Keep Your Location To Yourself
Hi friends!
Your phone is constantly collecting and sharing information about you under the guise of targeting ads through what's called the Real Time Bidding process:
Apps and websites collect information about you and the content you're viewing including your unique advertising identifier, location, IP address, device details, demographic information, and inferred interests
This information is turned into a "bid request" that is sent to thousands of potential advertisers. The advertisers use your data to decide if you are relevant to their campaign, and if so how much to bid on the opportunity to show you their ad
These personalized ads may feel creepy at times, but isn't that an acceptable trade-off to access apps and content for free?
Collecting, not bidding
If that were the end of the story, maybe. But data brokers that collect, consolidate, and resell data exploit this process to amass information about users even if they don't plan to bid on ads.
(Not) anonymous
Most apps claim this data is "anonymous". While identifiable information like your name, email address, or phone number may not be included, the bid request includes a string of letters and numbers called an Ad ID. This identifier is unique to your device, which can be used to build up a profile over time.
Consider these two location snippets:
{
"adId": "123456",
"significantLocation": "1234 Main St",
"signficantTime": "evening"
}
{
"adId": "123456",
"significantLocation": "400 Corporate Ln",
"significantTime": "morning"
}Because they share the Ad ID 123456, we know they belong to the same device. Data brokers can use these significant locations to infer where the owner of the device lives and works. Any future data tied to Ad ID 123456 add to this picture. These "anonymous" snippets combine into a profile that's easy to link back to your real-life identity.
Surveillance as a Service
Once data brokers have their hands on this data, there are few rules about what they can do with it. Location data has been used in all sorts of creepy and harmful ways, including outing a gay priest, selling lists of people who attend political protests, and even revealing the location of a military aircraft carrier.
The commercial nature of this data creates a loophole in 4th amendment protections. The 4th amendment protects against "unreasonable searches and seizures". In order to compel a company to turn over data about its users, a law enforcement agency must go through the courts. But agencies are free to purchase location data (often in bulk) without any judicial oversight.
Protecting your location
So what can we do?
First, both iOS and Android allow you to disable your Ad ID. Apart from seeing ads that are slightly less targeted to your interests, there are generally no downsides to this option. This guide walks you through the steps on both operating systems.
Second, you should regularly audit the apps that have access to your location and choose the most restrictive option that allows each app to function. You can typically choose when apps can access your location (always in the background, while using the app, ask every time, or never) and whether to share your precise or general location.
There's no one-size-fits all approach, but here's my thought process for various apps:
Navigation or ride-share apps (e.g. Uber, Lyft, Waze, Apple Maps, etc.): precise location, only while using
Location sharing apps1 (e.g. Find My): precise location, always allow. I try to grant this level of access to as few apps as possible, but this is a use-case where background sharing is necessary to the functionality of the app.
Weather apps2: general location, always allow. The forecast is the same for mine and my neighbor's houses; neighborhood-level location is fine for this
Stores, restaurants, and airlines: no location access. They don't need to know where I am.
Apps that need to connect to smart devices (e.g. Sonos): precise location, while using. This one is weird - on iOS, the ability to detect these devices is tied into the precise location permission. You can usually revoke location access when you aren't setting up a new device.
When in doubt, deny by default. If that breaks the app, you can go back to the location settings to grant permission.
That's all for now!
Party on,
Zak
Be cautious about which location-sharing apps you use. Life360 got into trouble a few years ago for selling precise location data from tens of millions of users. If you use iOS, Find My is generally more privacy-friendly than alternatives. ↩
For extra privacy, most weather apps allow you to manually search by zip code or city without sharing your location at all. If you mostly look for forecasts in one or a a few consistent areas, this is a good alternative. ↩
