze the screen interface elements like a human, including bank card information, special PIN pad and chat history. Eventually, the simulator's fingers complete online shopping, transferring money, downloading software, etc., on the phone.

Liu Huiyong further said that once the user turns on the accessibility function, it is equivalent to installing a universal access card on the mobile phone. When users use functions such as voice assistant and intelligent recommendation, the mobile phone can obtain private data such as geographical location, application usage frequency, and WeChat messages without restrictions. Some mobile phones and smartphones will also automatically turn on accessibility permissions without the user's knowledge, and "silently" collect user privacy data.

"The information in the mobile phone, such as contacts, text message records, and call logs, is sensitive information. The system usually sets up a permission protection mechanism for it, and the mobile app can only be obtained after the user's authorization is displayed. However, the situation is different when users use the smart phone to complete the tasks of voice sending WeChat and sending red envelopes with one click, Liu Huiyong said. This type of work needs to be bundled across applications, and in this process, the system will open SMS or WeChat permissions to ensure the smooth implementation of relevant functions.

We will make every effort to protect the security of personal data

"The convenience of technology and the risk of privacy are a natural contradiction. The introduction of industry standards and laws and regulations often lags behind the application of technology. Liu Huiyong believes that at present, the data collected and used by mobile phone intelligent bodies is transferred to mobile phone terminal manufacturers, intelligent body developers, cloud service providers and other subjects, and its ownership, use and control are difficult to define. Once a data breach occurs, it is difficult to effectively trace the source due to the long chain of accountability.

For example, some mobile phone smarts with low security may use accessibility functions to automatically send red envelopes in WeChat groups and induce others to click on them, transferring funds to criminals' accounts, causing property losses to users. or selling the collected information to third-party companies, resulting in algorithmic discrimination, etc. "Due to the lack of technical specifications and protection mechanisms, even if users suffer losses, it is difficult to recover them through effective means." Liu Huiyong said.

In this regard, Liu Huiyong suggested that mobile phone manufacturers and system platforms should continue to improve relevant technologies, improve the user data disposal process, build a more intelligent internal defense system, and prevent hidden data abuse in the evolution of agent technology.

In addition, Li Ruiyuan suggested that mobile phone manufacturers should try their best to support end-side AI in mobile phones, smartphones, and smart phone applications. Although cloud-side AI can provide more convenient services, user data needs to be uploaded to the cloud frequently, and the risk of privacy exposure is greater. On the other hand, device-side AI supports data calculation and processing on terminal devices such as mobile phones, minimizing data transmission, and is a "more private" technical solution.

西南政法大學民商法學院講師任龍龍說，技術的落地離不開法律法規的約束。當前，《中華人民共和國民法典》以及《中華人民共和國網路安全法》《中華人民共和國數據安全法》《中華人民共和國個人信息保護法》等法律，包括2025年1月1日生效的《網路數據安全管理條例》等法規，都對數據、個人資訊、生成式AI等新興技術的使用進行了規定。然而，手機智慧體作為新興技術應用，目前仍存在一些法律模糊地帶。

Ren Longlong suggested that functional departments should actively introduce relevant policies, increase supervision, and build a more refined system of legal rules, refine data classification, and clearly define the right to hold data resources, the right to process and use data, and the right to operate data products, so as to avoid privacy leakage incidents caused by malicious authorization.

"In the case that the relevant technology and regulations have not yet been perfected, users should enhance their awareness of security precautions." Ren Longlong said that when using smart phones and smart phones, consumers should be cautious about turning on the accessibility function, turning off the password-free payment authorization function of the smart phone, regularly checking the mobile phone privacy report, and discovering and dealing with the abnormal behavior of the smart phone in a timely manner.