Startup uses ultrasound chirps to covertly link and track all your devices

Silverpush, a startup that's just received $1.25M in venture capital, uses ultrasonic chirps that are emitted by apps, websites, and TV commercials to combine the identities associated with different devices (tablets, phones, computers, etc), so that your activity on all of them can be aggregated and sold to marketers.

Silverpush is one of several startups pursuing this approach — others include Drawbridge, and Flurry, as well as the giant Adobe. The apps rely on software that covertly runs on your devices, listening for the chirps. Many companies are apparently using this technology already.

In comments filed with the FTC, the Center for Democracy and Technology raised a warning about these technologies and the ways in which they compromise user privacy. They point out that Silverpush is designed to run with no way of opting out, and no notification of how your data is being used.

I don't understand how you could call this anything but malware.

The user is unaware of the audio beacon, but if a smart device has an app on it that uses the SilverPush software development kit, the software on the app will be listening for the audio beacon and once the beacon is detected, devices are immediately recognized as being used by the same individual. SilverPush states that the company is not listening in the background to all of the noises occurring in proximity to the device. The only factor that hinders the receipt of an audio beacon by a device is distance and there is no way for the user to opt-out of this form of cross-device tracking. SilverPush's company policy is to not "divulge the names of the apps the technology is embedded," meaning that users have no knowledge of which apps are using this technology and no way to opt-out of this practice. As of April of 2015, SilverPush's software is used by 67 apps and the company monitors 18 million smartphones…

…"For example, a company could see that a user searched for sexually transmitted disease (STD) symptoms on her personal computer, looked up directions to a Planned Parenthood on her phone, visits a pharmacy, then returned to her apartment," the letter stated. "While previously the various components of this journey would be scattered among several services, cross-device tracking allows companies to infer that the user received treatment for an STD. The combination of information across devices not only creates serious privacy concerns, but also allows for companies to make incorrect and possibly harmful assumptions about individuals."

Beware of ads that use inaudible sound to link your phone, TV, tablet, and PC
[Dan Goodin/Ars Technica]

(Image: Dara O Briain's Science Club – BBC)