[HN Gopher] There's a Multibillion-Dollar Market for Your Phone'...
___________________________________________________________________
There's a Multibillion-Dollar Market for Your Phone's Location Data
Author : marban
Score : 106 points
Date : 2021-10-02 17:53 UTC (5 hours ago)
(HTM) web link (themarkup.org)
(TXT) w3m dump (themarkup.org)
| [deleted]
| swiley wrote:
| Do not cary smartphones.
| sneak wrote:
| Dumbphones have the exact same problem, due to carrier-based
| location tracking tied to phone number.
| tpmx wrote:
| Duh, both EU+US needs groundbreaking legislation in this area.
|
| I guess US is not as motivated as the EU, so, they'll follow, as
| usual.
| Animats wrote:
| Can you buy location data for all registered lobbyists?
| White_Wolf wrote:
| I'll chip in if it contains the unregistered ones in there.
|
| I'd trade my flat for all transactions involving everyone in
| the medical field (in UK) for the past 4 years(including
| relatives and friends). If only location data is available...
| I'll do with that.
| matheusmoreira wrote:
| I'd also like full location data for all the politicians who
| allow this to happen. US three letter agency employees. All
| powerful people in general.
| bojangleslover wrote:
| I would actually chip in fairly seriously for this!
| tonetheman wrote:
| If someone would pay me I will just share my location data...
| wonder how many people are like myself.
| JumpCrisscross wrote:
| Do any of the U.S. carriers not do this?
| findthewords wrote:
| No surprise that Android begs the user to enable location data
| with popups that can't be turned off.
| NoImmatureAdHom wrote:
| There are many versions of Android, and some that don't do
| this.
|
| Check out: CalyxOS GrapheneOS LineageOS AOSP
| andrewljohnson wrote:
| It's more like a trillion dollar market. The actual players are
| Google, Facebook, and Apple... these startups are just location
| data gnats.
|
| Location data is probably the single best demographic info to
| have to make money, and at least 3 companies in the world have
| basically everyone's phone bugged. Ads, maps, social... all
| totally dependent on location data from users.
| harlanji wrote:
| When I lived in my car in SF a waymo would pass me right when I
| left and at many key intersections and at my destinations. I
| know it was not random but I don't go down the rabbit hole of
| trying to figure out how they did it. If I get proof then I'd
| be vindicated. I tweeted about it as a human rights violation
| often, having no way to retreat. I long ago took it as a given
| that we have no privacy. I can only imagine where the data
| comes from and goes and how it is augmented.
|
| Why would they care about me? Anti-terrorism, anti-competition,
| who knows. I tried not to think that much about it. I simply
| noticed the extreme regularity and improbability if it and
| thought in those terms and went about my limited life.
|
| The vans are very menacing with their spinning sensors and
| black helmet, I'd hate to have been an actual criminal. Built
| charachter ignoring them.
| quickthrowman wrote:
| I understand you went through a very difficult experience
| being homeless, but I can assure you that Google isn't
| interested in you in particular. Google casts a wide net when
| it collects data, having Waymo vehicles and vans following
| you (or any other single person) would be rather expensive.
| They collect data on all of us, just not quite as actively as
| physical surveillance.
|
| I've been in a survival frame of mind before and it can feel
| like the whole world is against you. It's hard to trust
| anyone. Living in a car in SF (or any city) would give me
| massive anxiety, there's no "safe place" where you can fully
| let your guard down.
|
| I know you don't want to hear this, and have probably heard
| it before, but your paranoia may be a sign of untreated
| mental illness. Stress can trigger mental health issues, and
| treatment may help. I also understand that the medications
| have some pretty bad side effect profiles, and being labeled
| mentally ill means you get treated completely different than
| everyone else (in healthcare in particular) I also understand
| that your experience of feeling surveilled felt very real to
| you, the hard part of treating the disorders is that it's
| hard to accept what you experience isn't real, since it's
| very real to you.
|
| I encourage you to consider seeking help, but understand why
| you'd be hesitant. Take care.
| Frost1x wrote:
| How could it not be random, dare I ask?
|
| I don't agree with the current directions of technology in
| terms of surveillance and data collection for private and
| powerful interests, but I find it far more likely that living
| in SF you'd be exposed to more mobile Waymo platforms that
| just happen to be collecting data regularly as part of
| engineering work, data collection, testing, and so on.
|
| No offense but why would Waymo care about you in particular
| unless you were some significantly important/critical former
| disgruntled employee or risk/potential asset to their
| business?
| salawat wrote:
| ...No man, they weren't tracking you...
|
| They were just testing their equipment to track everyone
| better!
|
| Absolutely surreal the mental gymnastics some are capable
| of convincing themselves to be comfortable with. Sometimes
| the problem is that the technology is being applied at all.
