This is a remarkable seven part story led by Stuart A. Thompson and Charlie Warzel for The New York Times, which talks about what happens if we don’t consider how and which apps we are sharing our location with using our smartphones.
Stuart A. Thompson and Charlie Warzel:
The Times Privacy Project obtained one such file, by far the largest and most sensitive ever to be reviewed by journalists. It holds more than 50 billion location pings from the phones of more than 12 million Americans as they moved through several major cities, including Washington, New York, San Francisco and Los Angeles.
This first article also adds that the information of the precise location of these millions of phones dates back a period of several months in 2016 and 2017. It’s unlikely that things have changed ever since.
They can see the places you go every moment of the day, whom you meet with or spend the night with, where you pray, whether you visit a methadone clinic, a psychiatrist’s office or a massage parlor.
This is very scary, isn’t it? The fact you are constantly being monitored by caring a piece of tech in your pocket. Even scarier is not knowing whom your locations is being sent to.
EVERY MINUTE OF EVERY DAY, everywhere on the planet, dozens of companies — largely unregulated, little scrutinized — are logging the movements of tens of millions of people with mobile phones and storing the information in gigantic data files.
Things get even more frightening when apps share the data with third-party apps. In this case, our data can go down to a rabbit hole and these invisible companies can have a share of and benefit from it, meaning money. This is a really must-read piece, you can read it fully here.
One last addition to the topic, John Gruber commenting on Daring Fireball about The Times’s article:
My honest questions: What do we do about it?
Legislation? Make the collection of this sort of data highly-regulated? Is that even feasible with an internet that spans the globe?
Technical? Is there something Apple and Google can do? Should we all be using trusted VPNs all the time to obscure our location? Should Apple build its own VPN and include it with iCloud?
What apps are generating this data? Why don’t we have a list of apps to avoid if you don’t want your location tracked?
Those are genuine questions and I kinda have a feeling of frustration and powerlessness in the face of such news.
In Europe, GDPR was created to solve this type of problem, among others. Article 17 Right to erasure (‘right to be forgotten’) gives the user the right to have personal data blotted out. So if a user requires a company to delete their personal data, the company is required by law to do so.