You Are Here: Scary New Location Privacy Risks

By Bill Snyder, CIO |  Security, Geolocation, privacy

Last year, the FBI obtained secret permission (but didn't actually get a warrant) to monitor the location of 180 cell phones in the course of an investigation into a bank robbery, according to a court filing by the American Civil Liberties Union and the Electronic Frontier Foundation. The difference between the order obtained by the FBI and a warrant isn't just a technicality. Obtaining a warrant requires a much higher standard of proof that a crime has been committed or will be in the near future.

The government's contention that warrants aren't needed to monitor the location of cell phone users disturbs me, and it apparently disturbed U.S. Circuit Judge Dolores Sloviter who said this during a court hearing in Philadelphia: "You know there are governments in the world that would like to know where some of their people are or have been. Can the government assure us that it will never try to find out these things?" she asked.

Social Networking Your Privacy Away

By now, most of us know that the privacy settings on sites like Facebook can be difficult to use, and it doesn't take much of a mistake to widely disseminate information we meant only for our close friends. What's more, many social networking sites transmit personal information to third parties, particularly advertisers, unless a user has opted out.

Being subjected to ads keyed to your browsing habits can be intrusive, but the potential for harm isn't great. But when that personal information includes your current location, or addresses you've visited in the recent past, the issue becomes more serious.

Wills, the Worcester Polytechnic researcher, looked at 13 mobile online social networks, including popular services like Brightkite, Buzzd, Flickr, Foursquare, Gowalla, Loopt, Radar, and Urbanspoon and seven older social networking services such as Facebook, LinkedIn and Twitter.

Wills and his colleague, AT&T Labs researcher Balachander Krishnamurthy, tested the sites using a "sniffer" that allowed them to see all network traffic to and from mobile phones they were testing. (You can read their research paper here.)

With the exception of Loopt, all 20 leaked some kind of private information to third-party tracking sites. Buzzd, for example, shared the user's location with Pinch Media, a seller of Web analytics services and tools, without overt permission or disclosure, the researchers found.

Foursquare passes the user's latitude and longitude to the Google map service to show his or her current location. That's what you'd expect, of course, but Wills found that the geographic data is also shared with a dozen or so other sites.


Originally published on CIO |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

SecurityWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness