Most consumers are aware that their online activities are being constantly monitored by various commercial interests. We’re made aware of it, for instance, when we access a website to research a certain product—and suddenly we’re deluged with ads promoting similar products. Our activities are tracked and collected by data marketers, which then enable advertisers to immediately target us with ads matching our demonstrated interests.
This process reaches another level of precision and effectiveness with cellphone apps, some of which we download and some of which are preloaded in our phones. Along with the useful services they provide, these apps collect data on us and our behavior. Like website cookies, they can track a user’s shopping habits and browsing history. But they can also obtain data regarding a user’s operating system, device type, gender, age, and—importantly—geographical location. Many consumers are not aware that app publishers enhance their revenue by granting access to in‑app advertisers, which use the data collected to target prospects with precision. Their efforts are greatly enhanced by the ability to monitor the prospects’ movements.
Cellphones have built-in GPS and Wi-Fi chips that can determine your location with great accuracy. Your phone is constantly pinging the nearest cellular data tower to afford you the connectivity you need and rely on. By a process of triangulation, that enables the cell companies and others to locate your phone at any given time. In addition, with Wi‑Fi enabled, your phone will ping the nearby Wi-Fi networks, including those of local businesses. Those businesses can then solicit you with ads for products and services you didn’t ask for.
Consumers are generally familiar with these activities and accept them—however warily. By using the services their phone apps provide, they can gain useful information that would have been hard to get otherwise. As an example, imagine that you are traveling through an unfamiliar city and decide to stop for dinner. You use your favorite app to search for restaurants in the vicinity. Immediately, a slew of options appears on your cellphone—complete with photos, customer reviews, and menu listings. Functions like this provide consumers with an unprecedented level of convenience, so most are willing to surrender some privacy to take advantage of it. They realize that data marketers are gathering some of their personal information, but it seems harmless enough. Unfortunately, that’s just the tip of the iceberg.
Data marketers aren’t just using your location to help you find the nearest restaurants or gas stations. They’re tracking your movements from the moment you wake up and using that data to form a profile of you. By knowing the stores you frequent, how long you spend at each one, and the neighborhood you live in, they can tell a lot about your preferences, your age, and your income level. They can then market that information to other commercial entities that target you for ads.
That should be enough to make most people slightly uncomfortable. But it gets worse.
Cybercriminals have devious ways to hack into personal cell phones. For example, some create fake Wi-Fi networks to gain access to consumers’ personal information. Others will transfer a victim’s device to their own account in a process known as SIM swapping. Some target consumers with phishing emails or texts. With access to a person’s cellphone data, they can create fraudulent financial transactions and effectively steal a person’s identity,
Stalkers with Spyware
Having one’s identity compromised is bad enough. But imagine your personal information—including all your movements throughout the day—falling into the hands of a stalker. That’s the stuff of nightmares. And for many, the risk is not theoretical. A study conducted by researchers from Cornell University, Cornell Tech, and New York University documents the threat posed by spyware in the hands of people with bad intentions toward a partner or acquaintance. Computer Security and Privacy for Survivors of Intimate Partner Violence identifies dozens of spyware apps that stalkers have used to harass their victims. There are also “dual use” apps that serve legitimate functions—such as allowing parents to keep track of their children—but can also be used for nefarious purposes. Some stalkers gain access to their victims’ phone systems surreptitiously. And sadly, other victims offer that access willingly to people they’ve trusted. In either case, with a victim’s location data, a stalker can track their every move.
As troubling as that prospect is, cellphone tracking carries a potential threat that’s even more ominous.
Is Big Brother Watching?
Civil liberties advocates have often raised concerns about the potential abuse of cellphone data—particularly geolocation data—by government entities. The pervasive presence of surveillance tools in modern life is a troubling issue for people of all persuasions. Like most technological innovations, the ability to track individuals’ movements through their cellphones has a good side and a bad side.
Law enforcement and other agencies can legitimately access a person’s cellphone data after obtaining a search warrant. In that regard, the data is considered like any other personal property—subject to privacy rights unless there is “probable cause” of criminal activity.
However, according to a 2002 article by Johana Bhuiyan in The Guardian, law enforcement agencies often obtain personal data from tech companies simply by asking for it. The companies, not eager to run afoul of authorities, are only too willing to comply. Seizing on this phenomenon, hackers have achieved the same results by posing as legitimate agencies and making “emergency” demands for private data to tech companies.
A larger concern is the prospect of formal liaisons between private data curators and government entities. A recent Wall Street Journal article noted the existence of several data brokers and advertising agencies that have funneled private data to government agencies through an India-based company called Near Intelligence. That company has reportedly had license agreements with various government contractors including Sierra Nevada, Aelius, and Bazze. As these activities have come to light, the companies have sometimes backtracked or disavowed any inappropriate conduct.
However, these revelations highlight a troubling trend and the broader concern remains: How can society protect individuals’ privacy while preserving the benefits of technological innovations such as cellphone tracking?
These issues will persist until government and company policies coalesce to find equitable, workable solutions.
