Mobile phones may have the technology to listen in on your most private moments, a Queensland researcher said it is “absolutely possible” and a Sunday Mail experiment revealed a link between what you say and the online ads that appear on social media.

Apple to launch privacy campaign in Australia, in a move widely seen as a jab at Google, Facebook

Digital platforms: wide support for ACCC’s proposals to limit Google and Facebook dominance

Twitter, Instagram, and Facebook prepare to change privacy rules to meet strict new laws

In what could be proof of a growing online nightmare, The Sunday Mail noticed ads through social media after giving mobile apps access to the microphone setting – a tool needed for most social media apps to communicate through videos, phone calls and more.

It’s a conspiracy felt around the world, with many users noticing strange coincidences between what they talk about, and the ads they see on their phone.

Facebook flatly denies using a user’s phone microphone to target ads or change what appears in its newsfeed.

“Some recent articles have suggested we must be listening to people’s conversations in order to show them relevant ads. This is not true,” a Facebook Australia spokesman wrote.

“We show ads based on people’s interests and other profile information – not what you’re talking out loud about.”

Facebook said it only accessed one’s microphone if they had given the app permission, and if they were actively using a specific feature that requires audio, like calling people on Messenger.

University of Queensland chair and director of cyber security, information technology and electrical engineering Ryan Ko said while there was no hard evidence, it was “absolutely possible” apps could listen in.

“This is the possibility and the potential there, basically if you have clicked on ‘yes I agree’ you’ve basically have given up the rights to be recorded,” he said.

Prof Ko and his research team say this is a “hot topic” in research right now, and have been working on this very topic for nearly a decade, they are hoping to give users back the control of their data and privacy, aiming for a “kill switch” on their data.

He believes the kill switch on data is not far off and could be introduced in the next five to 10 years.

The Sunday Mail put the conspiracy to the test by staging conversations about key topics that had not been previously searched for on those devices or linked to accounts.

In one example, a conversation about vasectomies prompted an online ad for the procedure within half an hour.

A Facebook Australia spokesman said it could be that the male colleague was the target audience for the advertiser.

Sponsored advertisements for Bali came up after specifically having conversations on looking into booking a trip – an Instagram ad for phone cases appeared after discussing needing to find a new case.

Interestingly, an ad for cyber safety with tips on how to stop hackers appeared within 20 minutes of discussions with cyber experts for this article.

Associate Professor Peta Mitchell from QUT’s Digital Media Research Centre specialises in digital media use and geo privacy and believes it is unlikely apps routinely listen to and record audio through the microphone because of how data-intensive the constant recording and analysis would be – but did say location services has become a “big privacy concern”.

“A lot of completely innocuous apps, particularly things like weather apps, where you might turn location services on to make it easier for you to find out what the weather is are then sharing or even on selling that location data to third party companies for marketing and various things like that,” she said.

“It happens all the time.”

She said there is a “whole pile” of third party location intelligence companies that harvest data from various apps and services that mobile phone users give away by turning on location services.

Dr Mitchell said companies will say it’s anonymised data, but said there are still grave concerns around this.

“If you’ve got an anonymous user who’s at a location at a particular time – and this is absolute geographic coordinates – and they are leaving from this absolute geographic location at 7 o’clock each morning and returning at 7 o’clock each night, you know where that person lives and it’s not hard from that point to make that data not anonymous,” she said.

“So much of the advertising that you get via free apps is through location based advertising that you’re giving away your location in order to use these apps and services for free and they’re serving that content to you, but they’re also on selling it to other people as well.”

She said even though some apps are free “you are paying for it one way or another” with giving away your location and thus privacy.

Dr Mitchell referred to a current case in the United States where The Weather Company (TWC) is being sued by the City of Los Angeles for using the Weather Channel App to harvest location data from users and sell the information without users’ informed consent.

She and an international team of received an Australian Research Council Grant to look into location awareness on an Australian scale, and will be kicking off a survey in a matter of weeks to determine how mobile phone users feel about their location privacy.

Apple’s website says apps “must request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity”.

“This includes any use of the device camera, microphone, or other user inputs.”

iPhone users can check which apps they have granted permission to access the microphone by going on Settings > Privacy > Microphone.

Apple also advises users to use location services in their app only when it was directly relevant to the features and services provided by the app.

The website also states “ensure you notify and obtain consent before collecting, transmitting, or using location data”.

CONVERSATION TOPICS

* Flights to Bali — ad came up on Facebook within hours

* Discussions on needing to buy a new iPhone case — ad came up on Instagram within hours

* Discussion on vasectomies — ad came up within minutes on Facebook

* Cyber safety alert — ad came up within half an hour of talking to cyber experts for this story

HOW TO STOP IT

* Always update your phone and apps to the latest version. Lots of spyware use known mobile phone vulnerabilities which are usually removed or patched by the latest software updates.

* As much as possible, if not using navigation apps, turn the phone’s location services off.

* Look at the list of apps with access to your microphone and camera. If there is anything amiss, turn off the access or uninstall that app.

* Before you agree to install an app, understand the features the apps request and their reasons. If they request access to the microphone, with no need for that, uninstall that app.

* Before installing an app, search for other users’ experiences of it with regards to privacy.