The article assumes that the location data must have been collected because he gave an app permission to access his location. I bet they couldn’t figure out which app it was because it wasn’t an app.
Cell service providers can and do track your cellphone location. All they have to do is measure the signal strength of your cellphone at different towers, and they can triangulate its position.
I’m not familiar with other locations, but in the US, you only have the choice between three cell service providers. All of them admit to selling their own customer’s location data to third parties in their Privacy Policies.
Remember, you’re paying for these services. But they still sell you out.
I seriously recommend you read the privacy policy for your provider. It seems they collect as much data as possible (not just location, also browsing history and a whole host of other metrics) and share it with as many different parties as possible.
If you are using a cellphone, your location is being tracked. Period. You can’t avoid it. Even TOR isn’t gonna help you.
> The article assumes that the location data must have been collected because he gave an app permission to access his location. I bet they couldn’t figure out which app it was because it wasn’t an app.
I worked on this story (and the others, we're still publishing [1] [2]).
The dataset we bought from Tamoco didn't contain an app name for most of the data. So instead of guessing, we're open about the fact that we don't quite know. Which is sort of the issue here – there's not a lot of transparency around what is collected and by whom.
The Norwegian Data Protection Agency (DPA) has opened an investigation into Tamoco [2] after our first story, and they want to cooperate with the UK DPA.
You should search the dataset for government building coordinates to deanonymize politicians and that ought to really be a scandal worthy of legislation against mobile tracking once you air their dirty secrets e.g. suspected infidelity, leisure trips to brothels, etc.
Having access to original NRK data, is it possible to deanonymize more people (try to check your home address, NRK HQ, etc), and ask them for a list of installed apps to check if all have one in common? Although it's questionable from privacy point of view, so probably better to pursue it in legal ways.
I’m cautious about what apps and services get access to my location and I feel like I have good control, but I don’t really have any idea of how carriers like Telenor and Telia handle my location data. Are you planning to touch on this or investigate it in the upcoming articles?
>We may de-identify or aggregate information so that Verizon or others may use it for business and marketing purposes. For example, the data we aggregate might be used to analyze, personalize and improve our services, to provide business and marketing insights to others and to help make advertising more relevant to you. You have choices about some of these uses
From AT&T:
>Equipment Information includes information that identifies or relates to equipment on our networks, such as type, identifier, status, settings, configuration, software or use.
Location Information includes your street address, your ZIP code and where your device is located. Location information is generated when the devices, Products or Services you use interact with cell towers, Wi-Fi routers, Bluetooth services, access points, other devices, beacons and/or with other technologies, including GPS satellites. [...]
We may share information with AT&T affiliates and with non-AT&T companies to deliver or assess effectiveness of advertising and marketing campaigns
That kind of triangulation is nowhere near precise enough to reveal the data shown in the article. This is GPS data which the provider does not get.
Remember that many people ‘have nothing to hide’ so they turn on services like Google Latitude. Then later they’re al surprised when their data is sold to the highest bidder.
This describes how mobile communication work, since mobiles appeared in the 1990s. The phone network has to have (at least) block level accuracy on every phone, otherwise it doesn't work.
Of course it can do much better than that (building level is definitely trivial). The previous comments thread on Hacker News has more details, including some explanations on correlating movements of people to trace every individual one came across and the relations they have. Scary stuff.
GPS is more accurate of course (10 meters or less), but it requires the phone to run a spyware application and drains the battery, unlike simply having a phone that's on.
> That kind of triangulation is nowhere near precise enough to reveal the data shown in the article
You don't have to speculate, the article does state the method:
>> All modern mobile phones have a GPS receiver, which with the help of satellite can track the exact position of the phone with only a few meters distance.
>> The position data NRK acquired consisted of a table with four hundred million map coordinates from mobiles in Norway. A number in the table led us on the trail of Karl Bjarne Bernhardsen.
I think the general observation is that they (government, cell providers, 3rd parties to whom this is sold) have access to most GPS data and all cell tower triangulation data; the latter they have however often it is set up to be recorded.
So what is the connection between the GPS points and the cell triangulation? How does having the cell triangulation data lead to having the GPS points? The parent claims the providers can magically access the GPS receiver in the handsets. But they really cannot, so the providers only have coarse data that cannot be used to track people on this level. The data is from another source, not the provider.
It’s much more likely the user agreed to install an app that is recording his location information.
