The rapid rise of DeepSeek, a large AI model, has ignited a new frenzy of collaborations within the smartphone industry, with domestic giants like Huawei and Honor eagerly integrating these technologies into their devicesThis trend signals a significant evolution in the mobile phone landscape, where companies like Apple and Samsung have already prioritized artificial intelligence as the cornerstone of their latest creations since 2023.

The trend towards “AI smartphones” embodies the complexities of modern technologyOn one hand, these devices promise a future where tasks can be completed with simple voice commands: ordering coffee, navigating through unfamiliar streets, or even distributing digital red envelopes on platforms like WeChatHowever, this technological marvel is not without its downsides, particularly when it raises concerns about privacyAs users revel in the perks of AI-enhanced phones, a nagging anxiety regarding personal data security simultaneously grows.

At an academic forum titled “AI Smartphone Privacy Crisis: Security Challenges and Choices in a New Order,” held on February 15, Yu Wei, President of the 21st Century Economic Report and Director of the Compliance Technology Research Institute, highlighted a troubling observation: despite manufacturers’ claims of having robust end-side AI capabilities, many of the AI functions still hinge on cloud-side modelsThis architecture creates a scenario where user interaction data is closely entangled with personal information, raising problematic questions about data transparencyWith the black-box nature of AI models and the multiplicity of data handlers involved, users often remain in the dark regarding the flow and availability of their data to third parties.

The industry has framed the integration of AI into smartphones as two divergent pathsAccording to Zhou Hui, Executive Deputy Secretary-General of the Cyber and Information Law Study Society in China, end-side AI theoretically minimizes the transmission of sensitive data to cloud services, allowing for a more private solution when adequately managed

Advertisements

This local processing of data can significantly reduce the risks associated with data breaches.

In contrast, cloud-side AI benefits from powerful computational resources capable of delivering superior performance, albeit while requiring frequent data uploads that exacerbate privacy risksThis tension between local processing and reliance on the cloud showcases the broader data management issues now central to the smartphone development discourse.

From a practical standpoint, the current landscape of AI smartphone development is diverse, presenting various strengths and weaknesses depending on whether the technology is homegrown or third-partyZhang Renzhuo, CEO of Shanhy Technology Co., expressed that a pure end-side model offers enhanced security by keeping user data entirely on local devicesHowever, this approach proves vulnerable when third-party applications enter the mix, often leaving the boundaries of privacy protection blurred and susceptible to data misuse.

Apple serves as an instructive case study of this duality, as it has worked diligently to maximize local AI data processingYet, the company also deeply relies on its Private Cloud Compute (PCC), known for its stringent security standards, positioning Apple as a leader in practical AI applications.

When third-party AI is added into the equation, complexities multiplyThese external models frequently require access to extensive user data pools, amplifying the risk of leaksConsequently, the intricacies of data movement among local devices, cloud platforms, and third-party AI systems present a convoluted landscape where accountability remains nebulous, making it challenging to pinpoint fault in the event of breaches.

Even heavyweight technology companies like Apple face limitations when third-party AI integrations are involved, as PCC can only safeguard data processing at the preliminary stageAlthough firms such as Apple and Google promise robust data protection, glaring gaps and ambiguities in these commitments remain

Advertisements

Moreover, domestic firms also show insufficient transparency regarding their data protection measures.

Regardless of their technological paths, many companies depend on a critical access point: accessibility permissionsPeng Gen, General Manager of Beijing Hanhua Feitian Information Security Technology Co., explained that such permissions were initially designed to assist individuals with disabilities in utilizing smartphones, offering functionalities across various aspects of assistance, such as visual or auditory supportThis feature can emulate user actions like clicking, swiping, or typing, effectively widening the inclusivity spectrum.

Intended to liberate users from barriers, these permissions allow unrestrained access between different apps, presenting a powerful “god mode” capability within smartphonesHowever, this elevated access also creates a fertile ground for malicious uses, where unauthorized actors can exploit it to monitor users’ screens, capture sensitive information like banking passwords or SMS verification codes, and even conduct malicious installations without user awareness.

