The collection and sale of smartphone location data has long been a source of controversy, especially given that most people don’t realise they are being tracked.
But there’s a fresh argument now, as location data brokers claim they can use the data to help fight the spread of the coronavirus, while privacy advocates argue this is just an attempt to legitimize the wholesale tracking of consumers without informed consent …
Background
There have been a number of revelations about just how much location data is collected from smartphones, and how assurances about privacy may be far from true in practice.
When an app asks us for permission to access location data, the privacy policy generally states that this is anonymized. However, a New York Times investigation back in 2018 found that this isn’t necessarily the case – because specific, regular journeys easily identify individuals.
[One phone] leaves a house in upstate New York at 7 a.m. and travels to a middle school 14 miles away, staying until late afternoon each school day. Only one person makes that trip: Lisa Magrin, a 46-year-old math teacher. Her smartphone goes with her […]
The app tracked her as she went to a Weight Watchers meeting and to her dermatologist’s office for a minor procedure. It followed her hiking with her dog and staying at her ex-boyfriend’s home, information she found disturbing.
The report found that such data may be passed to as many as 40 different companies, and retained for years.
A follow-up report last year found that just one database contained location data for some 12 million Americans, and the NYT was able to track the movements of identifiable people in sensitive occupations.
We followed military officials with security clearances as they drove home at night. We tracked law enforcement officers as they took their kids to school […]
We spotted a senior official at the Department of Defense walking through the Women’s March [and] to a high school, homes of friends, a visit to Joint Base Andrews, workdays spent in the Pentagon and a ceremony at Joint Base Myer-Henderson Hall with President Barack Obama in 2017.
Smartphone location data for coronavirus tracking
Location data brokers say that the data they collect can help in the fight to limit the spread of the coronavirus, reports CNET.
Antonio Tomarchio, president of CuebIQ, says it isn’t providing data directly to any government agency, but he noted the COVID-19 Mobility Data Network has been in contact with policymakers dealing with the pandemic […]
“What we’re interested in, is trends in certain areas,” Tomarchio said. “If you have a big crowd in a park, this could be an indication that social distancing is not being respected.”
Critics, however, voice three objections. First, making the collection of such data seem acceptable because it’s being used to do good.
“This is an essentially corrupt ecosystem of companies spying on people without any meaningful understanding or meaningful consent,” said Jay Stanley, a senior policy analyst for the American Civil Liberties Union. “There is a danger that we allow these companies to validate these activities and to whitewash their reputation by repurposing their data for COVID-19.”
Second, the data may not be representative of the US population as a whole.
Certain apps and devices are more widely used by affluent and younger communities, Stacey Gray, senior counsel for the Future of Privacy Forum, told lawmakers. That could leave out some of the most vulnerable segments of the population.
“This includes underrepresentation of the elderly, very young or lowest-income people who do not own cellphones, or anyone who does not own a cellphone for other reasons, such as refusal on religious grounds,” Gray said in her testimony to Congress on Thursday.
Third, location data can be faked.
Will Strafach, CEO of mobile security company Guardian, explained how it was very simple to fake and scale up with botnets using spoofed identifiers sending altered data to the trackers’ servers. This doesn’t usually happen because in the past, all that it would really affect is what kinds of ads are sent to people’s phones. But if it can affect government policy, malicious actors could take advantage of this vulnerability, Strafach warned […] “If there is someone who wanted to deprive somewhere of resources or get a lot of resources somewhere, all they would have to do is fake this data on multiple phones.”
What’s your view? Does the potential value of such data justify its collection and dissemination to government agencies? Or do the privacy flaws and risks of accidental or deliberate errors outweigh the possible benefits? Please take our poll, and share your thoughts in the comments.
FTC: We use income earning auto affiliate links. More.
Comments