I have written before about how our smartphones are ratting out our location, using GPS and even just cell tower location information. The New York Times recently published a story that followed a woman throughout her day and discovered that her location was collected over 8000 in a single day. From the location database they purchased from a location data broker, they were able to track her from her home, to the school she worked at, then on to a Weight Watchers meeting, a doctor’s office, a dog-walk, and an overnight stay at her boyfriend’s house.
This location data is collected by almost every smartphone app you have on your phone, including apps like GasBuddy and The Weather Channel. This information is sold to information brokers, and purchased by retailers, marketers, and even lawyers and doctors looking for new clients.
For example, over the holidays, I signed up on SnapChat because my son said that’s where our grandson’s pictures will be. SnapChat wanted access to my location (of course), my contacts and my pictures and videos, and the ability to send and read SMS messages. This app also seems to be another online rabbit-hole, where the pictures go in but cannot be saved elsewhere. I am not liking that feature either. What if Snapchat goes belly-up? How do I get those pictures of my grandson?
There are at least 70 companies providing this information, and they are collecting it from hundreds of app developers. Thought that free app was free? They can make more money selling your location information than they could selling the app for $5 per user.
The Times detailed methods to defeat or disable location tracking on Android and iPhones, but basically you need to get into Settings, Privacy, Location, or Security and Location. You will also need to disable location on the individual apps as well. My advice is to be stingy when an app asks to share location or other information. Say NO unless it is absolutely necessary.
The good news is that ATT and Verizon have recently announced that they will no longer be selling location data. This does nothing to prevent app developers from selling the information they are collecting. Senator Ron Wyden of Oregon is trying to legislate our way out of this mess, but this is a $12 billion dollar business and I have doubts that any legislation that might solve this problem will ever make it through Congress.
More information:
- New York Times – Your Apps Know Where You Were Last Night, and They’re Not Keeping It Secret
- New York Times – How to Stop Apps From Tracking Your Location
- Sophos Naked Security – Phones are selling location data from “trusted” apps
- Ars Technica – Verizon and AT&T will stop selling your phone’s location to data brokers
JAN
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com