| The fact every techbro hides behind "Pfft, it ain't you
| we're interested in," doesn't quash the unspoken "it's
| everyone _and_ you ".
| shmatt wrote:
| ...or you were both using GMaps/Waze to navigate to your
| destination
| ajb wrote:
| It's good that you are managing to ignore these. However,
| while is common knowledge that Google collects data on
| everyone, informed opinion seems to be that they do so on a
| wholesale basis rather than having their vans follow
| individuals, which would likely be prohibitively expensive.
| You may want to think about the possibility that you are
| having some symptoms of one of the mental health problems
| which cause paranoia. If so, it may be a good idea to get it
| checked out, as they can be really hard to deal with once set
| in.
| Mountain_Skies wrote:
| It's baffling that this information is worth so much. I'm curious
| as to what marketing is being custom sent to me based on the
| location data they get from me. I actually leave me phone at home
| most of the time if I'm going to the store or a nearby restaurant
| but I always take it with me when I go hiking. Even though I turn
| it off at the trailhead to save the battery in case I need it
| later, I'm sure I'm identified in some database somewhere as a
| person who goes hiking, but then what? I'm already an REI member.
| Maybe environmental groups could send me political and fund
| raising pleas (they don't but I guess they could).
| HanaShiratori wrote:
| No need to pay me that much, I'd be willing to sell for a couple
| million. Just pm me
| amelius wrote:
| Multibillion divided by billions of users = a couple of
| dollars.
|
| Yes, a couple of dollars per user is what is at the root of
| this privacy nightmare.
|
| And guess who is ultimately paying this price anyway.
| novok wrote:
| Carriers chase the god of ARPU like their lives depend on it,
| and this ARPU gain is pure profit.
| sys_64738 wrote:
| How does data get off my smartphone? * Apps
| * Carrier geolocation * Bluetooth tracking
|
| Are there any others?
|
| If I disable location tracking then am I safe? I don't install
| crappy vendor apps on my smartphone to begin with.
| sneak wrote:
| You'll need a new SIM and handset every couple months, too.
| novok wrote:
| Carrier geolocation is there whether you like it or not and at
| this point I think legislation is the only solution to making
| location logs illegal to keep for governments and companies.
| It's not really being created by your smartphone but more like
| observed by the carriers cell phone towers so they can do
| handoffs and a side effect of how the network layer works.
|
| Also stuff like iBeacon is pretty much impossible to avoid, it
| still works even when bluetooth is completely turned off. I got
| an iBeacon based alert when I walked into an apple store with
| bluetooth turned off for example, and there is no setting to
| turn off iBeacon tracking.
|
| Google is worse in other ways, it's incredibly infuriating.
| jmkb wrote:
| Certainly the phone manufacturer (and OS provider if different)
| can have a go at anything they want.
|
| I'm not sure what all counts as "getting data off" the phone,
| but some other methods of smartphone tracking:
| - wifi (sometimes even if wifi is "off") - EXIF on photos
| you take and share - QR code usage - public USB
| charging ports
|
| Then there's cross-tracking by other means. It's likely someone
| has enough data to associate your phone with your credit or
| debit accounts, or a public transit card, or vehicle plate
| numbers & toll tags, or with your face and voice.
| barathr wrote:
| This is a layered problem; Apple and Google (for better and
| worse) are best positioned to deal with the app ecosystem.
|
| But there's the mobile provider piece of this -- the tower knows
| where you are because currently it has to, and the network
| providers are part of this location data market, selling location
| data for everyone, whether they use leaky apps or not. This is
| worse with 5G due to smaller cells and thus finer-grained
| location data.
|
| With a colleague I've founded a startup, Invisv, to provide
| location privacy -- and more. FWIW, Wired wrote up our work on
| this several weeks back: https://www.wired.com/story/pretty-good-
| phone-privacy-imsi-w...
| gvd wrote:
| LTE will give you a datapoint roughly every 2 minutes. Accuracy
| will depend on the density of the LTE towers (150m - 2km). So
| besides Google, FB, etc. Telecom operators also play a role in
| this space. Remember that GPS might not always be turned on
| while your phone pinging cell phone towers happens all the
| time. With future 5G implementations this accuracy will be even
| further increased because the antenna range is short and the
| density will be much larger.
| eurasiantiger wrote:
| Open source radios are the first step to privacy. We need to be
| able to choose the towers we connect to.
| gruez wrote:
| >We need to be able to choose the towers we connect to.
|
| How does that help? If you do that the best you can do is
| obfuscate your location by a mile.
| DSingularity wrote:
| That's pretty good
| secondcoming wrote:
| When Google does share location information with
| advertisers it is obfuscated to approx this range.
