phone apps

Image credit: Rami Al-zayat

GroundTruth. Near. Snakk Media. Bliss.

You’ve probably never heard of these companies — and that’s the way they like it.d

They’re the advertising-technology firms that work stealthily — and profitably — behind the scenes of various online advertising networks, phone apps and brands. Their mission is to:

  • Target you with ads specific to your precise location (latitude and longitude);
  • Target you with ads based on past historical location information; and
  • Trace your movements between various locations and bring it together to profile you even further and re-target you just when they need to — which enables them to charge brands an even higher fee for the ad they put in front of you.

While many are familiar with the ads that consumer-facing brands Google and Facebook serve to them, these location-based advertising companies aren’t consumer-facing, and therefore lurk in the background, collecting data about us from wherever (and whomever) they can get it.

“Due to the proliferation of smartphone usage and people becoming increasingly comfortable sharing location data with the various apps they use, advertisers can now access very valuable actionable insights into where consumers have historically been and also personalise ads in real-time based upon current location,” Jonas Jaanimagi, executive consultant of the Australian Interactive Advertising Bureau, said in a “mobile location data handbook” shared with paying members of the ad industry last year, and obtained by Crikey.

“The potential is very exciting for the industry but, as with most advertising technologies, the only way to truly ascertain its value is to ‘get your hands dirty’ via test and learn.”

And getting their hands dirty they have.

In some cases, such as GroundTruth, they even acquire apps to obtain information about you. That’s what happened in 2016 when GroundTruth acquired WeatherBug for more than US$46 million, a weather app used by some 20 million Americans that has access to its users’ location data. (In Australia, a company called BigMobile has a partnership with GroundTruth to sell it here).

According to a GroundTruth marketing video, its technology can determine with precision whether you are “in a store, in a parking lot or within walking distance of a location”.

In a further explanation provided by technology news website TechCrunch, GroundTruth’s work is described as using a combination of technologies including “GPS signals within apps, [computer] server integrations and location requests if you have them turned on”.

Then, when you are in a particular location and open an ad-reliant app or web page, GroundTruth — which has negotiated placement in various mobile ad networks — will serve you an ad relevant to that location, TechCrunch reported, adding that the ad company used this formula to place ads in the hundreds of thousands of apps it has partnered with.

In Australia, Hyundai has used the technology — which often goes by the terms of geo-targeting, geo-fencing or geo-locating — to “steal” potential customers away from rival dealers, as explained in a case study unearthed by Crikey and shared with the local ad industry.

Another company, Tell All Digital, has admitted to using the same technology to allow personal injury law firms looking for business to target those who have visited hospital emergency rooms.

Others, like a Christian pregnancy counseling and adoption agency, have used it to send ads to people who entered the vicinity of abortion clinics in an attempt to dissuade women from going through with operations. The ads included text such as “Pregnancy Help”, “You Have Choices”, and “You’re Not Alone” that, if clicked, took the consumer to a web page with information about abortion alternatives and access to a live web chat with a “pregnancy support specialist”.

In that case, US prosecutors reached a deal with the digital ad firm helping the Christian agency, Copley Advertising, to cease the practice.

“The settlement assures that Copley will not use geofencing technology at or near Massachusetts healthcare facilities to infer the health status, medical condition, or medical treatment of any individual,” Attorney-General Maura Healey said in a statement from April last year, adding that the tracking occurred “all without the consumer’s knowing consent”.

“While geofencing can have positive benefits for consumers, it is also a technology that has the potential to digitally harass people and interfere with health privacy,” Attorney General Healey said. “Consumers are entitled to privacy in their medical decisions and conditions.

Recruiters have also used the technology to seek out candidates. In one case, a US hospital told NPR it had used it to target nurses with ads if they were working at rival hospitals.

In addition to sourcing location data from apps, other companies such as Near, which is backed by Telstra, say they also source data from telcos, and from driving their own cars around cities to triangulate locations based on the strength of wi-fi signals they receive (a Telstra spokesperson said the company did not share any location data with Near. “Rather, we connect them with certain enterprise customers who may benefit from their product.”)

Exactly how the tech that powers these companies works — and even the fact they exist — has so far largely remained confined to the ad and marketing industry. Even if you read the terms and conditions of most apps, you’d struggle to understand whether the location data you’re sharing is just being used to make the app work, or if it’s also being used to target you with ads.

Taken from Snakk Media’s website (click to enlarge)

How the location data is sought

Too many smartphone apps on both Apple and Google’s app stores access users’ location data in order to share it with third parties for advertising, says Dali Kaafar, a CSIRO Data61 research group leader for information security and privacy and professor at Macquarie University.

A classic example, says Kaafar, is something like a flashlight or game app that requests access to a user’s location even when it doesn’t need it to function.

“[These apps] will have a number of permissions that are there that the app is asking for and most users — more than 92 per cent of people — will just click ‘yes’ or approve any sort of permission that is being asked or requested by the app,” said Kaafar.

“These types of requests, where a torch app is asking for permission to these types of things, like location; there are thousands and thousands of them in the Apple and Google Play stores.

“These are … over-privileged apps and unfortunately there are too many of them.”

The reason many apps collected location data was because app developers often embedded free analytics services into them so that they could monitor how their app is used. The catch? That its users’ data, including location, is sent off to the analytics service and on-sold for ads.

“It is unbelievably stealthy,” Kaafar said. “Users do not necessarily see that this data is being collected. What they would be seeing is some request asking them to enable the app to access their location during the first phase of installation.”

Kaafar says the main issue was the fact that consumers did not necessarily have visibility over the whole process of how their location was collected. “It’s not transparent enough to enable us to know where our data is being sent, how this data is being processed and what this data is being used for. I think consumers do have to worry from all of those perspectives.”

In the wake of recent revelations about how companies are increasingly collecting data about us that we were not explicitly made aware of, ad-tech companies are being forced to emerge from the shadows whether they like it or not. Recent law changes in Europe, known as the General Data Protection Regulation (GDPR), have also meant terms and conditions have had to be updated by numerous entities, giving users more control over their data.

The new rules meant some popular news outlets, such as The Washington Post, began blocking European traffic. The Washington Post has since introduced EU pricing that comes with no tracking but a “premium” price.

Critics say the targeting amounts to an invasion of privacy, while proponents argue that consumers would rather be targeted with ads relevant to their interests.

Maybe it’s time for the people who create the value that lines the pockets of advertisers and their agencies — the users — to decide?

Peter Fray

Crikey is funded by readers like you.

Without subscribers, we cannot do what we do. We can’t examine, explore or explain. We can’t take the spin, the weasel words, the waffle and lectures and render them meaningful. Without subscribers, we cannot help you understand the world better, so you can form your own views and opinions. That’s what we’re here to do, and that’s why we need you.

Now more than ever.

Peter Fray
Editor-In-Chief of Crikey

Join us today