The New York Times Privacy Project recently got their hands on a gigantic data file that contains cellphone location data for over 12 million Americans going about their daily lives. The origin of this data cache is not a large tech company, like Facebook or Google, who have faced personal data scandals in the past. Nor is it the government spying on its citizens. The anonymous source of the data acquired it from a company specifically designed to collect this kind of data. It is implied that the source works at this unnamed company. They came forward after they became increasingly concerned that the data could be abused.
The data contains over 50 billion location pings being tracked for months at a time in 2016 and 2017. The New York Times reports it as the “largest and most sensitive” data file of its kind to ever be examined by journalists. The data is focused on major metropolises like New York, Los Angeles, San Francisco, and Washington.
The data show movements of people in highly secure buildings like the Pentagon and the White House, as well as the New York Stock Exchange and Grand Central Station. Journalists went through the data and found that they could watch the dots of people visiting celebrities’ homes or the Playboy Mansion. The data tracking is indiscriminate and classless; as long as the city was being tracked, it was being tracked in all neighborhoods.
Any app that has the “share your location” option may have been used to track the cellphone it was on. This includes weather apps, news apps, and even some coupon savings apps. The data can be used to follow a person around, see where they shop, work, pray, or eat.
Companies that collect this data claim that the data is secure and anonymous, but it becomes obvious that even if a person’s name isn’t immediately available, that if you can track all their movements you can figure out their home address. Paul Ohm, a law professor and privacy researcher at Georgetown University Law Center, said this anonymity is, “a completely false claim,” and that, “Really precise, longitudinal geolocation information is absolutely impossible to anonymize.” The companies also claim that people have consented to be tracked. The New York Times was able to use the data along with publicly available information to track the movements of people in positions of power, including military officials with security clearance, police officers, and well-known attorneys often accompanied by guests.
Data tracking is entirely legal and the industry largely is unregulated. “The seduction of these consumer products is so powerful that it blinds us to the possibility that there is another way to get the benefits of the technology without the invasion of privacy. But there is,” William Staples, founding director of the Surveillance Studies Research Center at the University of Kansas, said. “All the companies collecting this location information act as what I have called Tiny Brothers, using a variety of data sponges to engage in everyday surveillance.”. Concern for what these companies could do with this data range from selling it to foreign governments to ex-spouses. Even if the companies are acting as they say they are, there is nothing to stop the individual employees of the company who have to sort through the data from using it for personal agendas. National security concerns are evident. The Times says that President Trump can be tracked, as can people participating in protests against Trump, or people attending Trump rallies. Even children’s phones are also being tracked.
Data firms tend to have other types of user information like demographics and advertising IDs which when combined together with location data could completely erase a person’s privacy.
These data firms like Factual, Foursquare, Safe Graph, Ground Truth, and Inrix, to name only a few, have been solely self-regulated. The chief marketing officer of Factual, Brian Czarny, said that the company is not worried about the risks presented by collecting this data and that no companies should be selling the detailed personal data, “because it’s a risk to the whole business,” implying that he fears regulation if the companies step over the line. Factual joined the Mobile Marketing Association, along with other data companies in a promise to be more self-regulated.
States are starting to enact privacy laws to deal with data tracking firms, while federal laws regulating the industry remains absent. The California Consumer Protection Act, which goes into effect in the new year, empowers the state’s residents to ask companies to delete their data and to prevent it from being sold.