Smile! You’re on a stolen phone’s candid camera!

What kind of jerk steals somebody’s phone? Dutch film student and former iPhone owner Anthony van der Meer decided to find out.

His investigation – and the 21-minute documentary that resulted – were initially triggered by the dreaded feeling so much of us have experienced: that of reaching into his pocket only to find it empty.

Van der Meer never did find his old phone. Apple’s Find My Phone feature proved unhelpful: all a thief has to do is remove the Sim card and reset the phone so it’s untraceable, he said.

He used Find My Phone to trace the phone for a few blocks, then it vanished off the GPS radar. That’s the last he saw of that phone.

The filmmaker also found that the internet is full of services and tutorials on how to unlock iPhones, so he knew that whoever got their hands on the phone had access to his personal photos, text messages, contacts and more. So in the end, it was goodbye, iPhone.

Hello, decoy phone, and hello, plans to cast an unwitting phone thief (or phone finder…?) in a film.

Van der Meer loaded a new phone with an anti-theft application called Cerberus. He worked with the app maker to rename Cerberus, to make it all the more undetectable. The app was tucked away in the device’s system side, where resets and Sim card swap-outs wouldn’t wipe it away.

Like other mobile anti-theft or spyware tools, Cerberus allows device owners to access any file on their phones remotely, as well as to unobtrusively trigger their phone’s camera and microphone.

Van der Meer says the toughest part of the stunt was to actually entice a thief into taking the bait. He hung out in a lobby, the phone hanging out of a backpack nearby, but nobody grabbed it. In fact, multiple people pointed out to him that he was on the verge of losing his phone.

Finally, on the subway, when his film crew’s cameras were off, not rolling as they’d been in the lobby, somebody took his phone.

Van der Meer wound up tracking, photographing, and eavesdropping on the man who’d taken the phone. Or *a* man, at any rate.

He captured audio recordings, intercepted the man’s calls to a sex hotline, and even eavesdropped on a long conversation between his surveillance target and a woman whom he overheard the man referring to as a junkie in a conversation with another person.

Are you starting to feel uncomfortable with any of this on an ethical level? I sure did when I was viewing the film, and that discomfort takes a sharp turn toward alarm at the point in the film when van der Meer physically goes to check up on his surveillance subject after the phone goes silent for a few days.

His film features a still of the man, shirtless, coming out of a house, captured before van der Meer scurries away, shocked at his subject’s aggressive demeanor. Van der Meer had, after weeks of tracking the man, begun to think he understood him. The man slept in a homeless shelter sometimes. Sometimes on friends’ couches. It all seemed so sad.

The filmmaker wound up sending data credit to the guy after feeling guilty for using up his credit, since the video recording he was surreptitiously collecting was so data-intensive.

Van der Meer himself says in the documentary that this is a gray area, ethically. After all, it’s our right to install spyware on our own devices. They’re our devices, after all, and it’s crooks’ problem if they get recorded when they’re caught red-handed, right?

As it is, we’ve seen plenty of people become the unwitting subjects of selfies snapped by lost or stolen phones. There was the case of the Australian woman who wound up reunited with her stolen iPhone, thanks to an accidental Facebook selfie taken on a beach and posted to her Facebook wall.

Was the guy caught red-handed? Well, no. Actually, after her post about it went viral, the man in the photo reached out to her, via Facebook, to apologize and tell her that he’d bought her phone from a third party, not realizing it had been nicked.

Then too there was the woman captured in a selfie looking down at a phone in a car as she tried to unlock it. How do we know if she took the phone or found it? Borrowed it from the real thief? Well, we don’t.

That’s the thing: people are presumed innocent until proved guilty. And no matter how suspicious somebody may look in a surveillance-generated selfie, they’re simply that: presumed innocent until proved otherwise.

But while we don’t know for sure if people captured in selfies by stolen or lost phones are in fact guilty of larceny, we do know that surreptitious surveillance is most certainly illegal, to greater or lesser degree, and depending on what country you’re talking about.

In the US, there are some circumstances in which it’s more or less legal to install spyware on devices – on those used by employees or your children, specifically.

But woe to those app makers who advertise their software as being suitable for catching adulterers, as in, those that don’t emphasize that it’s illegal to surreptitiously install spyware on a device without informing the surveillance subject.

For example, in August, a US court said that a man could sue a spyware company whose software was used unlawfully by a jealous spouse to intercept his messages.

Either van der Meer’s surveillance subject disappeared after the shirtless, physical encounter, or he blipped out of view from a technological standpoint, or both: Van der Meer doesn’t specify in the film.

Was the man a thief? Who knows.

Was van der Meer in the right to surreptitiously record him and track him?

I don’t know. I’m not working for the NSA.

What do you think? Please let us know in the comments section.

Note: the headline was updated on December 23 to correct the phone used