Your Apps Know Where You Were Last Night, and They’re Not Keeping It Secret

[RV_]

I'll just excerpt the first third. This is a must read.

" Dozens of companies use smartphone locations to help advertisers and even hedge funds. They say it’s anonymous, but the data shows how personal it is.

The millions of dots on the map trace highways, side streets and bike trails — each one following the path of an anonymous cellphone user.

One path tracks someone from a home outside Newark to a nearby Planned Parenthood, remaining there for more than an hour. Another represents a person who travels with the mayor of New York during the day and returns to Long Island at night.

Yet another leaves a house in upstate New York at 7 a.m. and travels to a middle school 14 miles away, staying until late afternoon each school day. Only one person makes that trip: Lisa Magrin, a 46-year-old math teacher. Her smartphone goes with her.

An app on the device gathered her location information, which was then sold without her knowledge. It recorded her whereabouts as often as every two seconds, according to a database of more than a million phones in the New York area that was reviewed by The New York Times. While Ms. Magrin’s identity was not disclosed in those records, The Times was able to easily connect her to that dot.

The app tracked her as she went to a Weight Watchers meeting and to her dermatologist’s office for a minor procedure. It followed her hiking with her dog and staying at her ex-boyfriend’s home, information she found disturbing.

“It’s the thought of people finding out those intimate details that you don’t want people to know,” said Ms. Magrin, who allowed The Times to review her location data.

Like many consumers, Ms. Magrin knew that apps could track people’s movements. But as smartphones have become ubiquitous and technology more accurate, an industry of snooping on people’s daily habits has spread and grown more intrusive.

At least 75 companies receive anonymous, precise location data from apps whose users enable location services to get local news and weather or other information, The Times found. Several of those businesses claim to track up to 200 million mobile devices in the United States — about half those in use last year. The database reviewed by The Times — a sample of information gathered in 2017 and held by one company — reveals people’s travels in startling detail, accurate to within a few yards and in some cases updated more than 14,000 times a day.

[Learn how to stop apps from tracking your location.]

These companies sell, use or analyze the data to cater to advertisers, retail outlets and even hedge funds seeking insights into consumer behavior. It’s a hot market, with sales of location-targeted advertising reaching an estimated $21 billion this year. IBM has gotten into the industry, with its purchase of the Weather Channel’s apps. The social network Foursquare remade itself as a location marketing company. Prominent investors in location start-ups include Goldman Sachs and Peter Thiel, the PayPal co-founder.

 

Businesses say their interest is in the patterns, not the identities, that the data reveals about consumers. They note that the information apps collect is tied not to someone’s name or phone number but to a unique ID. But those with access to the raw data — including employees or clients — could still identify a person without consent. They could follow someone they knew, by pinpointing a phone that regularly spent time at that person’s home address. Or, working in reverse, they could attach a name to an anonymous dot, by seeing where the device spent nights and using public records to figure out who lived there.

Many location companies say that when phone users enable location services, their data is fair game. But, The Times found, the explanations people see when prompted to give permission are often incomplete or misleading. An app may tell users that granting access to their location will help them get traffic information, but not mention that the data will be shared and sold. That disclosure is often buried in a vague privacy policy.

“Location information can reveal some of the most intimate details of a person’s life — whether you’ve visited a psychiatrist, whether you went to an A.A. meeting, who you might date,” said Senator Ron Wyden, Democrat of Oregon, who has proposed bills to limit the collection and sale of such data, which are largely unregulated in the United States.

“It’s not right to have consumers kept in the dark about how their data is sold and shared and then leave them unable to do anything about it,” he added.

Mobile Surveillance Devices

After Elise Lee, a nurse in Manhattan, saw that her device had been tracked to the main operating room at the hospital where she works, she expressed concern about her privacy and that of her patients.

“It’s very scary,” said Ms. Lee, who allowed The Times to examine her location history in the data set it reviewed. “It feels like someone is following me, personally.”

The mobile location industry began as a way to customize apps and target ads for nearby businesses, but it has morphed into a data collection and analysis machine.

Retailers look to tracking companies to tell them about their own customers and their competitors’. For a web seminar last year, Elina Greenstein, an executive at the location company GroundTruth, mapped out the path of a hypothetical consumer from home to work to show potential clients how tracking could reveal a person’s preferences. For example, someone may search online for healthy recipes, but GroundTruth can see that the person often eats at fast-food restaurants.

“We look to understand who a person is, based on where they’ve been and where they’re going, in order to influence what they’re going to do next,” Ms. Greenstein said.

Financial firms can use the information to make investment decisions before a company reports earnings — seeing, for example, if more people are working on a factory floor, or going to a retailer’s stores."

Much more with tracking shown in animations not videos here: https://www.nytimes.com/interactive/2018/12/10/business/location-data-privacy-apps.html?em_pos=large&emc=edit_ct_20181213&nl=technology&nlid=36852580edit_ct_20181213&ref=headline&te=1

How do you stop being tracked? This next article shows you how in both iOS and Android with screen shot step by step instructions here:

https://www.nytimes.com/2018/12/10/technology/prevent-location-data-sharing.html?em_pos=small&emc=edit_ct_20181213&nl=technology&nl_art=0&nlid=36852580emc%3Dedit_ct_20181213&ref=headline&te=1

[justRich]

I don't care if I'm tracked.  I'm not that important.  I want my bank to track me - it helps avoid fraudulent CC purchases.
But tracking me is a waste of resources.

