We’re all used to just clicking straight past the “Terms of Service” because they’re impossibly long. Mobile app permissions have the opposite issue, though: we often punch on through because they don’t really say anything about what the permission is actually for. If we could see where our data was going, we might be a little more hesitant about granting permissions. Given that the most commonly asked for permission is your location, then, how worried should you be about giving it to every random flashlight and calculator you install?
What’s in a location?
While GPS is the easiest, fastest, and most precise way for an app to get your location, it’s not the only way that someone can figure out where you are. The following can all be a factor in determining your location:
- GPS satellites
- Cell phone towers connected to/distance from cell phone towers
- IP address
- Wi-Fi network
- Your search activity
And it’s not just latitude and longitude that’s being recorded: location data can also include information about the following.
- your altitude
- your bearing (which direction you’re going)
- your speed
- and potentially more, depending on the program that generates/receives the data
Who has my location/location history?
Any app you’ve granted location permission to, as well as the company behind your phone’s OS (probably Google/Apple), can access your location data while you’re using the app, and in some cases the tracking will stay active in the background. If you have any apps on your phone that require location permissions, it’s best to assume that they know more about where you’ve been than you realize.
Google especially has come under fire for making it seem like turning off location history stopped them from tracking your location but hiding the real option in another setting.
Even your photos might end up as part of your location history. You might have given your camera location permissions, in which case a lot of your photos are going to end up being geo-tagged. Even if they aren’t, machine learning tools might be able to figure it out by looking at your photos.
How is location data used?
Having easy access to someone’s location, both current and past, is a dream come true for anyone who wants to know about peoples’ habits. Currently, most location data goes towards ad-targeting and market research, using big data about user activity to refine marketing strategies and personal data to match individuals with products and services.
This doesn’t sound so bad: it makes life convenient for individuals and marketing more efficient for companies. Even using location data on a large scale to analyze human behavior has some fascinating applications. Most people wouldn’t turn off location if all there was to worry about was seeing ads for things you were close to.
The biggest problems are uses that users didn’t authorize, especially regarding detailed logs of their locations. Some of the main concerns include:
- Giving your data to third parties/partners (happens all the time)
- Governments accessing location data for surveillance/legal action (happens often)
- User routines/habits being recorded and used against them (unknown)
- Identity theft (no confirmed location-related cases)
- General invasions of privacy (has happened)
How worried should I be?
You should probably only worry as much as the worrying would change anything — which is to say, not a lot. The convenience of the smartphone comes with a privacy price tag attached, and you don’t really get to use it (or the Internet in general) without incurring a few of those costs. Collecting or sharing location information without being transparent about where that data goes is just the way things work right now.
This could have some serious consequences in the future, whether it’s constant government surveillance, corporate/criminal privacy invasion, or some other vaguely dystopian-feeling reality, but unless you want to go off the grid completely, your options are fairly limited. The best you can do for now is keep an eye on the apps you grant permissions to (try a permissions manager), opt out of location-based services that you don’t use, and if you have an opportunity to support security, privacy, or transparency in the way user data is treated, go for it!