1. Technical Field
The invention relates to portable electronic devices, and in particular to a system and methods for protecting and safeguarding the privacy of information and data stored on such devices.
2. Discussion of the Prior Art
Portable electronic devices, including cell phones, wireless devices, iPods, PDA's and handheld devices, among others, have become ubiquitous in society and are seeing continually increasing widespread use. An October 2004 survey by the Pew Research Center for The People and The Press estimated that 66% of American adults own cell phones. The use of more fully featured portable electronic devices has also become more commonplace.
In response to this increasing usage, designers of portable electronic devices are offering increased functionality, and users are storing an ever-larger volume of private data on the devices. Most portable electronic device users store contact information on the device, and, many users additionally store materials such as confidential communications and proprietary documents. Storage of sensitive data is particularly prevalent in the business community, with some analysts estimating that in the near future as much as 40 percent of corporate data will reside on handheld devices.
As the ability to send, receive, and store data has increased, the risk posed by the potential loss of the data has increased accordingly. The consequences of data falling into the hands of a stranger should a device be lost, temporarily misplaced or stolen are particularly severe.
It is not unusual for persons to lose or misplace their portable electronic devices. Frequently, persons fail to ever recover the device since they cannot determine where and when they actually misplaced the device, or, whether it was stolen. For example, a person might leave the device in the back seat of a cab or in the booth of a restaurant at lunch. Perhaps the device falls out of a jacket or briefcase in an overhead compartment on an airplane. Further, and creating significant embarrassment, one might leave the device at a client's office. Still further, a car might be vandalized and a cell phone stolen. Whatever the case may be, it is quite likely that most people will lose or temporarily misplace their portable electronic device each year. Research shows that 65 percent of Americans lost their cell phones last year—and it cost $600 million to replace them.
Losing a phone due to absentmindedness is not just frustrating, though. It also causes great anxiety in the IT departments of many major corporations, because, these days, mobile phones are so powerful that most of them are mini-PCs, containing customer information, phone numbers and pricing schedules. Consequently, a lost phone or PDA may mean a data breach these days, as e-mail isn't the only application found on the devices. More mobile applications are being developed to complement e-mail, such as CRM (customer resource management) and ERP (enterprise resource planning) to make mobility and the deployment of mobile devices even more valuable for the enterprise.
One approach to safeguarding private data is storage of data at a central location. Many portable electronic devices provide an ability to ‘synchronize’ data stored on the device with data stored on a personal computer. Some wireless providers also provide centralized storage of personal data. For example, the OASYS “VIRTUAL LOCKER” (http://store.oasysmobile.com/common/about-the-locker) stores subscriber data at a centralized server. The service offers protection against the nuisance of recreating the lost data in the event of a lost device, and ensures portability of data across future device upgrades. Such approaches, however, do little to safeguard the data cached locally on the portable electronic device, and, in the latter case, the security of the data is blindly entrusted to a third party.
For the foregoing reasons, there is a need for a novel portable electronic device data protection system and methods to confidently protect data stored locally in the device that can be implemented by the owner of the device, the device service provider, or, by the device itself.