Not exactly. In cities more towers are placed together to give better coverage (for 5G this is a must). Triangulation can then be as accurate as 30 meters.
If you then have a dataset of lets say 100 points around a location you can estimate the exact location even better.
> Remember that many people ‘have nothing to hide’ so they turn on services like Google Latitude. Then later they’re al surprised when their data is sold to the highest bidder.
Do you have any proof that Google does exactly this?
I don't like Google at all (anymore) but I thought Google was somewhat ok in that they never sold my raw data points even if they would sell accesss to place an ad to "visitors who have been at this geographic location recently".
Yes. I had it more than once where I purchased an item from a store and, about 10 minutes later, I received a coupon for a discount at the very store I just made the purchase. It happened to my wife as well.
After the second time that happened, I disabled location in my phone settings and only enable it if I have a specific need for it. I have not received any "spontaneous" coupons since disabling locations.
The example is to illustrate that people are fine with giving away their data. Google Latitude no longer exists and I don’t think Google sells data like that, they analyse it themselves. But other services do.
1. Fine. But then one shouldn't single out one company that maybe doesn't do this. I was honestly interested in knowing if they were caught red handed but so far no references to that.
2.The function (at least the parts I used) now exists as part of Google maps.
I’m not sure if Google would sell user’s location data to advertisers since Google is an advertiser. But they definitely record it for themselves, and the government has access to it as well.
Even pulling out the sim wouldn't help. Without sim the phone can do emergency calls, so the phone is still connected to a network (afaik).
My paranoia is fulfilled with switching the phone off (before leaving home), but others would rely on removing the battery. Snowden recommended putting it in a fridge.
Tracking it and disclosing it only upon a valid court order is one thing. Selling it to anyone who asks (or even leaking it for free) is another thing.
There are ways to try to stay hidden, like having one stationary and VPN to it from the second one; using a burner second/third/fourth/...-hand phone for the second, etc.
> In order to connect to the VPN, you must connect to the cell towers, which reveals your location.
It reveals the location of an anonymous SIM with no readable traffic, connecting to an unknown (if you use Tor) and also stationary and anonymous device, which might be planted in any random school, library, workplace...
> And no matter how many burner phones you use, as soon as you visit your home address, your identity is compromised.
Of course - don't do that with the phone on :) that's the basics, isn't it?
Interesting twist on that - the EU has gun regulations, but Czechia made a law that every licensed gun owner in Czechia constitutes a part of the national defense. Sweden has a similar thing, where people in the reserve can have a fully automatic submachine gun. But it's limited to people with an explicit reserve status and the proper training, gun safe etc and further limitations, plus in practice it's not common anymore.
Trust me, if the EU was to interfere with gun ownership here, Czechia would be out the next day. There was a little sign of such thing and a huge protest was planned within days, forcing the politicians to consider protecting gun ownership/carrying in the constitution (not yet done, but still on the table)
Many of the apps that sell your location use location as a critical component of the experience. Apple and Google added a permission last year - only allow access to location when app is running (in the foreground). That change has made a dramatic reduction in the amount of location data available.
Ultimately, free is the culprit. People like to navigate, buy stuff online, see things on a map, get local weather, and so on - especially if it is free. The old adage about if it is free, you are the product probably applies.
Airnb and the cell provides are good examples [1],[2].
The cell provider location data is the most insidious. They add noise to it, but the central limit theorem is a real thing and people who buy the data are aware of that.
I’m aware of what the central limit theorem is, but I’m confused as to what you mean here. Do you mind clarifying? It sounds like you’re saying the CLT leads to deanonymization. I don’t see how the two are related.
Take several measurements and average them. The variance scales like 1/n_samples, which can take you from city-block resolution to building resolution quite rapidly.
There are conditions for the central limit theorem to hold though. One can generate random noise which violates them. It's certainly hard to guarantee privacy, but it's not trivially easy to hack if they're halfway smart about it.
Correct. This "if the product is free, then you're the product!" thinking needs to go away. The reality is numerous companies sell your data today, regardless if you're paying for the service or not.
It is possible for two things to be true at the same time. You are right, there are paid apps that sell location data to brokers... but the vast majority are free apps that rely on mass monetization of users for their income.
Being a user of free applications and services does not automatically give corporations the right to exploit people by collecting and selling their personal information without consent.
