Your Phone Isn’t Safe Right Now

Summary of Your Phone Isn’t Safe Right Now

by Sarah Adams

27mMarch 20, 2026
Listen to Episode

Overview of The Watch Floor

Host Sarah Adams addresses growing concerns about phone and app security for Americans overseas amid rising geopolitical tensions (notably related to Iran). The episode explains how everyday apps and devices create exploitable location and behavior data, shares real-world examples of misuse, and gives a focused, practical checklist of steps to reduce risk when traveling or living abroad.

Why your phone is a security risk

  • Smartphones, apps, wearables, and trackers produce repeated GPS pings, geotags, timestamps and other breadcrumbs that can be aggregated to produce a “pattern-of-life” profile (who you meet, where, when, routine movements).
  • Data brokers, malicious actors and even state-level adversaries can exploit that aggregated data to target individuals or facilities.
  • Real-world examples highlighted:
    • AirTags and small trackers used for stalking—reveal location and routines.
    • Dating apps used by hostile operators (e.g., fake profiles in conflict zones) to gather intel and set up targets.
    • Strava heatmap incident: aggregated fitness data revealed positions and routes of military personnel and covert facilities.
    • “God View” (Uber): internal misuse of rider location data to stalk journalists and ex-partners.
  • Core lesson: Convenience = data exposure. Multiple data sources combined become far more dangerous than any single source.

Actionable protections — what to do (detailed)

App-level hygiene

  • Turn off location services globally and then individually for every app. Don’t rely on defaults.
  • Disable background/location access; set navigation apps to “only while using.”
  • Remove geotags from photos and videos before sharing. Check camera metadata settings.
  • Delete non-essential apps—especially fitness, dating, and ride-share apps—when overseas.
  • Audit and tighten app permissions: microphone, camera, contacts are high-risk permissions.
  • Avoid posting check-ins, routines, or “friends-only” location posts—if accounts are compromised, that data leaks.

Device and connectivity best practices

  • Use a local economy phone and local SIM when possible (recommended). An American phone/SIM can be identifiable.
  • Keep work and personal lives on separate devices; do not cross personal/work accounts.
  • Enable multi-factor authentication (MFA) on email, banks, cloud storage, and other critical accounts.
  • Avoid public/free Wi‑Fi networks. If you must, be cautious—VPNs provide protection but are not foolproof.
  • Turn off Bluetooth when not in use to prevent passive tracking.
  • Keep OS and apps updated.

Data management & backups

  • Back up critical documents offline (encrypted USB/hard copy) and keep hard copies of vital contacts (banks, embassy, medical).
  • Regularly audit and delete old contacts and apps that store historical location or payment data.
  • Download and review your platform data (e.g., Google Takeout) to see what historical traces exist—airplane mode does not remove stored history.

Behavioral discipline

  • Don’t click unknown or “juicy” links; phishing increases during crises.
  • Watch for signs of compromise: unexplained battery drain, repeated sign-in requests, apps you don’t recognize, or app crashes—act (delete app, change passwords).
  • Minimize device usage and social communication cadence when in high-risk areas—use devices only as needed.
  • Use end-to-end encrypted messaging where appropriate, but recognize metadata risks and that no system is perfect.

Quick travel checklist (do this before and while overseas)

  1. Remove non-essential apps; keep only mission-critical apps.
  2. Turn off global location services; remove per-app access.
  3. Disable Bluetooth; set navigation apps to “only while using.”
  4. Separate work and personal devices (if possible, carry two phones).
  5. Use a local phone and local SIM where feasible.
  6. Enable MFA on all critical accounts.
  7. Back up important documents offline and keep hard-copy emergency contacts.
  8. Avoid public Wi‑Fi; if used, treat VPN as limited protection.
  9. Regularly audit battery usage and sign-in alerts; delete suspicious apps immediately.
  10. Avoid posting routines, check-ins, or sharing live location.

Notable lines & insights

  • “Convenience comes at a cost.” — A reminder that functionality often requires data collection.
  • “Discipline, awareness, and the proper management of your devices is just another tool that protects you.” — Digital hygiene framed as personal safety, not paranoia.

Final takeaway

Phones and apps can unintentionally reveal detailed, actionable intelligence about you. Simple, repeated steps—turning off/limiting location, minimizing apps, separating devices, enabling MFA, avoiding public Wi‑Fi, backing up critical data, and exercising disciplined behavior—significantly raise the effort required for an adversary to compromise you. In high-risk environments, these precautions aren’t optional; they can make the difference between safety and serious harm.