The nuances surrounding the potential misuse of accessibility permissions illustrate the precarious nature of their existenceWarnings may appear when enabling such features, but they often do so only once and with insufficient clarity, rendering the potential risks challenging for users to graspAlarmingly, built-in applications from certain AI smartphones may operate with even greater permissions than conventional apps, operating covertly and complicating user oversight.

This leads to a dilemma: while accessibility permissions serve a noble purpose of improving inclusivity for individuals with disabilities, the extensive powers they afford can propel safety and privacy concernsThe covert mechanisms employed by AI smartphones for activation may inadvertently plunge those same safeguards into jeopardy.

Peng candidly indicated that a comprehensive defense strategy against risks stemming from accessibility permissions currently lacks adequate development

Advertisements

His advice to users is to remain vigilant, disable non-essential permissions, and regularly scrutinize permission functionalities to mitigate the risks posed by third-party applications masquerading as smart assistantsHowever, these precautions only marginally diminish the inherent risks and do not fundamentally rectify the issues.

Recent evaluations by the Compliance Science and Technology Research Institute have revealed that privacy policies for smartphones from brands like OPPO, Vivo, and Honor fail to articulate accessibility permissions clearlyThese assessments also uncovered instances of erroneous use of these permissions by certain manufacturers, details of which will be disclosed in upcoming reports.

He Bo, Director of the Internet Law Research Center at the China Academy of Information and Communications Technology, emphasized that artificial intelligence stands as a pivotal force driving this round of technological innovation and industrial transformationThe sector is presently transitioning towards a new phase marked by multi-intelligent integrations, establishing itself as a catalyst for evolving productivityAI smartphones, as vehicles of exploratory innovation, deserve acknowledgment and support.

He Bo also asserted that AI smartphones do not exist in a vacuum devoid of legal scrutiny, as existing regulations already cover relevant provisionsHowever, the proliferation of actors involved in AI smartphone technology complicates the tracing of responsibilities across various data flows, highlighting significant regulatory hurdles.

He Bo pointed out that for many regular users, comprehending the potential risks linked to AI smartphones remains challenging, particularly when it comes to the mishandling of personal data and the inadvertent activation of privacy permissionsWhile privacy policies have grown more elaborate, they simultaneously tend to become more intricate for the average user, straying further into the realm of complexity.

Compared with the previous era of app-centric privacy protections, the ecosystem surrounding AI smartphones reveals a stark complexity that includes device manufacturers, third-party models, applications, and cloud services

As noted by Yu Wei, clarifying the interdependencies and responsibilities regarding data security in this broader context is crucial.

From the perspective of Ma Liang, a professor at Peking University's School of Government Management, the AI smartphone revolution introduces profound shifts in market competition as manufacturers and applications vie for user permissions, leading to complicated discussions surrounding the definitions, control, and prioritization of such rightsHe emphasized the urgency to build consensus and formulate reasonable governance frameworks for permissions.

Xu Ke, Director of the Digital Economy and Legal Innovation Research Center at the University of International Business and Economics, concurs with these sentiments, highlighting the growing significance of AI dynamics within smartphones that could reshape traditional app-dominated paradigms.

Entitled “AI Smartphone Privacy Crisis: Security Challenges and Choices in a New Order,” the academic exchange was co-hosted by the 21st Century Economic Report and the Compliance Technology Research Institute, marking the first conference dedicated to discussions on end-side AI governanceIts convening reflects a market increasingly focused on the intersection of privacy, security, and the emerging realities of the AI smartphone era.

Industry commentators acknowledge that the challenges stemming from AI smartphones span multiple dimensionsAs AI agents elevate their prominence in our everyday lives, an essential concern remains: how can we ensure that even as AI capabilities advance, these agents consistently operate under human command, preserving the primacy of human agency? “As our relationship with AI deepens, we should reflect on a human-centered approach to these evolving dynamics,” specialists assertThis enduring matter, long overlooked, necessitates renewed exploration within institutional and ethical frameworks.