12 miljoen telefoons, 1 dataset, 0 privacy
Stuart A. Thompson en Charlie Warzel beschrijven in Twelve Million Phones, One Dataset, Zero Privacy hoe allerlei (gratis) apps continu jouw locatie bijhouden:
Every minute of every day, everywhere on the planet, dozens of companies — largely unregulated, little scrutinized — are logging the movements of tens of millions of people with mobile phones and storing the information in gigantic data files.
Het bijhouden van de locatie van smartphones via apps is gewoon legaal. Er zijn niet of nauwelijks regels die dat beperken. En de bedrijven die locatiegegevens bijhouden vinden dat ook geen probleem: gebruikers hebben er toestemming voor gegeven, de data is ‘anoniem’ en wordt veilig opgeslagen. Zeggen ze. Maar:
In most cases, ascertaining a home location and an office location was enough to identify a person. Consider your daily commute: Would any other smartphone travel directly between your house and your office every day?
Het kan dus iedere ‘gewone’ burger raken. Maar in het tweede deel van de serie identificeerde de NY Times simpel een lid van de geheime dienst die de president van de V.S. bewaakt.
The vulnerability of the person we tracked in Mr. Trump’s entourage is one that many if not all of us share: the apps (weather services, maps, perhaps even something as mundane as a coupon saver) collecting and sharing his location on his phone.
Dat is schering en inslag. Technologieverslaggever Nic Nguyen van Buzzfeed schreef vorig jaar al over hoe marketingbedrijven de ontwikkelaars van apps proberen te overtuigen om locatiegegevens van gebruikers met hen te delen:
When you consent to sharing your data with many popular apps, you’re also allowing app developers to collect your data and sell it to third parties through trackers that supply advertisers with detailed information about where you live, work, and shop.
In November 2017, Yale Privacy Lab detected trackers in over 75% of the 300 Android apps it analyzed. A March 2018 study of 160,000 free Android apps found that more than 55% of trackers tried to extract user location, while 30% accessed the device’s contact list. And a 2015 analysis of 110 popular free mobile apps revealed that 47% of iOS apps shared geo-coordinates and other location data with third parties, and personally identifiable information, like names of users (provided by 18% of iOS apps), was also provided.
Kijk dus gelijk even de instellingen op je telefoon na. Zo doe je dat. Maar zelfs als je een app geen toegang geeft tot je locatie kunnen ze die op een indirecte manier achterhalen:
Even restricting location access on an app won’t necessarily prevent it from revealing your location. Abbas Razaghpanah, a researcher at Stony Brook University, found 581 Android apps, including dozens geared toward preschool-age children made by a developer called BabyBus, shared Wi-Fi access point names and MAC addresses (a unique identifier assigned to all network devices, like your router), which can be cross-referenced with a public database to pinpoint your location.
Het blijft wachten op regelgeving die consumenten op dit vlak enigszins gaat beschermen.