Setting the Record Straight on Location Tracking and Privacy
Jul 14, 2011
Source: Converge! Network Digest
A so-called 'location-gate' controversy has raged over the revelation that Apple and Google tracked mobile subscriber location movements and stored that information in an unencrypted file on the handset that was potentially vulnerable to hacking and other attacks. With privacy already on the minds of many due to the increasing trend for individuals to share personal and financial information over the Web, and highly-publicized incidents such as the Sony PlayStation hacking attack, powerful reactions (or over-reactions) erupted and continue to this day among media, bloggers and others. Left unsaid is the fact that subscriber location and other sensitive information have always been in the hands of mobile operators and, with the advent of Smartphones, the device platform and applications providers. The crucial difference is that mobile operators do not track subscriber location via the 'bread crumb trail' method Apple and Google have used, nor do they store location information where it is vulnerable. The discussion should be refocused on how location and other sensitive information is protected, what it is used for, and the responsibility consumers have to make sure they understand how and why their location information is being recorded.
'Location-gate' and its aftermath
On April 20, at the Where 2.0 conference in Santa Clara, California, security researchers Alasdair Allan and Pete Warden revealed that Apple had been tracking iPhone user location information and storing that information in a 'hidden' file residing on the handset. The media, consumer, and, ultimately, political uproar that followed was driven both by the revelation that location information was being collected (the 'Big Brother' effect) and by the clumsy initial response from Apple. The company first denied it was tracking subscriber location, "Apple is not tracking the location of your iPhone". It then clarified what it was actually tracking, "[the iPhone is] maintaining a database of Wi-Fi hotspots and cell towers around your current location". To most people, this sounded very much like Apple was tracking their location. Apple then said it would issue a software fix, and finally explained that, "this cache is protected but not encrypted, and is backed up in iTunes whenever you back up your iPhone. The backup is encrypted or not, depending on the user settings in iTunes." Once Google was revealed to be doing something similar, it stated that, "all location sharing on Android is opt-in by the user. We provide users with notice and control over the collection, sharing and use of location in order to provide a better mobile experience on Android devices. Any location data that is sent back to Google location servers is anonymized and is not tied or traceable to a specific user."
Despite these explanations, the controversy raged and soon politicians involved themselves, with Senator Al Franken leading the Senate Consumer Protection, Product Safety and Insurance Subcommittee focusing on "industry practices with respect to online mobile data collection and usage." Numerous media and consumer advocacy groups have expressed concerns that the practice of collecting and storing mobile subscriber location information within a file residing on the device jeopardizes subscriber privacy and exposes this information to hacking. Executives from the companies involved in 'location-gate' have testified to the benign nature of what they are doing and, indeed, many mobile subscribers understand the trade-off between allowing their location to be identified and receiving the benefits of mobile advertising and location-based services.
Setting the record straight
To truly understand the potential threat to one's privacy, one must understand how and why location information is tracked or recorded, where the information is stored, and what the actual danger is to mobile user privacy and security. Alternative location methods enable useful location information to be recorded for the benefit of subscribers, while ensuring security and privacy beyond what Apple and Google are doing.
Identifying mobile subscriber location is not new. However, demand for location-based services, along with the proliferation of Smartphones, has driven technological advancements which enable location to be known with much higher accuracy. This in turn enables wireless operators and Smartphone providers to offer services that people like - responding quickly to an E911 emergency call, providing driving directions in an unfamiliar area, offering relevant mobile coupons, and locating nearby friends via a social media application. None of this would be possible if the mobile operator or application platform provider was unable to identify mobile subscriber location. Consumers of these services implicitly or explicitly give permission to have their locations identified by opt-in when they purchase an app or download a service for some value-added benefit.
Location identification is not a 'Big Brother' attempt to invade the privacy of mobile subscribers. It is primarily driven by public safety (e.g. the need to quickly locate emergency callers) and the mobile app business model. Operators and apps developers can make money by selling location-based services. Advertisers can increase business by conducting location-aware mobile advertising. While these groups use location to drive revenues, they also offer consumers something in return (coupons, convenience, knowledge). It is a straightforward and simple business interaction.
aPrivacy advocates have decried the fact that Apple and Google are tracking location to increase their understanding of what their customers are doing and, in turn, benefit their businesses (e.g. by selling more ads). This is an obvious point and one the companies do not deny. In October 2010, then-Google CEO Eric Schmidt stated that, "the Google policy on a lot of things is to get right up to the creepy line and not cross it." The tension between maintaining one's privacy while maximizing the usefulness of the Internet is not inherent to mobile location. Anytime someone conducts a Web search, posts updates on a social media site, or posts comments on a blog, that information is capable of being monitored and being used. Those that have a problem with this would need to take some extreme and impractical measures (stop using a cell phone, tablet, Internet at home or at work, stop using social media sites, etc.) to prevent this or make it anonymous.
A more secure alternative
While most of us are unlikely to go 'off the grid' to ensure privacy, it is important to know that there are location methods that are safer than the device-driven, or user-plane, location tracking that Apple and Google have utilized. These network-based, or control-plane, methods, such as RF pattern matching (RFPM), identify and process location information behind the network operators' firewall, with standard protocols for security and privacy. RFPM boasts a 100% security record for subscriber mobile location information it produces.
For years, mobile subscribers have entrusted the operators with other sensitive personal information. Operators look up your credit score when you apply for a phone, they know your home or work address, they likely know your banking information if you sign up for automatic bill pay, or credit card information if you pay that way. The operator knows the number of every single person you call or text and knows when and how many times you call and text that person. They know what apps you download and how often you access them. Yet, there has not been nearly the hysteria over operators knowing this information than there has been about location tracking.
Up until this controversy erupted, most of us were comfortable, and possibly unaware, that all this information is collected and stored by the operator. Unlike what Apple and Google have done with location information, operators are not storing this information on a file in the phone, where it can be hacked and used for negative purposes. Location information deserves the same 'walled garden' protection that other standards-compliant control-plane solutions provide.
Location-gate is unlikely to go away soon, even as our reliance on mobile smart-devices increases and we continue to seek out location-relevant offers and information. At the same time, we become more anxious about our privacy being compromised. It is comforting to know that there are location methods that enable us to avoid choosing between the high-accuracy location-based services we need and want, and the privacy and security we must maintain.