Location Tracking Apps: When Sharing isn’t Caring
Starting from a young age, we’re taught to share. It’s one of the first lessons we retain as we learn why we have to share our toys, snacks, and crayons. We carry these lessons with us into adulthood and the message behind it is that sharing is caring. However, when it comes to our data, location tracking apps take that sharing message and turn it on its head by sharing our personal information with third-parties.
What is a location tracking app?
Location tracking apps are apps used on your phone, tablet, or laptop that show where you are. These apps range from maps and fitness counters, to weather services, and local news.
You want to know the weather where you are so you enter your location. Before you go on vacation, you want to see the weather at your new destination so you know what to pack. Every time you download a location-based app or use one already on your device, you’re giving away your personal information without even realizing it. This is called location data and it isn’t always used for the greater good.
What is location data and how is it used?
Location data is information about the geographic position your device is in. Basically, where you are at all times. This data is referred to as latitude and longitude coordinates with additional attributes like altitude or elevation to create a pretty picture of exactly where you are. This data is then taken by a third-party who serves you advertisements based on where you are and what you’re doing.
Check in to that fancy ski resort on Facebook and you’ll be served ads about accessories like goggles, boots, and even gourmet hot chocolate.
Post a beach-side selfie on Instagram and tag the beach itself, you’ll notice ads for sunblock and a nearby surf school.
Go for a run using an app to track your distance and speed and you’ll get an email from a major sneaker company offering you 10% off your next purchase.
Use Google Maps to figure out the best route to get to a restaurant and you’ll not only get ads for that restaurant and others like it, you’ll also get ads for other businesses in the area.
Seems harmless, right? Think again.
How does location data get into the wrong hands?
The New York Times found that at least 75 companies get your precise location data from the apps you use that enable location services. Those 75 companies claim to track up to 200 million mobile devices in the United States alone. Using a 2017 sample from one company, The Times found that users’ travels were accurate within a few yards and updated more than 14,000 times daily. If those 2017 numbers are scary, imagine how much more advanced technology is nowadays.
Why do these companies want our data?
As aforementioned, these companies want our data to sell us everything and anything. These companies analyze our data and either use it themselves or sell it to advertisers, retailers, and hedge fund/financial institutions who are on the prowl for insights into consumer behavior. It’s estimated that sales of location-targeted ads is a $12 billion dollar market. The kicker? It’s entirely legal in the United States and most parts of the world.
Brokering your data
The companies that sell or use your data are called data brokers. Some big players like Apple and Google are trying to crack down on data brokers but they haven’t been successful in regulating location tracking app data.
App stores are vigilant about apps that use software development kits (SDKs). SDKs are embedded in apps to send app user’s location data to brokers without our knowledge. But, location data industry experts like cyber policy fellow at the Duke Technology Policy Lab, Justin Sherman, say Google and Apple are playing a tricky game of whack-a-mole with these companies because after one data collection loophole is closed, another pops up.
So, how does it work? How do these data brokers take your data?
- Apps with SDKs often belong to the data brokers themselves or your location data is sold to these brokers. Some data brokers even create their own SDKs that are sold to app developers or offered for free.
- The SDKs transmit data directly to third-parties for a price. The third-party data collectors analyze the data for insights or sell it to other another party who in turn does the same.
- Because Apple and Google can now scan apps for SDKs and look for hidden data broker influence (they don’t always succeed, hence the whack-a-mole analogy), these companies have created another way to give your data to third-parties by going directly through server-to-server transfers.
No matter how it’s done, your location data is still at risk if you don’t protect yourself (more on how to do that in a bit).
Serge Egelman, a researcher at UC Berkeley’s International Computer Science Institute says, although Google and Apple are doing their best(ish) at clamping down on data sales, government intervention may be the only solution to end these sharing practices for good. But what happens when the government is the one using your location data? As you’ll see from the affected industries we outline below, the U.S. government is a major culprit in how location data is used and why.
Which industries have been affected by data sharing?
Data sharing via location tracking apps is common in the following industries:
Criminalization: Targeting immigrants to the U.S.
In a Wall Street Journal exclusive, it’s reported that during the Trump administration’s federal agencies used cellphone location data to track immigration and border crossings. The Biden administration has also taken up this controversial process by making use of Smartlink, an app it requires new immigrant entries to the United States to use.
Religion: Pray for no data tracking
X-Mode, a company that purchases location data, bought information from Muslim prayer apps and supplied it to U.S. military contractors. Not only does this put Muslims who used these apps at risk for harassment and racist attacks, but it could also be putting a military surveillance target on their backs.
