You know how apps are constantly asking you if they can track your location? This may seem perfectly ordinary for, say Google Maps, which has a genuine interest in improving their mapping software by finding out how people use it. But why do magazines need to know your location? Or Spotify? Or Facebook?
They don’t, really. But gigantic databases of people’s movements are valuable commodities in the era of information supremacy, and all that location data eventually ends up in the hands of companies who can sell it to the highest bidder. The New York Times recently got hold of one such database, which holds 50 billion pings of 12 million people, and they were pretty shocked by just how easily they could use it to follow anyone they put their minds to.
But wait. Isn’t all this data anonymized? It’s not like each ping includes your name and Social Security number. Think again:
In most cases, ascertaining a home location and an office location was enough to identify a person. Consider your daily commute: Would any other smartphone travel directly between your house and your office every day?…Yet companies continue to claim that the data are anonymous. In marketing materials and at trade conferences, anonymity is a major selling point — key to allaying concerns over such invasive monitoring.
To evaluate the companies’ claims, we turned most of our attention to identifying people in positions of power. With the help of publicly available information, like home addresses, we easily identified and then tracked scores of notables. We followed military officials with security clearances as they drove home at night. We tracked law enforcement officers as they took their kids to school. We watched high-powered lawyers (and their guests) as they traveled from private jets to vacation properties. We did not name any of the people we identified without their permission.
Large gatherings can produce treasure troves:
The inauguration weekend yielded a trove of personal stories and experiences: elite attendees at presidential ceremonies, religious observers at church services, supporters assembling across the National Mall — all surveilled and recorded permanently in rigorous detail….Protesters were tracked just as rigorously….We spotted a senior official at the Department of Defense walking through the Women’s March, beginning on the National Mall and moving past the Smithsonian National Museum of American History that afternoon. His wife was also on the mall that day, something we discovered after tracking him to his home in Virginia. Her phone was also beaming out location data, along with the phones of several neighbors.
The official’s data trail also led to a high school, homes of friends, a visit to Joint Base Andrews, workdays spent in the Pentagon and a ceremony at Joint Base Myer-Henderson Hall with President Barack Obama in 2017 (nearly a dozen more phones were tracked there, too). Inauguration Day weekend was marked by other protests — and riots. Hundreds of protesters, some in black hoods and masks, gathered north of the National Mall that Friday, eventually setting fire to a limousine near Franklin Square. The data documented those rioters, too. Filtering the data to that precise time and location led us to the doorsteps of some who were there. Police were present as well, many with faces obscured by riot gear. The data led us to the homes of at least two police officers who had been at the scene.
And of course, this is just child’s play. The reporters aren’t experts in this stuff, and they had access to just one smallish database. In real life, information can be compared across databases to effectively de-anonymize the data. They know who you are, where you’ve been, what you buy, and what countries you visit on overseas trips. If the government did something like this, we’d all be outraged. But for some reason, when private companies do it we just shrug. But it can be used for more than just getting us to buy more stuff:
In one case, we observed a change in the regular movements of a Microsoft engineer. He made a visit one Tuesday afternoon to the main Seattle campus of a Microsoft competitor, Amazon. The following month, he started a new job at Amazon. It took minutes to identify him as Ben Broili, a manager now for Amazon Prime Air, a drone delivery service. “I can’t say I’m surprised,” Mr. Broili told us in early December. “But knowing that you all can get ahold of it and comb through and place me to see where I work and live — that’s weird.” That we could so easily discern that Mr. Broili was out on a job interview raises some obvious questions, like: Could the internal location surveillance of executives and employees become standard corporate practice?
Read the whole thing for more. And then consider just how many ways this data could be sold to people with goals a lot shadier than figuring out which tables you browsed at the Apple store. In the meantime, when an app asks if it can track your location, just say no. I always do.