The Dangers Of Location Tracking

Location tracking is a nightmarish invasion of privacy

Having government and big companies track our locations is a horrific invasion of privacy. We can be sure that big companies will be careless with private information about us, allowing it to be misused by bad actors. The government will almost certainly weaponize it against us. The risks of location tracking outweigh the benefits.

That’s precisely the opposite of what I said when we were talking about the benefits of location tracking. That’s the point. Both sides are correct.

The debate is particularly difficult when you look at the successful use of location data by Taiwan and other governments to limit the spread of Covid-19. Systems could be set up that use track the movements of people who are sick and order those likely exposed to Covid-19 to self-quarantine. Public health authorities could use the data to identify hot spots, allocate scarce resources to hospitals, and give advance warnings of larger outbreaks to state and federal authorities. Privacy activist Maciej Cegłowski puts it this way in a thoughtful essay:

“All of this would come at an enormous cost to our privacy. But this proposal doesn’t require us to give up any liberty that we didn’t already sacrifice long ago, on the altar of convenience. The terrifying surveillance infrastructure this project requires exists and is maintained in good working order in the hands of private industry, where it is entirely unregulated and is currently being used to try to sell people skin cream. Why not use it to save lives? “

The arguments against allowing us to be surveilled to combat Covid-19 seem a bit theoretical. Hand-wringing about privacy is easy to dismiss when lives are at stake. Unfortunately, there is nothing theoretical about the harm that results from the misuse of location data. Databases of our movements can disrupt lives in terrible ways if the information is misused or winds up in the wrong hands – which it inevitably will, no matter how well-intentioned.

Consider how intimate this information can be. As the New York Times notes, these are records of people visiting ” drug treatment centers, strip clubs, casinos, abortion clinics or other places where social stigma can create a powerful desire for privacy. The data we reviewed also reveals Americans making routine commutes from suburban homes to secret government facilities and making trips to churches and synagogues, to counseling sessions and chemotherapy treatments.”

Senator Ron Wyden (Democrat, Oregon) has proposed bills to limit the collection and sale of location data. He has the same concerns: “Location information can reveal some of the most intimate details of a person’s life — whether you’ve visited a psychiatrist, whether you went to an A.A. meeting, who you might date.”

It’s perfectly legal to collect and sell all this data. No federal law limits the data collected by apps on our phones. As I’ve described, the data is passed on to huge companies that add it to our personal profiles. A $200 billion industry has grown up to sell that personal information to advertisers, financial institutions, real estate investors, and marketers. Maps of our movements are available to the government, too, without any spying or collusion with the phone carriers; recently, the Wall Street Journal reported that the Trump administration “has bought access to a commercial database that maps the movements of millions of cellphones in America.” By obtaining the data from marketing firms, the administration hopes to work around the pesky problem of going to court or getting warrants. It is effectively outsourcing the surveillance state.

I’m going to give you a parade of evils. Each of them has affected people in the real world already. The premise is that our location data is more or less readily available, and it is relatively easy to identify individuals even if the data is anonymized – how many phones travel between a specific home and specific office every day?

Children can be tracked by predators.

When he was confronted with location data about his students, the principal at John Muir High School in Pasadena immediately thought about kids he knew who were having trouble with an abusive parent. The New York Times reported: ““I just think about those families,” he said, letting out a short, exasperated sigh. “If there’s child abuse or there’s something going on and this parent has access to find out where this kid is even though they’re not supposed to. That’s what bothers me the most. Because I do know those situations.””

Criminals can see when we are on vacation and our house is empty.

We can be found when we are traveling home at night alone.

There are endless possibilities for blackmail – locations provide all the clues necessary to infer sexual interests and extramarital affairs.

Location data embedded in an eBay photo could give burglars a map to a valuable item.

An employee who visits the same coffee shop for lunch each day, or takes the same train home, might have a laptop stolen with valuable business secrets.