Fitness: Working out with your data
The fitness world is not immune to location app data tracking. One of the biggest examples is Strava, a fitness app that maps users’ locations. According to The Guardian, the app revealed secret U.S. military bases in places like Afghanistan, Djibouti, and Syria all because military personnel in those areas went for a run to stay in shape.
Family: Checking your data when you check in with your loved ones
Life360, a communication app designed for families to share their locations with each other, up until recently, made a practice of selling user data to any brokers who want it for a fee. The Markup reports that the app that boasts approximately 33 million users, was selling families’ whereabouts to any third-party that flashed some cash. In 2020, Life360 scored $16 million (almost 20% of its total revenue from that year) from selling location data.
Health: Tracking your contacts and your reproductive rights
As access to abortion becomes scarce in many countries around the world, in the United States, location-based apps are being used by conservative organizations to see who is terminating pregnancies and where they’re having the procedures done to take unwarranted legal action against everyone involved, even the doctors.
Moreover, contact tracing during the pandemic allowed us to see if we were exposed to Covid but it also added a new pair of prying eyes to our data as third-parties tracked it.
Want to see the true potential impact of ignoring social distancing? Through a partnership with @xmodesocial, we analyzed secondary locations of anonymized mobile devices that were active at a single Ft. Lauderdale beach during spring break. This is where they went across the US: pic.twitter.com/3A3ePn9Vin
— Tectonix (@TectonixGEO) March 25, 2020
Dating: Matching your data with brokers
Meeting your match online is easier than ever with a slew of dating apps available. These apps use your data to determine who to match you with but they also sell some of your data to third-parties. The gay/bi dating app, Bro, sold data to X-Mode and they’re not the only ones. Most dating apps use your social media tags to track your whereabouts to help determine possible matches. It’s not a coincidence that the person you matched with just happened to frequent the same places that you do.
How to stop your data from being tracked
When it comes your tech (phone, tablet, laptop), you can stop data tracking in its tracks. Android and Apple users now have the option to protect their location app data by opting out.
For Android:
- Open the App Drawer
- Go into Settings
- Open Location and enter Location Settings
- Turn OFF Location Reporting and Location History
For Apple:
- Go into Settings
- Click on Privacy
- Turn Location Services OFF
- Next, go back into Privacy
- Click on Tracking
- Turn ON Allow Apps to Request to Track
By turning off location and reporting history and asking apps not to track your whereabouts, you’re taking control of your data. For the most part, data brokers sell your data advertisers and other third-parties to sell stuff. Because we are always on our phones, companies rely on data brokers for insights into who we are, where we are, and what we want. However, as we’ve seen in the cases of religion, immigration, and health, there is a downside to your data being exposed and sold.
If an app asks for your permission to track your location, only consent if it’s something you really need. Afterwards, make sure turn location services off. Furthermore, when downloading a new app, check the fine print. While we’re generally in the habit of clicking Agree quickly and dismissing the terms and conditions and privacy policies, we should read them. These policies tell us what is being shared and with whom.
While most privacy experts say it’s almost impossible to truly stop apps from selling out data, by doing our due diligence, we can at least limit how much is shared with shady data brokers. Remember, sharing is caring except when it’s your location data.
Sources:
- https://themarkup.org/privacy/2021/09/30/theres-a-multibillion-dollar-market-for-your-phones-location-data
- https://themarkup.org/privacy/2021/12/06/the-popular-family-safety-app-life360-is-selling-precise-location-data-on-its-tens-of-millions-of-user
- https://www.wsj.com/articles/federal-agencies-use-cellphone-location-data-for-immigration-enforcement-11581078600
- https://themarkup.org/the-breakdown/2022/02/24/who-is-policing-the-location-data-industry
- https://www.hackread.com/family-locator-app-leaked-real-time-location-data/
- https://ig.ft.com/mobile-app-data-trackers/
- https://www.quadrant.io/resources/location-data
- https://www.idownloadblog.com/2011/04/22/closer-look-at-iphones-location-tracking-database/
- https://www.vox.com/recode/2020/7/8/21311533/sdks-tracking-data-location
- https://www.hrw.org/news/2020/05/13/mobile-location-data-and-covid-19-qa
- https://www.vox.com/recode/2020/2/14/21137096/how-tinder-matches-work-algorithm-grindr-bumble-hinge-algorithms
- https://safeonline.ng/communications/how-to-prevent-cell-phones-from-being-tracked/#:~:text=On%20Android%3A%20Open%20the%20App,Location%20Reporting%20and%20Location%20History
- https://www.makeuseof.com/stop-android-tracking/