| robbedpeter wrote:
| A trustless model in which the tower can provide a
| connection, know the relevant endpoint location on the
| tower hardware only, and prevent any access to that data
| except to law enforcement with a valid warrant. Providers
| don't need location data. Put in place lethal penalties for
| violating data privacy - if a company is caught harvesting
| data outside legal limits, they get fined into oblivion,
| and the money is split between victims and enforcement.
|
| Being a service provider shouldn't mean an unlimited
| license to spy on your customers. Being a big corporation
| shouldn't mean you get to ignore the rules applied to
| individuals.
|
| We need better laws, and we need to exclude megacorps and
| megamoney from the legislative process.
| altano wrote:
| This is super cool. It's awesome to see someone trying to
| tackle this problem. I assume no carrier/mvno will adapt this
| but I'd be extremely happy to be wrong. I would instantly
| switch to a provider that made use of this tech.
| ignoramous wrote:
| > _fwiw, Wired wrote up our work on this several weeks back..._
|
| Link to research paper:
| https://www.usenix.org/system/files/sec21-schmitt.pdf
| Rd6n6 wrote:
| > How can I stop companies from getting my location data?
|
| The steps they list only cover gps data. In my final year at uni,
| during the capstone fair, I recall one group built a tracking
| system that relied on Bluetooth or wifi or something (maybe
| cellular signals?) to identify and track people indoors. I think
| they pitched it to be used in malls or airports, but really could
| work anywhere. It was surprisingly robust.
|
| There are other projects that track you by license plate on
| highways, or by facial recognition. All this is location data
| too. I don't think a highly motivated person could avoid location
| tracking any more without living in the woods
| nerdponx wrote:
| I once read that Apple and Google actively keep track of Wifi
| access points so they can map out interior spaces, and also
| geolocate you even if you have GPS location services disabled.
| I don't know if that's true, but I wouldn't put it past them.
| milofeynman wrote:
| https://support.google.com/maps/answer/1725632?hl=en
| cucumb3rrelish wrote:
| https://calyxos.org uses Mozilla's location services
| amelius wrote:
| Your shoes could have embedded RFID tags (perhaps originally
| intended as a payment/anti-theft method by the store you bought
| them from) that can be used to fingerprint/track you
| everywhere.
| throw3849 wrote:
| WiFi on phone sends periodic pings to discover new access
| points. MAC is unique...
| fsflover wrote:
| Librem 5 smartphone has hardware kill switches for
| WiFi/Bluetooth and cellular modem.
| rufus_foreman wrote:
| >> How can I stop companies from getting my location data?
|
| Can't you just turn that off? Am I missing something?
| estaseuropano wrote:
| You don't need to send location data to reveal it. E.g. WiFi
| signal strength of different devices and cell tower strength
| or switching are easy points to help locate someone. Google
| was already prohibited from collecting WiFi data in the EU
| (with streetview cars specifically, but what would stop them
| from using any android device...), you can bet they still do
| it in the rest of the world.
| rufus_foreman wrote:
| I'm not on wifi, mostly I'm on a desktop computer with a
| VPN. I'm not an expert, how much of my location data gets
| sent when I do that.
| zz865 wrote:
| Its good because that is what is paying for all these apps.
| swiley wrote:
| GNU didn't need to do this and the App Library for GNU/Linux is
| often more complete.
| brootstrap wrote:
| did our ancestors have GPS enabled phones when they started
| making trans-atlantic trips? What about my grandma in 1970
| packing up 6 kids in a station wagon and driving somewhere on
| vacation? You can get by without google maps and google even.
| novok wrote:
| It doesn't matter about what your ancestors got by with,
| but how close you are to baseline effectiveness as a human
| being in order to keep up with the society you live in.
|
| If you are a weirdo who is not available to communicate
| with like everyone else, people stop being your friend, you
| economic opportunities reduce and so on. If your more late
| because you got lost more often, because you don't use gps,
| people don't want to associate with you as much and so on.
| isoprophlex wrote:
| No. It is cancerous, because it erodes our privacy and degrades
| our user experience.
|
| And for developers, you are forced to enter the spy-on-your-
| users rat race because everyone expects free shit.
| randmeerkat wrote:
| > And for developers, you are forced to enter the spy-on-
| your-users rat race because everyone expects free shit.
|
| I would happily pay for a quality product that respected my
| privacy.
| isoprophlex wrote:
| Yeah, me too; i have paid email, paid adblocking dns. I de-
| googled my life and ditched FB, insta, twitter. (Ok, that I
| also did for my own mental well-being)
|
| But I'm, what, a 0.1% minority of global internet users?
|
| Meanwhile I try to find suitable games for my kids to play
| or video's to watch, and 9 out of 10 things I find have
| monetize through some quality-reducing, interruptive,
| annoying ad-driven modus operandi.
|
| It's not just services or software: consuming content is
| equally degraded by the expectation of limitless quantities
| of free shit.
| [deleted]
___________________________________________________________________
(page generated 2021-10-02 23:00 UTC)