Take Responsibility for Your Data

There is no other way to say this...this is an incredibly sad story and it sucks. It is a recent news story about an Italian father who just lost his 13 year-old son after a long fight with cancer. As many teens today do, this teen captured much his life during that time on his smart phone...an iPhone to be more specific. But after the teen died his father did not have the passcode to his son's phone and therefore was unable to retrieve the last precious bits of his son's life that were captured on his phone. The father has written Tim Cook (the CEO of Apple) numerous times but there is very little the company can do. You see, the father was given access to his son's phone while he was still alive via the TouchID fingerprint sensor, but once the phone is powered off or had its software updated the full passcode is required to unlock it. The father does not have the passcode and therefore cannot access the phone's contents.

Several months ago there was another large story that is still playing out in the media today, the story of the terrorist attack by Syed Farook and Tashfeen Malik on Farook's holiday party in which 14 people were killed and 22 were seriously injured. I think everyone is quite familiar with this story, but one detail you might not know is this. Syed Farook's employer, the San Bernardino county government, had purchased but never installed software called Mobile Device Management (MDM) that would have allowed them to gain access to Farook's work iPhone that was recovered after the shootings. This is a critical piece of information that has been all but ignored by the general media because it means that San Bernardino county had the means to properly manage Farook's phone and all the data on the device but chose not to do so. The result of this inaction was a very public attack on Apple for not doing more to help the FBI gain access to the phone. But Apple didn't own Farook's iPhone and neither did Farook. The county of San Bernardino owned the phone and therefore was ultimately responsible for access to and management of that device. They owned it!

So what do these two stories have in common? The common thread is that there is a misplaced responsibility when it comes to data access on a smartphone. It would be one thing if Apple required users to pay a monthly service fee in order to use the iPhone, but in the end Apple is only selling you the hardware. Granted there are some services that are optional (both free and paid) that are available for the iPhone (like the free 5 Gb of iCloud storage per iOS user) , but customers are not required to pay for or to use iCloud in order to purchase an iPhone. So why is there this expectation that Apple should provide access for you to the data on your device or someone else's? Just because Apple sold you the iPhone doesn't mean they are ultimately responsible for ensuring that you always have access to data on that device. You as the end user are responsible for your own data and the management of that data, not Apple.

That being said, Apple and other smartphone manufacturers are not making it very easy for the average user to take that responsibility so they can adequately manage their own data. It's complicated, no doubt. But if you look at where computing systems were 20 or 30 years ago and the extreme levels of education and training that was required (most of it being self-taught) just to operate a simple PC it will blow your mind. They may have been called a Personal Computer back in the 80's but it took a very special kind of "person" (what you would call a super geek today) to properly operate that computer. Computer ease of use has come a long way since then but the capabilities of the machines have also grown. What we are seeing now are devices like smartphones and tablets that in general are relatively easy to use, but the details associated with full end-to-end management is still relatively complicated (at least in comparison to the basic operation it is).

So how can you avoid being in a situation where you desperately want to gain access to data that is rightfully yours but you can't for any number of reasons?

  1. Backup: If you own a smartphone and you aren't regularly backing up then you are playing with fire. You should be at a minimum backing up your iOS device to your computer with iTunes. I would also strongly recommend you take advantage of the free 5 Gb of data that comes with being an iOS user and backing up automatically to iCloud as well. Directions on how to do both of these types of backups are available from Apple here.
  2. Device Access: I end up being the computer IT person at my house and every house needs to have someone that takes on that responsibility (and you certainly don't have to be a tech geek like me to do it, but it does help). So I make sure that I have both the passcode and the TouchID for all the devices in my house. I explained to my kids before they were given or purchased iOS devices that they shouldn't expect privacy when it comes to electronics that are owned and operated in my house. That doesn't mean that I get into their devices to snoop around, but it does mean that I always have access to their devices. Without that access I can't effectively ensure that their data is backed up and that I can troubleshoot problems when they arise. And that doesn't even address the really unpleasant cirmustances that could lead to one of them not being around any more to provide access to their device (like the story at the beginning of this post). Even if you don't have kids, a spouse or a significant other... you should leave the passcode somewhere so that people you care about can gain access to your device if the need arises. Maybe directions to a key to a safe deposit box that contains the passcode or a hidden slip of paper somewhere in your house (which I wouldn't recommend unless it is NOT clearly marked as to what the code belongs to and hidden really well). If you have any responsibility for that device at all you should be able to ensure access at all times, otherwise give that reponsibility to the person that doesn't want to give you access. When my kids turn 18 they will be taught how to properly manage their devices and be required to do just that.
  3. Know Who Has Your Data: This one is a bit more tricky. It would be one thing if your data only resided on the iPhone itself, but in today's world that is rarely the case. Your email service provider stores and has access to your data (the amount of access varies depending on your service). Then there are 3rd party applications and services, which includes everything from FaceBook to your utility company and even your credit card company and your banking institution. Sometimes the access these companies require are absolutely needed and sometimes they are not and you have a choice to not allow them all of the access they ask for. Pay attention to all of these things and don't be afraid to ask questions. Do you trust them with your data in the first place? Then even if you do trust them with access to your data do you trust them to properly protect your data while it is in their control? There are almost always options if you don't like the answers you are getting to some of these questions, but the time and effort required to go with alternatives can often times be too time consuming. But even in that case you still have the option to just not use that particular service. You could drive yourself crazy if you look at every piece of data that is out there, so focus first on the really sensitive data (like financial data, identity information and social media).

Stories like the ones discussed at the beginning of this article can be avoided if device owners take responsibility for the data on the devices they own. Don't make the mistake in thinking that someone else out there has your back. It's your data, so take back control and management of it. If you are in over your head ask for help. Most likely you have either friends of family that have the technical expertise to help you and you may be surprised just how willing they are to help you when you take the initiative to at least start down the path of taking personal responsibility for your data. This post may not go over well with some people and that's to be expected. In general people don't want more complication and responsibility in their lives, but unfortunately that is the trade you make when you choose to use complicated yet powerful devices like smartphones and computers.

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.