Ironically, the data of paying customers is even more valuable. Spending money on these things is probably a great way to make them pay even more attention to you. For example, mobile game companies seem to know everything about their big spenders and I've read that some are in direct contact with those players.
that's the point, they "gave consent" via the terms and conditions checkbox, and this is upheld in court since the user knew they were getting the service for free. Few countries have kept up with their laws to protect consumers from this.
> Few countries have kept up with their laws to protect consumers from this.
Seems to be a US thing. Apparently people can give up their rights and consumer protections by agreeing to a contract. Naturally, these "you agree to not exercise your rights" clauses have become standard in privacy policies and terms of service. In many other countries, a judge would simply invalidate the abusive clause.
Very few people are going to take this to court though. Regulators need to establish rules and proactively enforce compliance in order to bring about change.
I think the problem is developers/companies only have so much time/resources, and figure that x people might pay for an app/service, but 100x will use it if it's free (with other monetisation strategy), then why bother coding & interfacing with a payment system (and this starts to get convoluted and require and entire department handling payment and tax issues across different countries and jurisdictions) for just 1% of likely users?
Not saying that's the right approach, but that's probably how the thinking goes. Billing is certainly easier than it used to be (that's what the 30% app store cut is for), but can still get convoluted, and might have the perception of being convoluted.
Some do. I pay to remove ads from the wunderground app which IBM claims means they don't sell my data. Not sure if believe them, but at least I don't see ads.
Sort of. The real question is: how much does Google make with their free ad-driven model? You'd have to beat that with a paid model (taking into account the reduced userbase as a result of increasing the perceived price).
Also there is genuine value to having $0-cost high-quality maps, Internet search, translation, and many many many other things available to the general public, worldwide. I don't think you could match that same level of public benefit with a paid-only product.
This is one of the reasons why I'm generally not OK with "anonymized" data collection without an explanation of how it's being anonymized. It's almost always easy, often trivially easy, to correlate the data together and basically get a perfect recreation of whatever the original data was back.
Anonymization in the data reselling industry is often some form of md5(lower($email)). It's a joke. They even do that for extremely small search spaces like phone numbers. It's still provided at the individual user-level and even if the anonymization is done in a way that's irreversible, you only need to know a single event for a given person and you now have their entire history.
For example, there's a popular email client that scrapes people's inboxes and sells their purchase history to anyone willing to pay. That purchase history is provided on an individual email level and is "anonymized". But if you know your target has this email client installed and you know a single purchase (e.g. a coworker saying "Oh, I bought this awesome coffee maker on Amazon last night!") you can now access their entire individual purchase history backward and forward.
Yeah, it's not just emails of course. You can do it with web traffic data. You can do it with credit card data. You can do it with geolocation data. You can do it with TV viewing data.
Do you have a source for claims that (a) google parses emails for purchase histories and (b) sells it?
https://myaccount.google.com/purchases is empty for me, and I sure do have a lot of email receipts on my gmail.
It also says "Purchases made using Search, Maps, and the Assistant are organized to help you get things done, like tracking a package or reordering food".
Wow, this article is really interesting, but one thing I noticed is that the translation is generated and perfect! In fact if the header weren't there I'd have thought it was written by a native english speaker.
Most likely the users installed one of those free apps that ask for location access.
Those apps collected the location, even when not ruining and uploaded for sale.
It is a pity they did not do better forensics on the installed apps. One or more were revealing the location.
I don’t know if AccuWeather is available in Norway, but in the US at least, it (in conjunction with location data company Reveal Mobile) has been one of the leading location-data trojan horses: https://www.zdnet.com/article/accuweather-caught-sending-geo...
It would be really interesting if each app was fed a slightly modified location as steganography. Then the sold data could be cross-referenced to determine which companies are selling the data.
Sounds like a waste of time to me. If you feed 5 different location streams, you'll just find those same 5 streams for sale.. What a f---ing nightmare we're living in
I gather that NRK is the BBC equivalent for Norway, so it's not surprising that Tamoco sold so much data to it. But I wonder how selective Tamoco and its competitors are.
In particular, I can imagine that there's a substantial market for data that facilitates tracking people. Bounty hunters. Repo agents. Private investigators.
But also people who want to stalk others for whatever reasons. If someone could document that application, perhaps there'd be "pitchforks and torches".
