Yesterday evening, the Associated Press revealed the results of an investigation, which shows Google services on Android devices and iPhone store location data and tracks the user, even if you’ve used a privacy setting that says it will prevent Google from doing so. IT security experts commented below.
Tim Mackey, Senior Technical Eevangelist at Black Duck by Synopsys:
“There is a basic saying when it comes to most technology – “Just because you can, doesn’t mean you should”. The corollary of that is “If my mother can’t figure out what it does, or how to turn it off, it’s too complicated”. It’s been widely understood for some time that tech giants like Google use data supplied through the use of their services as part of their efforts to personalise the experience. For practical purposes this supply of personal data has been part of the virtual fees we pay to companies in exchange for “free” access to the services provided. With GDPR in the EU now in effect, and regulations like CCPA on the horizon, companies collecting personal data need to reassess their use of personal data.
In looking through the lens of GDPR Article 6 at the test data presented in the AP article, some obvious questions are raised.
- Has the user given consent to the collection of location information as a result of performing a search query?
- Is persistent storage of location information required to present search results?
- Processing of location information is clearly required to return local weather information when a user doesn’t supply their location, but if persisted for future weather reports was this persistence part of the users’ expectations for the service?
- Does Google have a legal obligation, or public duty, to collect location information for their services when the user has otherwise indicated they wish privacy over?
Since we’re talking about consumer level services, the expectation of the consumer for an “off switch” is what matters most. Users wishing their location be kept private indicate this preference through the “Location history” setting. That any given application might have independent settings for location related data is how an application developer or vendor approaches the problem. If vendors placed themselves in the shoes of a consumer and respected the setting, managing consent under regulations like GDPR would be simpler and the user’s expectations would be met.
When we recognise that our digital footprint is effectively a personally identifying attribute, access to that attribute becomes more valuable. This is true for marketers wishing to learn when we’re in the mood to buy their product, and in a location where it’s available. This is true for malicious actors who can use location information to determine not only patterns of behaviour for their targets, but know when to best commit their crime. This is also true for law enforcement seeking to identify suspects following the commission of a crime. In each of these examples, the same location and identity data can be used for good or for ill to identify an individual.”
Jesse Victors, Software Security Consultant at Synopsys:
“When Google builds a control into Android and then does not honour it, there is a strong potential for abuse. It is sometimes extremely important to keep one’s location history private; such as visiting a domestic violence shelter, for example. Other times you may simply wish to opt out of data collection. It’s disingenuous and misleading to have a toggle switch that does not completely work. This, and other examples before it, are one of the reasons why my phone runs LineageOS, a Google-free fork of Android.”