EBGAP: Error Between Google and Privacy
The year is 2031, and I'm going to see Avengers 7 in 8K-vision. I hop in my Goober self-driving car and notice something strange – my location is displayed on the Goober Dashboard, even though I opted out of Google AlwaysTrack™! There's a complete disconnect between what the user interface is telling me and what actually happens without my knowledge or consent.
Yesterday's Associated Press exposé by Ryan Nakashima is the 2018 version of this scenario. When people turn off Google "Location History" they, predictably, expect their location history to be turned off. Google, with its insatiable hunger for data, has designed location tracking to be much more invasive than that.
As it turns out, even digging through menu settings is not enough to keep your location private from Google. This prompted K. Shankari, a graduate researcher at UC Berkeley, to start asking tough questions about what exactly is tracked and when. The answer is anything but straightforward, as Princeton researcher Gunes Acar verified for AP when he mapped out Google's record of his travels.
The fact that there are a variety of ways for Google to track a user's location after they toggle "Location History" off is no surprise to privacy advocates and hackers. The problem is especially tangible on Android devices, where Google tracking software is fundamentally baked into the operating system, a layer of surveillance running on top of Free Software.
Android handsets were designed to gobble up information from the outset. With its purchase of Android, the Google ad behemoth hoped to fill its coffers with sensor data from millions of smart devices. Those devices now number in the billions. Android is the world's most pervasive operating system, by an order of magnitude from its nearest competitor, Apple iOS.
During Yale Privacy Lab workshops, we consider stock versions of Android and iOS a lost cause. Most consumer smartphones are untenable as privacy-respecting devices, with modifications requiring a steeper learning curve than we can cover in a reasonable time.
It's still far too impractical to flash a phone or tablet with alternative versions of Android. The most secure version I know is only available for a few handsets. "Jailbreaking" iPhones can be problematic from a privacy and security perspective, and many Android phones require risky hacking that can take hours and might "brick" the device if not done correctly.
Replacements for the spies in our pockets, like the GNU/Linux-powered Librem phone, are on the horizon. Carriers will continue to tie cellphone purchases to service contracts, however, and the grip of Android and Apple phones in the U.S. certainly seems ironclad.
So, what can be done as a stop-gap measure, besides throwing out your phone? Avoiding apps that require location permissions is a start. People can also try the steps outlined by AP to limit location tracking.
Since Google Play is incredibly polluted, Android users should replace it with the Free Software "app store" F-Droid. If people do want apps from Google Play, they can download them via the Yalp Store app, which now has Exodus Privacy's excellent scanner built in.
It's easy to dismiss the "Location History" issue as something that people should have already known and understood. I'm already bracing for the articles that say, "No one should have expected a magic button to actually stop location tracking." Perhaps even privacy experts will agree with proponents of the ad-based information economy on that point. A few days working with people stuck in the depths of the Digital Divide would flip that perspective.
Google's responses about this issue have not been encouraging, and the company dismisses any concerns about "Location History" as confusion on the part of users and reporters. Fears of location tracking may contribute to the fallout in the European Union, where Google is already facing $5 billion in fines for Android anti-trust violations.
Whether or not Google's location tracking runs afoul of the EU's new GDPR regulation remains to be seen. To me, it's clear that Google does not require the same "affirmative consent" it seeks from Android developers who ship apps via Google Play. Worse, Google seems to have learned nothing from last year's location scandal.
The furor over the "Location History" toggle is an encouraging sign for advocates of digital privacy and software freedom. Every time a news story exposes a little more of the seedy underbelly of surveillance capitalism, more fuel is added to the fire of dissent. As journalists get more savvy and informed about surveillance, they're reaching bigger and bigger crowds of privacy-conscious people.
Appearing at Yale Law School last year, Eben Moglen reminded us, "This isn’t over yet." Who knows? Maybe 2031 will be a better year than 2018, and Google won't try to sell us a toggle button as privacy panacea.
Sean O'Brien is a lecturer at Yale Law School and leads Yale Privacy Lab, an initiative of the Information Society Project.
Some 1,600 people were secretly livestreamed while staying in South Korean motel rooms where cameras had been hidden by criminals who operated a 4,000-user service for voyeurs, where a $45/month upcharge bought subscribers the right to access replays and other extra services.
Last year, California was one of several states to introduce right to repair legislation that would force companies to end practices that discourage the independent repair sector, creating a requirement to sell replacement parts, provide documentation, and supply codes to bypass DRM systems that locked new parts out of devices until the company activated them.
The term "meritocracy" was popularized in the UK sociologist Michael Young's 1958 novel, "The Rise of the Meritocracy," in which aristocrats insist that they are the natural rulers of their society based on "objective" measures of worth ("merit" + "aristocracy" = "meritocracy") that are obviously tilted to favor them, a fact that they are conveniently […]
If you’re a Mac user, you thrive on simplicity. Everything in its place and a place for everything. Unsurprisingly, there’s a ton of great organizational apps out there for Mac, and now someone’s had the great idea to bundle them all together. Whether you’re running a demanding business or just getting through the day to […]
Seems like drones are doing a lot of jobs these days, from reconnaissance to delivery. Now, we can add “keeping the Death Star safe” to that list. Whether you’re a drone enthusiast or a Star Wars fan, these Star Wars Propel Drones are undeniably the coolest toy around. Yes, that’s a fully functional drone replica […]
It’s spring clearance time for the Boing Boing Store, when some of the best deals from the holidays return even cheaper than before. From top-rated apps to educational software to the cutest record player of all time, they’re all back with a little extra incentive. Shop your heart out before tax season wraps up! Use […]