July 15, 2016
When we’re using a mobile location-based application such as getting driving directions from Google Maps, it’s not surprising to see advertisements from local businesses showing up in our browsers. Customized advertising, after all, is Google’s bread and butter.
But as owners of GNSS-enabled mobile devices move around through the world, they are often followed by similar unsolicited offers and advertising from apparently random sources.
What’s that all about?
Well, usually it’s in the fine print of the ubiquitous privacy policies that go into effect when you launch an application — policies that most of us don’t take the time to read. In these often lengthy documents, GPS and related GNSS technologies are increasingly being called out as the source of real-time location data about users.
We would expect location-based service (LBS) applications such as Uber or SkyHook to have well-developed policies on use of customers’ locations.
But Whole Foods, the NCAA, Weather.com? In fact, any app that users might launch on their mobile devices could be handing their location information over to third-parties — advertisers, service providers, and others — as a way to generate additional revenue unrelated to the products and services the company is offering.
“We and our business partners and other third parties may send you product promotions that are aligned with your purchase trends and/or interests identified through automatically-collected information,” the policy continues. “In addition, we may share information about you as follows: With our business partners, affiliates and other third parties for purposes of sending their own marketing unless you are a California customer and you opt out of this type of sharing by emailing us at firstname.lastname@example.org.”
The policy caveat continues, “If you agree to such collection, in most cases, you will be able to turn off such data collection at any time by accessing the privacy settings of your mobile device and/or through the settings in the applicable mobile application. “
And while you’re getting those weather reports, Weather.com says that it “may share demographic information, location data, advertising identifiers, truncated IP address and aggregate (not individual) usage statistics for the Services with advertisers and other third parties.”
Location data practices can sometimes land companies in trouble with regulatory and law enforcement agencies. Earlier this year, Uber, whose service provides an alternative to taxi operations, signed an agreement with the New York attorney general’s office to encrypt rider geo-location information, adopt multi-factor authentication that would be required before any employee could access especially sensitive rider personal information, as well as other leading data security practices.
Many of the policies indicate that users may opt in or out of such data-sharing changing settings in their mobile devices or in the apps themselves, but the transparency of such options varies from device to device and application to application. And many companies include disclaimers for any responsibility for the privacy policies of third parties with which they share the data.
All in all, the proliferation of apps, devices, and accompanying privacy policies may eventually produce an indifference to the issue of location privacy or, conversely, a suspicion about mobile apps in general.
As Shashi Shekhar, a professor in the Department of Computer Science at the University of Minnesota, and colleagues at Columbia University and Purdue University wrote in a Communications of the ACM article earlier this year, “Many individuals thus hesitate to indulge in mobile commerce due to concern about privacy of their locations, trajectories, and other spatiotemporal personal information.”
The authors continue, “New legal principles must be devised to align with ‘fair information practices,’ especially those related to notice, transparency, consent, integrity, and accountability. However, such alignment also raises questions, including: What would be considered “adequate notice” for collecting spatial data? How should consent be requested? What information should be stored, and for how long? More broadly, when does localization (such as GPS tracking) lead to a privacy violation?”
Indeed, a couple of years ago, the Location Privacy Council issued a set of guidelines for how companies should use location information.
Ironically, the younger cohort of the U.S. population known as Millennials, are both the largest users of mobile applications and yet the most concerned about location privacy. According to a 2013 Boston Consulting Group survey, Millennials ranked “Exact Location” as the fourth most important private data in a list of 20 types of data, higher than other age groups
Note: The photo of the eye is by Thomas Tolkien, courtesy of Wikipedia/Creative Commons.
Copyright © 2016 Gibbons Media & Research LLC, all rights reserved.