The app economy is built on the tacit agreement that users give up some of their data to access valuable services for free, in turn providing app developers with a prime source of revenue. Of all the data given up, location data is perhaps the most personal, as this record of day-to-day movements creates not only a diary of one’s life but also opportunities for third parties to infer everything from where one lives to what one believes. In the hands of a malicious actor, such insights can facilitate physical tracking, blackmail, the outing of deeply held secrets and more. Understanding these risks may make you think twice about sharing your location data.
Before getting into specifics, it’s important to understand how location data makes its way across the app economy. Developers of apps that require location data to function as intended — think mapping, weather, ridesharing and localized recommendations — have a few ways of making money off of raw location data. Commonly, a developer will embed a software development kit (SDK) into their app that essentially siphons location data directly to a data broker or advertising platform. Some SDKs even include the ability to track users’ locations through public Bluetooth beacons, which enable fine-grained tracking indoors. Embedding SDKs is a popular practice because it saves development work and creates a predictable stream of income that grows bigger as more people use the app. Alternatively, app developers can keep location data in-house or sell it in bulk to a data broker.