‘Anonymous’ Smartphone Location Data Isn’t so Anonymous, Finds NYT Investigation

December 10, 2018, 11:50 AM UTC

“Anonymous” location data collected by smartphone apps can easily be connected to individual users, a new investigation from the New York Times (NYT) found.

NYT reviewed a database of 2017 information from a company that contained location data accurate to within yards and updated thousands of times a day. Using this data, the NYT was able to identify and contact a number of people whose information was anonymized.

At least 75 companies receive precise location data from apps whose users enable location services, and several of those businesses claim to track up to 200 million U.S. mobile devices — about half of all in use last year. The data is analyzed and sold to advertisers seeking insights into consumer behavior.

Sales of location-targeted advertising will reach an estimated $21 billion this year. Businesses say their interest is in the patterns, not the identities. But those with access to the raw data can still identify a person without their consent. Location data companies pay half a cent to two cents per user per month, the NYT reports.

Many smartphone apps require location services to be turned on to function — such as weather apps, maps or mobility services. What exactly happens to that data is buried in terms of service agreements, which are often unreadable.

There is no federal law limiting the collection or use of such data, but apps that ask for access to users’ locations, while leaving out important details about how the data will be used may violate federal rules on deceptive business practices, Maneesha Mithal, a privacy official at the Federal Trade Commission, told the Times.

Privacy activist Adam Harvey called on the New York Times to reveal how much information it keeps on its own readers.