I don't know what it would take, if anything. I was talking to some twenty-something folks in Berkeley about a decade ago and asked them what they thought of Snowden. They didn't know who he was. When I explained, they dismissed the whole thing. It turned out that they assumed the government was spying on everybody anyway. I don't know what to make of that, I'm just passing along the anecdote.
Anyway, from what I've heard these marketing companies are not very selective at all. More precisely, they are selective but don't dig too deeply. But this is just my impression, not fact.
Yes, but that does not stop the cell providers from selling your location [1].
You could also run an Android VM in the cloud and RDP to it when you want to use sketchy (edit: free) apps. This approach could have saved Bezos some trouble [2].
> You could also run an Android VM in the cloud and RDP to it when you want to use sketchy (edit: free) apps. This approach could have saved Bezos some trouble
The article also points to WhatsApp as the infection vector.
I agree that anything Facebook produces is fair game as far as being sketchy goes, but it’s not the only messaging platform to have been exploited.
Do we run all messaging services in independent sandboxes in VMs?
[2] says Bezos' iPhone was hacked via WhatsApp with the NSO Group-developed exploit. It is not possible to run iOS VM in the cloud, and even for Android it does not sound practical at all.
I had the option to spoof location data under "Developer options" in Settings with the original OnePlus ROM, but it's even easier to accomplish now that I'm running LineageOS.
I don't see how spoofing is better than blocking. If enough people block it, the market will shrink even faster. It's also much easier for people to block than "spoof". Spoofing seems practically pointless and academic compared to blocking.
These type of security vulnerabilities are due to the core OS/APIs being developed by a surveillance company that isn't concerned with user privacy, and they're countless.
There isn't enough will in the Free world to mitigate even the most glaring ones either, such as LineageOS not incorporating the MicroG patches. The end result being more forks, more confusion, and groups of users remaining unprotected.
When I saw Foursquare transition from a B2C to a B2B focused company that is when I finally deleted the Swarm and Fourquare Apps. I still don't fully understand their decision to split Foursquare into 2 apps, but what I did/do understand is that there is alot of money to be made in location data. You just hope that the people in these businesses are ethical people.
Isn’t data this granular illegal, at least in the US? Obviously trying to make the data anonymous does nothing if you can still see the same user over time - I’ve only ever seen this data with users put into groups, and data points fuzzed.
Generally speaking, there are no laws against merely possessing data, unless the data itself was the result of a crime.
Maybe you mean selling the data? That's nuanced. It seems to be illegal for phone-companies to sell your real-time cellphone location... but historical data? App developers instead of phone companies? The devil is probably in the details in terms of what constitutes a crime and what is just shady business. See [1] where AT&T sells your location data but insists it's not technically illegal (but claims they stopped selling it anyway).
Many companies try to anonymise this data anyway because it's good business to not piss off your customers.
The article is about Norway, and there are laws against merely possessing data, namely the GDPR. To be specific, "merely possessing" private data (the granular movement data would qualify) by companies for business purposes is illegal by default - there are many options that give a legal basis for processing, and many of them do not require the user's consent, but it's upon the company to demonstrate what gives them the permission to do that, and having no justification (if the company "just has it") means that the processing is illegal. And even if the company has a legitimate reason for processing as such, doing so "without your knowledge" is generally illegal, as even where consent is not required, they are required to inform the data subject about the purposes of processing their private data.
It's not about selling data - purchasing the data or having it or using it also are covered.
Can I legally purchase the anonymized location data of a few thousand Americans, run that through a script which associates coordinates with addresses, and publish the deanonymized results as an art piece like this?
If so, this could be a lot of fun. It would be interesting to see the political backlash, especially if the published dataset includes politicians. Perhaps, in the name of ethics, it should include only politicians, and only those who have voted against privacy legislation. Maybe we'd finally end up with something like the GDPR here in the States.
You'd presumably get in trouble because legality is only part of the equation, the other part is how big/powerful you are and whether you have connections in the right places.
Big companies can get away with crimes while the same thing would result in successful prosecution if a little guy does it, so you might very well get in trouble even though you're doing exactly the same thing as an existing company that manages to stay out of trouble.
I however support your idea regardless of its legality (and especially if the data happens to contain details on politicians, the majority of which are responsible for the situation being as-is) and suggest you publish it anonymously (through Tor).
They have no power to change it and no credible alternatives.
Apple and Google create systems that make it possible to harvest data with no user control possible. Neither provide the ability to see or stop data leaving your mobile device.
