Your Location Data Is Being Sold—Often Without Your Knowledge


Your Location Data Is Being Sold—Often Without Your Knowledge

Location-based ads are growing, which means the industry has more ways than ever to track you
Businesses and other locations, in green, where the location-based advertising firm Groundtruth pushes ads to mobile devices.

By Christopher Mims March 4, 2018 8:00 a.m. ET

As location-aware advertising goes mainstream—like that Jack in the Box ad that appears whenever you get near one, in whichever app you have open at the time—and as popular apps harvest your lucrative location data, the potential for leaking or exploiting this data has never been higher.

It’s true that your smartphone’s location-tracking capabilities can be helpful, whether it’s alerting you to traffic or inclement weather. That utility is why so many of us are giving away a great deal more location data than we probably realize. Every time you say “yes” to an app that asks to know your location, you are also potentially authorizing that app to sell your data.

Dozens of companies track location and/or serve ads based on this data. They aim to compile a complete record of where everyone in America spends their time, in order to chop those histories into market segments to sell to corporate advertisers.

Marketers spent $16 billion on location-targeted ads served to mobile devices like smartphones and tablets in 2017. That’s 40% of all mobile ad spending, research firm BIA/Kelsey estimates, and it expects spending on these ads to double by 2021.

The data required to serve you any single ad may pass through many companies’ systems in milliseconds—from data broker to ad marketplace to an agency’s custom system. In part, this is just how online advertising works, where massive marketplaces hold ongoing high-speed auctions for ad space.

But the fragmentation also is due to a very real fear of the public backlash and legal liability that might occur if there were a breach. Imagine the Equifax breach, except instead of your Social Security number, it’s everywhere you’ve been, including your home, your workplace and your children’s schools.

The fix, at least for now, is that with most individual data vendors holding only parts of your data, your complete, identifiable profile is never all in one place. Giants like Google and Facebook, who do have all your data in one place, say they are diligent about throwing away or not gathering what they don’t need, and eliminating personally identifying information from the remainder.

Yet as the industry and the ways to track us expand, the possibility that our whereabouts will be exposed multiplies.

The spy in your pocket

If you’ve ever felt clever because an app on your phone asked to track your location and you said no, this should make you feel a little less smug: There are plenty of ways to track you without getting your permission. Some of the most intrusive are the easiest to implement.

Your telco knows where you are at all times, because it knows which cell towers your phone is near. In the U.S., how much data service-providers sell is up to them.

Another way you can be tracked without your knowing it is through any open Wi-Fi hot spot you might pass. If your phone’s Wi-Fi is on, you’re constantly broadcasting a unique MAC address and a history of past Wi-Fi connections. Retailers sometimes use these addresses to identify repeat customers, and they can also use them to track you as you go from one of their stores to another.

WeatherBug, one of the most popular weather apps for Android and iPhone, is owned by the location advertising company GroundTruth. It’s a natural fit: Weather apps need to know where you are and provide value in exchange for that information. But it also means that app is gathering data on your location any time the app is open—and even when it isn’t, if you agreed to always let it track your location. That data is resold to others.

GroundTruth also gathers location data from “over a hundred thousand” other apps that have integrated bits of its code, says company president Serge Matta, who declined to disclose which apps. App makers agree to harvest location data because it grants them access to GroundTruth’s mobile advertising network.

This data is what enables marketers like Jack in the Box to push an advertiser’s message to potential customers near its restaurants. A typical engagement includes pushing location-based promotions or coupons through mobile ads, says Iwona Alter, Chief Marketing Officer of Jack in the Box.

Every month GroundTruth tracks 70 million people in the U.S. as they go to work in the morning, come home at night, surge in and out of public events, take vacations, you name it.

Companies like GroundTruth try to ensure they aren’t tracking or storing data on individuals. Most of what they sell are anonymous blobs of people who fit particular descriptions—“soccer moms who intend to buy an SUV,” for example. But they also occasionally hand off location data to a third party, such as LiveRamp, owned by data broker Acxiom, before it’s matched up with potentially personally identifying information, such as your complete shopping history at a retailer. LiveRamp is almost like an escrow company for data.

