Forget government data retention, Google has you wired
If the mandatory data retention proposals currently being urged by Australia’s protectors of freedom and democracy aren’t scary enough, take a squiz at how the private sector is already tracking your every move. Literally.
The smartphone boom has brought with it a boom in location-based services, providing information that’s automatically tailored to where you are right now. Weather and traffic conditions, or the closest available bank ATM or Greek restaurant or dry cleaner or easy man-s-x.
Providing these extremely satisfying services means reporting your location to everyone involved, with obvious privacy implications. But the creation and operation of the location services themselves — they’re the means by which your smartphone knows where it is — raise their own questions.
While most smartphones have a GPS receiver for satellite-based positioning, it’s power-hungry and often turned off. But you can get something that’s close enough for most purposes, accurate to a few metres, using Wi-Fi. The smartphone keeps track of which Wi-Fi hot spots it can see, and that’s compared with a previously constructed map of Wi-Fi points.
Google Maps has the best-known such service. As its Street View cars drove every street taking photographs, it also noted the location and identifiers of the Wi-Fi networks it encountered — both the so-called SSID us humans use to identify the wireless networks we want to join, and the unique MAC address that individually identifies each Wi-Fi device.
In 2010 it was revealed that Google had also recorded snippets of Wi-Fi data traffic — the actual private communication — “to see if the data could be used in Google’s other products and services”. One obvious example would be to identify the computers or people using that network, so location-based services could be provided to them as well.
Google subsequently claimed that recording the communications was an accident and software developed as an experiment had ended up in operational systems. It also claimed it was an accident when it failed to delete all of this data for the UK following an order by the Information Commissioner’s Office, even when it certified that they had.
Google isn’t the only provider of such a Wi-Fi-based positioning system (WPS). Less well-known companies Skyhook and Navizon already drive the streets compiling their hotspot maps — in the case of Navizon by crowdsourcing the data from end users’ smartphones. Both already have coverage in Australia’s capitals and regional centres.
When Google’s Wi-Fi recording was first discovered, communications minister Senator Stephen Conroy launched a 10-minute tirade in Senate estimates. ”Google takes the view that they can do anything they want,” he said. “It is possible that this has been the largest privacy breach in history across Western democracies.”
So how does Conroy feel about Skyhook and Navizon’s mapping work, even without any recording of the communication itself? “My office has been in contact with the Privacy Commissioner and the ACMA asking whether such activity would breach Australia’s privacy provisions if it occurred in Australia,” he told Crikey.
A WPS service can obviously log your physical location, but so can the provider of every app using that service. And so can the provider of any advertising included in the app. So can the provider of the smartphone, as shown earlier this year when the media discovered that Apple logs the location of every iPhone.
Page 1 of 2 | Next page