What I don't like is my shopping history being tracked - then ads that pander to my browser search begin showing up on websites.  I don't like that.
I look at a lot of stuff. . .but it doesn't mean that I want to buy it.

 

[docj]

Phone tracking is the technology that makes it possible for Google Maps to have incredibly accurate traffic information.  I've used "My Timeline" on Google more than once to answer the question "when were we in that town?"  My wife and I use Google Location Sharing so that we can see each other's locations.  It's often useful to know how far from home the other is and, in an emergency, it could provide important position data.

You can either be frightened about all of this data tracking capability or adopt the philosophy that most of us are pretty insignificant individuals among hundreds of millions of others and the likelihood of anyone caring about our whereabouts is pretty small.   Sure, you can always create a conspiracy theory approach and invent narratives in which, for example, rogue Google employees use location data to plan burglaries of unoccupied homes when owners are at their Work locations, but IMHO the chance of that happening to me is less than that of being trampled by elephants in south TX.

[RV_]

I saw the article as a straightforward report and am not prone to conspiracy theories. I am old enough to remember what would have happened had we found out ma bell in the day was selling the info on who we called and what we talked about to buyers for whatever reason. If I were getting free broadband then maybe. But I pay for a private connection unless asked and I OK it.

That's all.

[Kirk W]

3 hours ago, RV_ said:

I am old enough to remember what would have happened had we found out ma bell in the day was selling the info on who we called and what we talked about to buyers for whatever reason.

In your day the phone company knew exactly where your phone was because they installed it and marked the location on their maps. Back in your day ma bell even knew what room your phone was in! You could resolve the entire issue by simply doing nowadays like you did back in your day and leave the phone that you have sitting on the shelf at home just as you did back then!

[justRich]

The positive and the negative:

After "they" get you hooked on the service, then they can start charging you for it.

 

[whj469]

It would seem to me that when you give permission for them to get your location so that you can find restaurants near you that could be how they track you? I do tend to think like above why would I care if I was tracked? Who would want to?

[docj]

26 minutes ago, whj469 said:

It would seem to me that when you give permission for them to get your location so that you can find restaurants near you that could be how they track you?

Tracking occurs when you have your "Location Services" set to "on" and your "location history" also on.  I think the recent stink was that Google was collecting data on people even when their location history was set to "off".  But if you have your GPS location service set to "off"  then no tracking will occur except the coarse tracking that can occur by knowing what cell tower you are logged into.  But that means you can't use turn by turn navigation or search Yelp for nearby restaurants, etc.

[RV_]

I just use Nord VPN on all my devices as of yesterday. Really easy and only $2.99 a month if you buy 2 years up front. Just over $100.00. No problems yet and very weird is that it actually sped up my connection speeds. It is allowed to be loaded on all my devices including three windows tablets, two Android phones, 4 Windows desktops, 6 Amazon Fire tablets and four 4k Fire TVs. Then I am allowed no more than six devices at a time simultaneously using my VPN. It resides on the devices, and a 30 day money back guarantee. Love the simple setup! Fast chat help too: Great tech support.

So my privacy problems are solved, I rarely use navigation on my phones but it's easy to turn the VON off for a ti e and then turn it back on. I would rather that for desired location services rather than trust the Googles of the world to do the right thing. Besides, now I can watch Dr. Who by using a server in the UK and get around the geoblocking anywhere. Netflix is very NordVPN friendly. Hulu not so much. I've been using it all of one day on three systems although it's loaded on them all.

[Just Don]

Thanks for starting this topic

I have been thinking about this since being hacked 2 weeks ago,

but it was my first time at being hacked into my Amazon, e-mail accounts,

netflix and a few other ones. Recapturing my Amazon took 2 +weeks.

I change my passwords a lot. I've read that people

set up in CG and be a middle man capturing your info.

Im debating on doing this also.

 

[docj]

43 minutes ago, Just Don said:

I've read that people

set up in CG and be a middle man capturing your info.

Im debating on doing this also.

"Man in the middle" attacks primarily happen when someone sets up a fake WiFi at a campground, airport terminal, library, etc.  If you log into the fake WiFi all your info can be at risk.  The easiest way to avoid this is to be sure you are logging into the "real" WiFi.

As long as you avoid this sort of situation your communications with Amazon, your email server, etc., are protected by the SSL encryption (HTTPS) used by such sites.  I seriously doubt that the average campground hacker is sophisticated enough to deal with cracking SSL.  

I suspect that the hack that affected you was more mundane in nature.  Did you, by chance, use the same passwords on all the accounts that were hacked? These days I have so many varied passwords that I'd never remember them all if I didn't use a password manager.  What's even better IMO is that more and more phone apps are going to fingerprint recognition rather than passwords.  I can now log into my Wells Fargo app with my Android phone using a fingerprint which IMHO is safer than using a password.

[Just Don]

I might have I didn't think about that, but I don't any more. I don't us many wifi's if I can keep from it.

Okay that was info I was looking for..

Thanks