Who is Tracking Your Mobile Phone?
By Doug Pollack - Article on April 12, 2018
- Cyber Security
- Data Privacy
- Identity Theft and Fraud
We couldn’t do without our mobile phones. This tiny computer goes everywhere with us, as our alarm, GPS and camera. How else would we transfer money, log workouts, store plane tickets or dictate a reminder for later? While we enjoy these conveniences, we may not fully know all that is going on in the background.
Many of the apps we add to our phone not only rely on our location to give us the information we’re looking for but also make a note of and keep a history of it. The location history created through our phone every day reveals much about our personal habits. We can adjust the settings on our phone to limit how each app accesses our location information, and location services can be turned off for many apps. But, of course, some apps – like Find My Phone or Find My Friends – always need location services on.
And to make things more complex, we don’t own our location information; it’s generated and owned by our cellular provider. This fact muddies the water in trying to keep track of our personal information. Many of these apps take our unique package of data and share portions of it in an anonymous format with third parties. A recent study shows that over 70 percent of apps relay data to at least one third-party service.
Sometimes, this process is transparent and consensual, but other times, it’s not – and when it’s not, things can quickly get ugly. When news broke that Cambridge Analytica, a political firm that worked with the Trump campaign, had used Facebook data to glean location information, personal information and even personality traits from users, the social media titan was asked to testify before Congress on its privacy practices. Facebook has gathered over the course of its existence a vast array of information, ranging from the personal information you provide in your profile to your preferences as reflected in your activity on the platform to the operating systems and devices you’re using to access your profile. Responding to outrage at their cavalier attitude toward sharing user data, Facebook has solicited comments from users on revisions to their terms of service and data policy documents, which are intended to make the policies more accessible. These new versions do tighten up the access third parties have to data, but more than anything they reveal the extent to which your behavior is monitored and collected.
How Your Gadget Could Be Your Security DownfallDownload eBook
What else happens to our location data, and what are third parties doing with it? Marketers want to find their customers. Advertisers are interested in where you go and what you do so they can geotarget you with tailored advertising when you are near their stores. They also want to know your interests and general shopping habits so they can make their products and branding more appealing to you. Data brokers like Acxiom and others work to combine data for a more complete picture of the consumer, drawing from social media, company websites and offline sources. “I’ve talked to a lot of ad tech and marketing people, [and] for them location data is the promised stuff of the future,” says Gilad Lotan, now vice president of Buzzfeed’s data science team.
We need to be aware of the potential in this extended use of location data. First of all, it has been demonstrated that an individual can be easily identified from “anonymized” location data. The data trails that we all create, when combined with publicly available data, can be almost as unique to us as our own signature. For example, if you own a home, your name and address are in public records, and when combined with simple location data, the package of information can quickly be tied to you.
It should be comforting that most of us are not special targets of surveillance, but our greater concern is to protect against identity fraud. Burglars and bad actors shouldn’t be able to trace our location, and personal privacy is an important part of our freedom. And while it’s still unclear what repercussions will come from the Facebook reveal, one thing is for sure: how companies handle customer information and how customers think about it will never be the same.
In the technology arena, convenience and cool have long been at war with security and privacy—usually with convenience and cool winning. The latest and greatest device is rarely the safest and most secure. As FBI CISO Arlette Hart has said, “[With technology], cool trumps safe.”
The world of privacy and information security has changed so fast in the past five years that most organizations are racing to catch up. Business processes, policies, and technologies all must be adapted to deal with the explosion of cyber-crime and the evolving regulatory landscape. Change is hard, but one upside of all this change is that we have learned a lot about dealing with privacy and security threats, and we can apply that knowledge to new business planning, putting privacy and security at the core of new systems and processes. When you are starting up a new business, line of business, or even a new business process, you have a rare opportunity not only to match technology and processes to today’s privacy and security requirements but to look ahead and plan for what’s coming down the line.