“We stopped the voting in the house,” Ronnie Vincent tweeted during the January 6 riots in Washington that led to the Capital being stormed. But he insisted that he didn’t go into the actual building. The only problem, according to a blockbuster expose by the New York Times, he did. “There is no way that my phone shows me in there,” he told the newspaper. The data says otherwise.
However, an unnamed source handed the newspaper a database of mobile location records that allowed it to track the movements of the cellphones during that fateful afternoon; that is seeing former President Donald Trump being impeached for a second time for “incitement of insurrection”.
The anonymised dataset allowed the paper to track what individual users, like Vincent, were up to. It comprised of some 100,000 location pings for about 2,000 smartphones and showed 130 devices inside the Capitol building during the “insurrection” that stopped the certification of the election results confirming Joe Biden’s win.
There weren’t any names or phone numbers in the database, but it was easy to “connect dozens of devices to their owners, tying anonymous locations back to names, home addresses, social networks and phone numbers of people in attendance”.
But it gets worse. Because of the way internet advertising has evolved, each user now has a unique identifier – called mobile advertising identifiers – that let companies track individual users wherever they go online, including the apps they use.
Using these identifiers, the Times was able to link those 2,000 January 6 users to other supposedly anonymous databases and within “seconds” knew their real names, addresses, phone numbers, email addresses and other personal data.
“Surrendering our privacy to the government would be foolish enough,” wrote the paper. “But what is more insidious is the Faustian bargain made with the marketing industry, which turns every location ping into currency as it is bought and sold in the marketplace of surveillance advertising.”
This is a scary “demonstration of the looming threat to our liberties posed by a surveillance economy that monetizes the movements of the righteous and the wicked alike”. More than anything, it reveals that “the promise of anonymity is a farce”.
All of these anonymous datasets, when combined, clearly link the advertising ID to real people, often without their knowledge.
“Smartphone users will never know if they are included in the data or whether their precise movements were sold,” warned the Times. “There are no laws forcing companies to disclose what the data is used for or for how long. There are no legal requirements to ever delete the data. Even if anyone could figure out where records of their locations were sold, in most states, you can’t request that the data be deleted.
Their movements could be bought and sold to innumerable parties for years.”
As the unnamed source told the New York Times: “What if instead of going to you, I wanted to publish it myself? What if I were vengeful? There’s nothing preventing me from doing that. It’s totally available. If I had different motives, all it would take is a few clicks, and everyone could see it.”
Time to turn off any location-tracking settings on your phone. It’s time to say no to anonymous location-data usage. And time to stop letting advertising companies gather so much data about us.
This article first appeared in the Financial Mail.