Companies like Acxiom could be prime targets for hackers, said Chandler Givens, chief executive of TrackOff, which develops software to protect user identity and personal information. LiveRamp goes to great lengths to mathematically obfuscate our individual identities, said Sheila Colclasure, chief data ethics officer at LiveRamp and Acxiom. But some security researchers fear data brokers like Acxiom may be compromised already, or could be someday.

Acxiom and LiveRamp in the U.S. are governed by federal and state laws that regulate the collection and use of data in the particular businesses their clients are involved in, Ms. Colclasure said. Nearly every year, a bill comes up in the Senate or House that would regulate our data privacy—the most recent was in the wake of the Equifax breach—but none has passed. In some respects, the U.S. appears to be moving backward on privacy protections.

There might never be a breach of our location data. But given the drumbeat of hacks of both companies and governments, it’s hard to believe hackers aren’t at least trying to compromise such a high-value target.

https://www.wsj.com/articles/your-location-data-is-being-soldoften-without-your-knowledge-1520168400

Comments

Post a Comment

Popular posts from this blog

Report: World’s 1st remote brain surgery via 5G network performed in China

World’s 1st remote brain surgery via 5G network performed in China Published time: 17 Mar, 2019 13:12 ·           A Chinese surgeon has performed the world’s first remote brain surgery using 5G technology, with the patient 3,000km away from the operating doctor. Dr. Ling Zhipei remotely implanted a neurostimulator into his patient’s brain on Saturday, Chinese state-run media  reports . The surgeon manipulated the instruments in the Beijing-based PLAGH hospital from a clinic subsidiary on the southern Hainan island, located 3,000km away. The surgery is said to have lasted three hours and ended successfully. The patient, suffering from Parkinson’s disease, is said to be feeling well after the pioneering operation. The doctor used a computer connected to the next-generation 5G network developed by Chinese tech giant Huawei. The new device enabled a near real-time connection, according to Dr. Ling.  “You barely feel that the patient is 3,000 kilometers away,”  he said.
Read more

Visualizing The Power Of The World's Supercomputers

Visualizing The Power Of The World's Supercomputers   BY TYLER DURDEN FRIDAY, JAN 21, 2022 - 04:15 AM   A supercomputer is a machine that is built to handle billions, if not trillions of calculations at once. Each supercomputer is actually made up of many individual computers (known as nodes) that work together in parallel. A common metric for measuring the performance of these machines is  flops , or  floating point operations per second . In this visualization,  Visual Capitalist's Marcus Lu uses  November 2021 data from  TOP500  to visualize the computing power of the world’s top five supercomputers. For added context, a number of modern consumer devices were included in the comparison. Ranking by Teraflops Because supercomputers can achieve over one quadrillion flops, and consumer devices are much less powerful, we’ve used  teraflops  as our comparison metric. 1 teraflop = 1,000,000,000,000 (1 trillion) flops. Supercomputer Fugaku  was completed in March 202
Read more

BMW traps alleged thief by remotely locking him in car

BMW traps alleged thief by remotely locking him in car Stealer's Wheel? Seattle police department quotes "Watchmen" movie in a recap of the recent arrest. Tech Culture by Gael Fashingbauer Cooper December 4, 2016 5:00 PM PST It's maybe the most satisfying arrest we can imagine. Seattle police caught an alleged car thief by enlisting the help of car maker BMW to both track and then remotely lock the luckless criminal in the very car he was trying to steal. Jonah Spangenthal-Lee, deputy director of communications for the Seattle Police Department, posted a witty summary of the event on the SPD's blog on Wednesday. Turns out if you're inside a stolen car, it's perhaps not the best time to take a nap. "A car thief awoke from a sound slumber Sunday morning (Nov. 27) to find he had been remotely locked inside a stolen BMW, just as Seattle police officers were bearing down on him," Spangenthal-Lee wrote. The suspect found a ke
Read more