The app economy is built on the tacit agreement that users give up some of their data to access valuable services for free, in turn providing app developers with a prime source of revenue. Of all the data given up, location data is perhaps the most personal, as this record of day-to-day movements creates not only a diary of one’s life but also opportunities for third parties to infer everything from where one lives to what one believes. In the hands of a malicious actor, such insights can facilitate physical tracking, blackmail, the outing of deeply held secrets and more. Understanding these risks may make you think twice about sharing your location data.
Before getting into specifics, it’s important to understand how location data makes its way across the app economy. Developers of apps that require location data to function as intended — think mapping, weather, ridesharing and localized recommendations — have a few ways of making money off of raw location data. Commonly, a developer will embed a software development kit (SDK) into their app that essentially siphons location data directly to a data broker or advertising platform. Some SDKs even include the ability to track users’ locations through public Bluetooth beacons, which enable fine-grained tracking indoors. Embedding SDKs is a popular practice because it saves development work and creates a predictable stream of income that grows bigger as more people use the app. Alternatively, app developers can keep location data in-house or sell it in bulk to a data broker.
With location data alone, it’s not difficult to spot an individual’s home or workplace and then find identifying details using an inferred address and publicly available information. But data brokers typically draw on other sources of information, like mobile advertising identifiers, phone numbers and email addresses, that enable them to tie the data to a real identity.
The repackaged data is then sold to any number of third parties, be they a hedge fund searching for an information edge, a real estate investor looking to identify attractive properties or a retailer seeking to analyze shoppers’ in-store behavior. However, because location data is easy to purchase from data brokers, just about any interested party can do so.
We’ve seen law enforcement organizations go this route, most notably with the Department of Homeland Security buying access to smartphone location data to investigate illegal border crossings and track migrant groups. There’s very little stopping foreign intelligence services from using a front company to purchase such data. Nor is there much to stop clients from freely sharing the data they access. And then there’s the issue of data breaches, providing yet another opening as hackers look to use the data for their own economic ends.
When smartphone location data is in the wrong hands or just freely available for scrutiny, the results can be devastating.
One risk is getting singled out for monitoring. It’s not uncommon for police departments to use bulk data collection to track protesters, as they did in places like Ferguson and Baltimore. Police departments have also taken to using reverse search warrants, typically directed at Google, to try to locate individuals who happened to be near the scene of a crime. One such case in Arizona resulted in a man being wrongly arrested based largely on location data supplied by the tech giant. Location data can also illuminate individuals working in a secretive capacity for a company or agency of interest to a foreign intelligence service, opening the door to targeted surveillance.
For those deemed a target, location data can also help outsiders identify those in the individual’s circle of trust, with frequent physical contact highlighting close family members, friends, colleagues and associates. Because the target is most likely to share any valuable nuggets of information with these close contacts, surveilling them can yield direct conversations with the target as well as any information that’s reshared after the fact.
For situations in which location secrecy is of paramount importance, such as a known M&A executive scouting an acquisition target, smartphone location data can reveal protected locations to the world. A famous example involved the popular fitness tracking app Strava, which published a heat map that unwittingly revealed the locations of American military bases and patrol routes.
Another danger is that location data can be used to physically track an individual, as it reveals the person’s pattern of life — their home, their workplace and any other locations they may happen to frequent in any given week, along with the timing of such visits. For a kidnapper seeking to abduct a high-net-worth individual or a stalker looking to chase down their victim, it may be less risky to make contact at the target’s favorite lunch spot or preferred grocery store than at their home or place of business.
Beyond the locations themselves, inferences based on an individual’s one-time or regular visits can yield insights into their more embarrassing habits, preferences and struggles, and these can be weaponized for blackmail or public attacks. Consider the potential damage of broadcasting a politician’s recurring trysts with an assumed prostitute or a famous actor’s visits to a drug rehab center. But the victim need not be a public figure. Recently, a Catholic priest was publicly outed by a newsletter that used location data ultimately tied to Grindr. The publication was able to pinpoint which device belonged to the priest based on pings at his residence and other known locations, and then tracked that device to various gay bars.
And then there are future use cases for location data, some of which we can’t currently imagine given existing technology or norms. One possibility is that individualized underwriting for health or life insurance can tap location data for insights into risky behaviors, perhaps revealing a penchant for fast driving, sky diving or eating at fast food restaurants, ultimately translating to higher premiums.
While we can’t control what happens to our location data after we share it with an app, there are a few things you can do to keep your location data private. At a minimum, make sure to only allow your smartphone’s location to be used by apps that you trust, and only when the request is necessary for desired app functionality. If the use of location is necessary, only allow the app to access your location while you’re actively using the app. And if precise location isn’t necessary, as is the case with a weather app, choose to share only your approximate location.
Beyond app permissions, when traveling you can disable your device’s location services, which uses GPS, nearby cell towers and known Wi-Fi networks to determine your location, and you can shut off any radios that can be tapped for location data, including cellular, Wi-Fi and Bluetooth. For extra protection or simply as a convenient alternative to manipulating software settings, you can employ a Faraday case to shield out any such radio signals when on the go.
When it comes to location data, many smartphone users assume that they’re safe for any number of reasons, perhaps because they think they have nothing to hide or that their data will get lost in the noise. The truth is that location data can paint an incredibly vivid narrative of a person’s life and there’s very little to stop outsiders from accessing this narrative and exploiting it for their own ends. Only after accepting this can we make informed choices about whether and how we share our location data.