Location data is ground zero in privacy wars
Illustration: Lazaro Gamio/Axios
Our phones' GPS and location capabilities are a key part of what make them magical — enabling them to speed our commutes, hail rides and find the devices when we lose them. These capabilities are also ground zero for the looming fight over defining the boundaries of privacy and acceptable uses of our personal information.
The big picture: Three recent stories show just how common problems with location data can be — and how thorny they've become.
1. Cell providers resell location info
- Motherboard's story exposing a shadowy marketplace in the resale of location data tracking individual phones raised alarms that last week led all the major U.S. wireless carriers to announce they would stop selling the repositories of data that make such tracking possible.
- That's a relief to anyone who'd prefer to keep their location private.
- Yet we welcome similar reuse of location data that allows services like Google Maps, Waze and Apple Maps to tell us the fastest route between 2 points.
- Those traffic guides anonymize data and shouldn't enable third parties to track you down.
- But no anonymizing scheme is perfect. And the tighter we draw privacy rules, the more likely we are to hobble valuable services, now or down the road.
2. Tweet locations reveal where you live
- For years, Twitter's geolocation tagging of user's tweets also gave developers access to detailed GPS coordinates for each message posted from a phone.
- As Wired reports, researchers have now used this data to build a tool that can determine where many Twitter users live with 90% accuracy.
- Twitter argues that its geolocation feature has always been opt-in and voluntary, and in 2015 it started blocking the more detailed GPS information.
- Still, this research highlights how common it is for online and mobile services to "leak" more information about you than you realize.
3. Slack monitors your itinerary
- Slack users who have traveled to countries or areas that are embargoed by the U.S. — like Cuba, Syria, Iran or Crimea — and used the workplace messaging app there found their accounts suspended last month, Mashable reports.
- Mashable cites users visiting family in Iran or vacationing in Crimea as being surprised that their personal trips were triggering Slack's suspension mechanism.
- Slack says it was just complying with the U.S.'s economic sanctions laws, and it is using internet addresses, not GPS data, to track logins from embargoed nations.
- The company issued a broad apology, saying that it had restored accounts suspended in error and in the future would block access from affected internet addresses but not suspend user accounts.
- The incident illustrates how tricky it can be for private companies to comply with complex laws governing electronic communications.
What's next: Members of the new Congress plan to float a wide range of new privacy legislation this year, with location data at the heart of the debate. New laws will need to thread the needle between protecting personal information and enabling useful innovation.
The bottom line: Your phone is also a surveillance device. Use it with care unless you want your life to be an open book — or map.