Location services found in smartphones and in-car navigation systems give consumers access to many useful services, such as mapping and finding the nearest Starbucks, but there are serious questions about how vendors who gather that data use and sell it, most often without users knowing.
Testimony this week by watchdogs at the Government Accountability Office said companies have taken some steps that align with recommended practices for better protecting consumers' privacy. For example, all of the companies examined reports the agency in 2012 and 2013 used privacy policies or other disclosures to inform consumers about the collection of location data and other information. However, vendors did not consistently or clearly disclose to consumers what the companies do with these data or the third parties with which they might share the data, leaving consumers unable to effectively judge whether such uses of their location data might violate their privacy, the GAO said.
The GAO noted that companies can obtain location data in various ways. Mobile devices and in-car navigation devices determine location information through methods such as cell tower signal-based technologies, Wi-Fi Internet access point technology, crowd-sourced positioning, and GPS technology. Assisted-GPS (A-GPS), a hybrid technology that uses more than one data collection methodology, is also widely used.
+More on Network World: 10 security, privacy issues you might not know about your car’s auto-location services | Car crash prevention technologies face huge challenges +
Firms such as Google and Apple use customer data to compile large databases of cell tower and Wi-Fi access points. Non-carriers use these crowd-sourced location maps to determine location by analyzing which cell tower and Wi-Fi signals are received by a device. Consumers’ location data are transmitted over the cellular network or Wi-Fi access points to companies providing the services. These location data may then be shared with third parties for various uses, the GAO stated.
"Specifically, they are concerned that location data can be used for purposes other than to provide services to the consumer, such as selling the data to others for marketing. They also have concerns that location data can be used to track where consumers are, which can in turn be used to steal their identity, stalk them, or monitor them without their knowledge. In addition, location data can be used to infer other sensitive information about individuals such as their religious affiliation or political activities," the GAO stated.
The primary threats to consumer according to the GAO report include:
Disclosure: According to privacy advocates, when a consumer agrees to use a service that accesses location data, the consumer is unlikely to know how his or her location data may be used in ways beyond enabling the service. For example, location data may be shared with third parties unknown to the consumer. Because consumers do not know who these entities are or how they are using consumers’ data, consumers may be unable to judge whether they are disclosing their data to trustworthy levels of security protection they provide. If any of these entities has weak system protections, there is an increased likelihood that the information may be compromised.
Tracking Behavior: When location data are collected and shared, these data could be used in ways consumers did not intend, such as to track their travel patterns or to target consumers for unwanted marketing solicitations. Since consumers often carry their mobile devices with them and can use them for various purposes, location data along with data collected on the device may be used to form a comprehensive record upon which an individual’s activities may be inferred. Amassing such data over time allows companies to create a richly detailed profile of individual behavior, including habits, preferences, and routines— private information that could be exploited. Consumers may believe that using these personal profiles for purposes other than providing a location-based service constitutes an invasion of privacy, particularly if the data are used contrary to consumers‘ expectations and results in unwanted solicitations or other nuisances.
Identity Theft: Criminals can use location data to steal identities when location data are disclosed, particularly when they are combined with other personal information. The risk of identity theft grows whenever entities begin to collect data profiles, especially if the information is not maintained securely. By illicitly gaining access to these profiles, criminals acquire information such as a consumer’s name, address, interests, and friends and co-workers’ names. In addition, a combination of data elements—even elements that do not by themselves identify anyone, such as individual points of location data—could potentially be used in aggregate to identify or infer a consumer’s behavior or patterns. Such information could be used to discern the identity of an individual.
Furthermore, keeping data long-term, particularly if it is in an identifiable profile, increases the likelihood of identity theft.
Personal Security: Location data may be used to form a comprehensive record of an individual’s movements and activities. If disclosed or posted, location data may be used by criminals to identify an individual’s present or probable future location, particularly if the data also contain other personally identifiable information. This knowledge may then be used to harm the individual or his property through, for instance, stalking or theft.
Access to location information also raises child safety concerns as more children access mobile devices and location-based services. According to the American Civil Liberties Union, location updates that consumers provide through social media have been linked to robberies, and GPS technology has been involved in stalking cases.
Surveillance: Law enforcement agencies can obtain location data through various methods, such as a court order, and such data can be used as evidence. However, according to a report by the ACLU, law enforcement agents could potentially track innocent people, such as those who happened to be in the vicinity of a crime or disturbance.
Consumers generally do not know when law enforcement agencies access their location data. In addition to information related to a crime, the location data collected by law enforcement may reveal potentially sensitive destinations, such as medical clinics, religious institutions, courts, political rallies, or union meetings.