When it comes to your privacy rights in terms of GPS location information gathered by your smartphone, tablet, or digital camera with built-in GPS, what do you really know? You probably don’t realize that protection of your privacy is virtually nonexistent. Not to worry, as numerous legislators, the FCC, and certain consumer rights groups are working towards guidelines as to how app developers, law enforcement, marketers, and other third parties can use the GPS data gathered by the devices.
Catherine Crump, ACLU attorney, said, “Collecting personal data is increasingly easy for the government to do but hard for citizens to detect, so it’s more important than ever for the American public to know the rules that law enforcement is operating under, especially when it comes to location tracking.” This comment was in regards to a lawsuit filed by the ACLU in attempts to force the FBI to say how and when agents use GPS tracking devices. Do you know anything about GPS and how it relates to your privacy? Read on for 7 things you might not know.
1. Your Camera Might Be Recording Your Location Information
Some people might not realize that the new digital camera they’ve acquired can store their location data. While this is normally used for legitimate purposes, there was a recent case where geotagged photos of bikini-clad girls holding handwritten FBI taunts, posted by the hacker group CabinCr3w, led the FBI right to one of the girl’s houses. The image they posted included EXIF-encoded GPS coordinates. Wouldn’t you think someone as tech-savvy as a hacker would know this prior to posting the images? Apparently not.
2. Lack of GPS Sharing Notifications
Right now, there are few rules in place regarding the sharing of GPS data by third parties. Kroll Advisory Solutions said in a recent report, “Part of the problem lies in the many different entities involved – wireless carrier, operating system provider, application developer – who may all have access to the consumer’s personal information. A consumer may have some control through device settings and discretion in what types of applications he or she chooses to use on the device, but these measures cannot guarantee that data will not be shared with third parties.”
3. Varies from Country to Country
Some countries are quite strict when it comes to privacy, while others aren’t. For example, the Geolocalization Law of Mexico gives law enforcement the right to request real-time location data from mobile service providers at will, while the European Commission’s Article 29 Working Party said that as geolocation data is personal, this information can only be shared, collected, or stored with the user’s express consent.
4. FTC to Congress: Protect GPS Data
The FTC obviously sees the problem with having loose privacy laws regarding use of location data. In their March report “Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Businesses and Policymakers” implores that Congress take steps to protect users’ mobile data, including GPS data. They also ask lawmakers to create a law requiring third-party companies disclose all information they hold on users, including their location data.
5. Geolocation data: Hot Issue in Congress
There have been bills introduced in Congress to regulate GPS data privacy, like last year’s bill introduced by Sen. Ron Wyden and Rep. Jason Chaffetz, the Geolocation Privacy and Surveillance Act. This bill would require “the government to show probably cause and get a warrant before acquiring the geolocation information of a US person, while setting out clear exceptions such as emergency or national security situations or cases of theft or fraud.” This bill was attached to the Cybersecurity Act of 2012 as an amendment, but was sadly defeated.
6. Malware Relying on GPS Location
There is an email circulating which appears to be from a local law enforcement agency relying on the users location data, appearing to be harmless but quickly disabling your computer. After the computer is locked, an amount of money is requested to unlock the computer. This happened last month in London, and police said “This is a fraud and users are advised not to pay out any monies or hand out any bank details. This scam is now affecting many countries in Europe and further afield, with each email tailored to include the branding of that country’s law enforcement agency.” Even the FBI is alerting American’s of this scam. “This malware is doing the rounds across a lot of different countries,” said Dublin’s Brian Honan, independent security consultant. “It is coded to use geolocation to detect which country the infected computer is in and to use the logos…of the relevant law enforcement organization for that jurisdiction.”
7. You Have No Control Over Activation of Your Phone’s GPS Location Tracking
Yes, it’s true, says a recent court ruling. Police can not only access the GPS data on your phone, they can also activate the GPS location tracking, even if you’ve disabled it. In the case of Melvin Skinner being heard in the US Court of Appeals for the Sixth Circuit, convicted of drug trafficking and sentenced to 20 years, this is quite clear. Skinner had a problem with the fact that DEA agents used his GPS location data to track the motor home containing 1,100 pounds of marijuana he was driving, violating his Fourth Amendement right against unreasonable search and seizure. If you read carefully in the document describing the ruling, it appears police not only tracked Skinner, but activated the GPS tracking by merely calling his prepaid cellular provider. The court’s verdict: the DEA was within their rights.
Use the information you just read wisely. Think through each and every move you are making on your device, and don’t forget to contact your congressman to ask them to support any bills tightening regulations on your precious location data and privacy rights.