What is location privacy?
Location privacy refers to the concept of having control over who knows where you are and where you’ve been, as well as any additional data that may be associated with your location. To some extent, everyone sacrifices a certain amount of location privacy simply by stepping out of the house. In legal terminology, your “expectation of privacy” is diminished any time you enter a public place. However, the cost of obtaining your location has drastically decreased with the proliferation of GPS-enabled devices.
Until recently, police would have physically follow suspects in order to track them. Now, a single officer may be able to simultaneously track dozens of individuals through a single computer screen. While you’re probably not being constantly tracked in real-time by local law enforcement, companies like your cell phone carrier still keep extended records of where your devices go. The amount of information available about your location and travel habits has skyrocketed, while regulations and industry best practices have struggled to keep up.
How does my location get tracked?
It would be impossible to list all the systems and devices that can reveal your location or travel patterns, but some of the more common examples are below:
- Cell phones, whether or not you own a smartphone
- Vehicles with built-in GPS systems (such as OnStar)
- Apps and services that use location-based information, (e.g. Foursquare, Yelp, Facebook Places, local weather apps, and smartphone-based GPS apps)
- Automated toll passes (e.g. FasTrak and EZ-Pass)
- Municipal travel passes (e.g. ClipperCard in San Francisco, CharlieCard in Boston, and MetroCard in New York)
- Your computer’s IP address, which can be linked to an approximate geographical location
Why do I care who knows where I am?
According to a study done by researchers from MIT, Harvard, and Belgium’s Louvain University, 90% of individuals can be uniquely identified using just four location data points, and half can be identified using just two data points. Depending on who has access to your location data, the answers to all sorts of sensitive questions can be revealed:
- How often do you visit a therapist?
- Did you meet with a recruiter for a competing company today?
- Who is my ex-wife or ex-husband seeing?
- Have you been to a political rally recently?
- Are you home right now, or is your house empty?
If your cell phone provider sells location data to marketers, there is a very good chance that an advertising company could learn quite a bit about your movements. This is just one method where third parties can gain unexpectedly revealing location data about you in unprecedented ways.
When it was launched in 2010, PleaseRobMe.com caused a veritable firestorm of controversy by highlighting tweets that revealed the location of Twitter users who have a public feed. When you tweet “On vacation in the Bahamas until Tuesday,” there is a (very public) implication that your house is empty, and thus available to rob.
This doesn’t mean that all location tracking is bad. The same data that can be used to show that you drove through a tollbooth on Wednesday at 7:56 AM, can also be used to show which roads are the most congested, and when construction will have the least impact. It all depends on who has access to the data, how long it is maintained, and why it’s being collected.
What legal rights do I have for location privacy?
When it comes to managing location data about you that is held by private companies, often your only choice is to simply not use that particular service provider if you don’t want them tracking your location. For example, a cell phone provider will inherently track your location based on the cell towers you connect to – there’s no way around this. While the proposed Location Privacy Act would create additional requirements for businesses to obtain your consent before collecting location data about you, it has not been signed into law yet.
When it comes to the government tracking your location, there are more legal protections afforded to you. The Fourth Amendment to the US Constitution gives you the right against “unreasonable searches” by the government; as a result, the Supreme Court has held that law enforcement agencies must generally obtain a warrant before tracking a suspect’s location.
While there are still many controversies over data collection practices by the NSA, two things are generally known: first, that they have been collecting large volumes of cell phone location data without a warrant. Second, they have been secretly sharing this information with law enforcement officials, using a legal doctrine known as “parallel construction.” In other words, the NSA will provide tips to law enforcement agencies while hiding the source of the info. It is still unknown what rights you may have in court to use or suppress evidence related to NSA surveillance, but this will undoubtedly change over the next few months as new court cases are brought and legislation is written to address this issue.
On the state level, an increasing number of states are providing stronger privacy protections for location data, including explicit requirements for law enforcement to obtain a warrant in a wider range of situations.
How can I better control my location data?
- Review your smartphone settings periodically to see what apps are authorized to use your location data. Instructions for iPhone users can be found here, while Android users can look here.
- Keep your toll transponder in a foil pouch when not actively using it to pay a toll – this will prevent it from being read in other locations
- Assume that random strangers will access any location information you post in a public forum such as Twitter.