They do this so they can attract developers to their platform.
They do provide "controls" to prevent some sort of data access to prevent mindful users from leaving the platform.
It's just that the control have the same sort of ambiguity as a privacy policy. Many people still don't understand that "location services" really means two-way, or that bluetooth can be a proxy for very fine-grained location tracking.
I hope that we finally get alternative phones (say pinephone or purism) because I firmly believe there's a HUGE market opportunity for this sort of thing.
Almost everyone, I've spoken to about these (including software engineers), know they are being tracked and they don't care. Actually, you know what, not almost everyone, everyone I've spoken to about this.
I've got the reply "if you don't like it, stay off the internet". Well.
I agree. I find it utterly disrespectful for all the engineers who are working their asses off to save the free internet when someone tells me to stay off the internet if I don't want to use a Google service. It's that bad.
You have to be a special case of naive for the collection and sale of data to be a surprise. Talk about living under a rock. As for mobile apps, specifically, you think these shitty apps make money off ads? No, the business model is data. GPS data alone is a multi-billion dollar industry that is growing very fast.
What I don’t get about this kind of thing is that it’s not just shady data resellers you’ve never heard of. It’s also overt, high profile, branded tech companies like Foursquare and Yelp, with huge amassed data sets of foot traffic, wifi scans, battery status, often paired with demographic info or data that can be joined by ad IDs or commercial device graphs.
If these companies are able to keep on truckin’ with massive user bases who don’t seem to care that the entire business model rests on flagrant violation of data privacy and data reselling, why would you ever expect anyone to care about the long tail of scammy lesser known data resellers?
Companies like Yelp or Foursquare are essentially as scammy as it can possibly be, with the scamminess shoved right in users’ faces, with lots of middle fingers and half-hearted sound bytes about respecting data privacy. If users don’t react in horror and delete accounts / stop contributing en masse in response to that, why would you ever think an expose about something a further ten degrees removed from the user’s immediate experiences is going to cause any reaction?
When someone uses an app such as Yelp it's like valet parking. They know they're handing over something vital, but its with the expectation that the company will provide something of value in exchange, and trusting that they won't use it for more than that. Yes, you're allowing a company to track your movement (for the purpose of grading restaurants). And yes, you're allowing someone else to drive your car (for the purpose of finding a parking space). If you find out a third-party is tracking your location though, that would be as if someone other than the valet were driving your car. And when they use it for their own gain in a way that doesn't return anything of value to you, that would be considered joyriding.
“I hand over my data in exchange for the app handing over a valuable experience or service” is the hugest lie in the business. This is exactly what the disingenuous marketing doublespeak of Yelp and Foursquare says.
In reality, most users really do not understand or consent to the level of data tracking and are very confused about terms of use or privacy settings in the app or just on their device.
The big problem is that it is just not possible for the vast majority of people to have enough expertise or technical know-how to give anything resembling informed consent. Whatever the user is agreeing to, it emphatically is not anything like consent.
The fact that Apple Maps integrates Yelp is a big red flag for me, and I think a big hole in their privacy story. It's why I am more comfortable using Google Maps than Apple Maps.
How are Foursquare and Yelp collecting wifi scans?
-> ok so yelp bought "Turnstyle WiFi" which runs wifi hotspots at businesses like Burger King and collects client data ...keeps reading... oh god their wifi is worse than their burgers this is sickening
Cell service providers can and do track your cellphone location. All they have to do is measure the signal strength of your cellphone at different towers, and they can triangulate its position.
https://www.vice.com/en_us/article/nepxbz/i-gave-a-bounty-hu...
I’m not familiar with other locations, but in the US, you only have the choice between three cell service providers. All of them admit to selling their own customer’s location data to third parties in their Privacy Policies.
AT&T https://about.att.com/csr/home/privacy/full_privacy_policy.h...
Verizon https://www.verizon.com/about/privacy/full-privacy-policy
T-Mobile/Sprint https://www.t-mobile.com/privacy-center/our-practices/privac...
Remember, you’re paying for these services. But they still sell you out.
I seriously recommend you read the privacy policy for your provider. It seems they collect as much data as possible (not just location, also browsing history and a whole host of other metrics) and share it with as many different parties as possible.
If you are using a cellphone, your location is being tracked. Period. You can’t avoid it. Even TOR isn’t gonna help you.