Employers could begin tracking employees to uncover personal issues that might affect job performance – or just to see if an employee is thinking about leaving. From the New York Times:

“In one case, we observed a change in the regular movements of a Microsoft engineer. He made a visit one Tuesday afternoon to the main Seattle campus of a Microsoft competitor, Amazon. The following month, he started a new job at Amazon. It took minutes to identify him as Ben Broili, a manager now for Amazon Prime Air, a drone delivery service. That we could so easily discern that Mr. Broili was out on a job interview raises some obvious questions, like: Could the internal location surveillance of executives and employees become standard corporate practice?”

Advertisers can use location data to target us with ads that are distasteful or unethical. NPR reported on advertisers like Tell All Digital, a Long Island advertising firm that is a client of a location company, which runs ad campaigns for personal injury lawyers targeting people anonymously in emergency rooms.

Ad campaigns can also be used for intimidation. Rewire reported: “A Boston advertiser’s technology, when deployed by anti-choice groups, allows those groups to send propaganda directly to a woman’s phone while she is in an abortion clinic waiting room. He sends advertisements for his clients to women’s smartphones while they are sitting in Planned Parenthood clinics, using a technology known as “mobile geo-fencing.” He also planned to ping women at methadone clinics and other abortion facilities. . . . Sasha Bruce, senior vice president of campaigns and strategy at NARAL Pro-Choice America, says that tagging the cellphones of women who go to abortion clinics falls within the pattern of intimidation.”

Foreign governments could use location data to monitor sensitive sites and identify people with access to them. When the New York Times obtained an extensive database of the movements of millions of phones, it was quickly able to zero in on a person working in the Supreme Court division that controls its servers.

The most obvious way that the government might abuse location data: the Trump administration intends to use its surveillance database for immigration and border enforcement, to target individuals for deportation.

And as the New York Times noted in an editorial last month:

“Without oversight, it is inconceivable that tactics turned against undocumented immigrants won’t eventually be turned to the enforcement of other laws. As the world has seen in the streets of Hong Kong, where protesters wear masks to avoid a network of government facial-recognition cameras, once a surveillance technology is widely deployed in a society it is almost impossible to uproot.”

An article in USA Today recalled the 1950s when pro-segregation Southern states tried to get NAACP’s membership list. The courts prevented those efforts then. Today the government could accomplish the same thing with location data, even if it was initially collected with the best of intentions. “If the government can get location data of attendance at private gatherings, there’s little need to demand a membership list. Using this data together with other info, governments could reverse-engineer membership and supporter lists. It could even know who attended what meeting. Everyone’s smartphone could become a potential government informant.”

Special interest groups, campaigns, and even the administration could use location data to identify attendees at a campaign rally, a pro-abortion gathering, or the Women’s March following Trump’s inauguration:

“After the pings of Trump supporters, basking in victory, vanished from the National Mall on Friday evening, they were replaced hours later by those of participants in the Women’s March, as a crowd of nearly half a million descended on the capital. Examining just a photo from the event, you might be hard-pressed to tie a face to a name. But in our data, pings at the protest connected to clear trails through the data, documenting the lives of protesters in the months before and after the protest, including where they lived and worked. We spotted a senior official at the Department of Defense walking through the Women’s March, beginning on the National Mall and moving past the Smithsonian National Museum of American History that afternoon. His wife was also on the mall that day, something we discovered after tracking him to his home in Virginia.”

In the majority ruling in Carpenter v. United States in 2018, Chief Justice John Roberts wrote: “When the government tracks the location of a cellphone it achieves near perfect surveillance, as if it had attached an ankle monitor to the phone’s user.”

Today we are embarking on a debate about whether the government should be able to monitor the public movement of every person in the United States 24 hours a day to assist in controlling Covid-19. There will be many claims that the monitoring will be limited to the duration of the Covid-19 emergency and that the data will be anonymized.

Well, maybe. But don’t make the mistake of thinking that the conclusion is easy. Governments do not surrender power easily. Government databases can be and are hacked. Even if no bad guy breaks in, individuals with access to the data may be tempted to release it – or use it for their own benefit to stalk an ex-lover or abuse victim.

Stay sheltered, stay well. When it’s time to go back out into the world, keep in mind that you’re carrying around the perfect surveillance device. It raises complicated problems.