Right on the heels of the still-unresolved Cambridge Analytica scandal, a new set of data breaches have revealed yet another data privacy and security crisis. Read these words carefully: almost anyone can track your smartphone’s position in real-time and there’s nothing you can do about it while using your phone.
The business of selling your data is called Location-As-A-Service (LAAS), and business is good. According to a report by Allied Market Research, the entire industry is expected to grow by 26.6% from 2016 to 2022. But what is it?
Generally speaking, LAAS is simply the collection and sale of location data. There are different ways to monitor a phone’s location, but the primary technologies involved are GPS locations and mobile service triangulation.
The real privacy threat we need to talk about is mobile service triangulation. This technology is nothing new – cell phone triangulation has been around since at least 1996, and the earliest known use of triangulation to discover a location dates back to ancient Greece. Here’s the issue – as long as your phone is on and has service, you can’t opt out, block, disable, or otherwise prevent your mobile service provider from tracking you. Mobile service users are using this to their advantage by selling your location to businesses, governments, and law enforcement.
Depending on who’s buying it, how it’s being packaged, and how it’s used, this may or may not be a huge problem. In India, for example, LAAS is growing in popularity because the older phones that many people in India use don’t have GPS. This makes it difficult for first responders to find patients as quickly as possible. LAAS solves this problem by providing first responders with the locations of patients. Now, if only every use of LAAS made me feel so warm and fuzzy…
Unfortunately, first responders aren’t the only ones buying LAAS data. Since they apparently think you pay way too little on your phone bill, service providers also sell user location data to big data firms.
Now we’re in really shady territory. Did you allow your service provider to sell your location data to third parties? If so, did you know that you gave them permission? Did they ask you? Who are they selling your location to? Why do they want it? What are they going to do with it? Are there any laws or regulations in place to control how your location information is used? Are your service provider and the companies they sell your location to determined to keep your data secure?
Fortunately, we have a recent example that provides some insight into many of these questions: LocationSmart. We’ve broken down the LocationSmart scandal in greater detail in this post, but here are the important takeaways you need to know:
The cherry on top is how Securus responded to questions by the New York Times regarding how personal cellphone location data is used. A representative said that “Securus is neither a judge nor a district attorney, and the responsibility of ensuring the legal adequacy of supporting documentation lies with our law enforcement customers and their counsel.” In other words, the company denies any responsibility for ensuring that your data is used legally or responsibly!
So, let’s recap:
Technologically, not much. You can turn on airplane mode, turn your phone off, leave it at home or throw it away, but there’s no way to both have cellphone service and be safe from location tracking.
The change has to come from the top in the form of legislation, meaning that there’s a difficult political battle ahead. Service providers must be forbidden from selling phone location data to third parties. Service providers and any other companies with your data must be punished for storing your data insecurely and allowing breaches to occur.
In the wake of the Securus scandal, one US Senator – Ron Wyden – has submitted an official inquiry to the FCC demanding that Securus’ operations be investigated. However, this isn’t enough. The US government needs to hear from you, and it needs to hear from thousands of other people who feel the same way you do.
Start talking about this topic with your family and friends. Share this post. Contact your government representatives and the organizations that fight for your right to privacy in Washington DC. Demand your right to privacy and security.