Location-Tracking Services: Why You Should Think Twice

Location, location, location.

The three most important keys to retail success are also the most important ones to your privacy in the 21st century. Which is why you should be keeping a watchful eye on all those big corporations that are keeping a watchful eye on you -- like Google, Twitter, Facebook, AT&T, Verizon, and Apple, to name a few.

All of these companies have recently added (or are on the verge of adding) location-centric services. Twitter can now not only tell what city I'm in, but what neighborhood (and I don't live in a very big place). Apple just made headlines thanks to its new iPhone privacy policy, which as the Los Angeles Times notes, lets it collect

"...the "precise," "real-time geographic location" of its users' iPhones, iPads and computers.

In an updated version of its privacy policy, the company added a paragraph noting that once users agree, Apple and unspecified "partners and licensees" may collect and store user location data.

When users attempt to download apps or media from the iTunes store, they are prompted to agree to the new terms and conditions. Until they agree, they cannot download anything through the store."

Gowalla, FourSquare, Loopt, and all the others that let people check in with their locations or use their handset's GPS to connect with their peeps are just acquisitions waiting to happen. I predict within two years the small fry will be swallowed up by the big fish or driven out of business. (Not that my crystal ball is 100 percent accurate -- it's closer to a Magic 8-Ball. But just you wait and see.)

Now, before I go all Big Brother on you, here are a few caveats. Most of this location tracking is voluntary. I don't have to let Twitter know where I'm tweeting from or check in obsessively with my peeps on FourSquare. And much of the data gathering, like Apple's with the iPhone, is done anonymously (at least in theory -- I'm sure if Apple can deliver a specific ad to your cell phone based on your location it can ID you if it really needs to).

Why should you care? Well there are a few reasons. One is whether you welcome the idea of getting ads sent to you based on your location in meatspace (ie, real life) as opposed to virtual space. That's pretty minor. Apple will let you opt out of targeted ads (though not out of location tracking). Many people may even find targeted ads a convenience.

The problem with data collection like this is almost always the secondary, unanticipated uses of the data. One example is what happens when a company that collects your location data goes out of business or is acquired. Any agreement it might have had with you vis-a-vis privacy is essentially moot. And when Internet companies go out of business, their data is often their only tangible, valuable asset.

So, conceivably, the company that tracks how often you go to Mickey D's might end up selling that information to your health insurance company. Expect your rates to rise accordingly.

Still, that's nothing compared to what happens when the authorities or a particularly aggressive divorce attorney gets ahold of this information. That's when the fecal material hits the rotating blades.

Here's an instructive anecdote. Back when I was writing a book about privacy with an awful title that nobody bought ( Computer Privacy Annoyances, still available at Amazon, amazingly enough) I had a conversation with someone at the New York State Department of Transportation about their E-ZPass program, which used RFID tags to let drivers to pass through the toll gates on bridges and tunnels without having to stop and pay. Their cars were automatically ID'd by sensors and their owners charged a monthly fee. The cars' comings and goings were recorded and stored by the DOT.

I asked how many times the DOT had received legal orders requesting E-ZPass location data. The woman I spoke to told me it had happened about 250 times in 2003 -- twice as many as the previous year -- and the DOT provided that information in roughly half those cases. This only came to light because I found a news report about four NYC cops who got fired for being clocked in at work in Manhattan when they were actually at home in New Jersey. The E-ZPass data was how they got caught.

This was one state, back in 2003. Imagine the wealth of location data available to legal authorities now. At this moment a Federal Appeals court is determining how much location data cops can request from wireless companies, and if they even need a subpoena to get it. Congress is mulling new location privacy protection laws (though if past laws are any indication, don't expect much protection from them).

Sure, location based services are cool. It's a heckovalot more convenient to use your phone's GPS to locate the nearest Thai restaurant or gas station. If you're stranded, they could help save your life. But there's a dark side to them most people don't think about. What kind of location information are your service providers storing about you, and how long do they hold onto it? Those are two questions everyone should ask before blithely clicking Yes on a terms and conditions tick box. Your liberty may depend on it.

ITworld blogger and occasional book author Dan Tynan is somewhere at the moment, but he's not telling. You'll have to settle for checking out his eSarcasm geek humor site or following him on Twitter: @tynan_on_tech.

Subscribe to the Daily Downloads Newsletter

Comments