In the guise of collecting scientific data, data brokers are running a massive privacy invasion. Researchers should stop helping them
When SafeGraph got caught selling location information on Planned Parenthood visitors last year, the data broker responded to public outcry by removing its family planning center data. But CEO Auren Hoffman tried to flip the script, claiming his company’s practice of harvesting and sharing sensitive data was actually an engine for beneficial research on abortion access—brandishing science as a shield for shredding people’s privacy.
SafeGraph’s move to cloak its privacy pillaging behind science comes as just one example of an industry-wide dodge. Other companies such as Veraset, Cuebiq and X-Mode also operate so-called data for good programs with academics and seized on the COVID pandemic to expand them. These brokers provide location data to academic researchers with prestigious publications in venues such as Nature and the Proceedings of the National Academy of Sciences USA. Yet in 2020 Veraset also gave Washington, D.C., officials bulk location data on hundreds of thousands of people without their consent. And a proposed class-action lawsuit this year named Cuebiq, X-Mode, and SafeGraph among data brokers that bought location data from the family tracking app Life360 without users’ consent.
Data brokers are buying and selling hundreds of millions of people’s location information, and too many researchers are inadvertently providing public-relations cover to this massive privacy invasion by using the data in scientific studies.
Researchers must carefully consider whether such data make them accomplices to this dubious practice. Lawmakers must act now to halt this trampling of Americans’ privacy rights. And the legal barricades that prevent full scrutiny of data brokers’ abuses must be dismantled.
SafeGraph’s removal of the clinic data was the real problem, Hoffman argued in a May 2022 interview with the now defunct tech news site Protocol: “Once we decided to take it down, we had hundreds of researchers complain,” he said. Yet when pressed, he could not name any—and the fact remains that the data put actual abortion seekers, providers and advocates in danger in the wake of the U.S. Supreme Court’s ruling on Dobbs v. Jackson Women's Health Organization.
Location data brokers such as SafeGraph, Veraset and the others simply don’t meet the standards for human subjects demanded of researchers, starting with the fact that meaningful “opt in” consent is consistently missing from their business practices. Data brokers often argue that the data they collect are opt in because users have agreed to share that information with an app—even though the overwhelming majority of users have no idea that it’s being sold on the side to brokers who, in turn, sell it to businesses, governments, local law enforcement and others.
In fact, Google concluded that SafeGraph’s practices were so out of line that it banned any apps using the company’s code from its Google Play app store, and both Apple and Google banned X-Mode from their respective app stores.
Furthermore, the data feeding into data brokers’ products can easily be linked to identifiable people despite the companies’ weak claims of anonymization. Information about where a person has been is itself enough: One widely cited study from 2013 found that researchers could uniquely characterize 50 percent of people using only two randomly chosen time and location data points.
Due to rapid growth of social media and smartphone use, data brokers today collect sensitive user data from a much wider variety of sources than in 2013, including hidden tracking in the background of mobile apps. While techniques vary and are often obscured behind nondisclosure agreements (NDAs), the resulting raw data they collect and process are based on sensitive, individual location traces.
Aggregating location data can sometimes preserve individual privacy, with safeguards accounting for the size of the data set and the type of data it includes. But no privacy-preserving aggregation protocols can justify the initial collection of location data from people without their consent.
Read More...Related Articles:
Related Articles:
Many on both the Left and Right have criticized the bill, calling it the “Patriot Act on steroids” or the “Patriot Act 2.0.”
The last couple of months have been rough on the FBI. The Twitter Files let the genie out of the bottle, and now more serious allegations against the agency just keep piling on.
Senator Ron Wyden (D-OR) has revealed that the US Naval Investigative Service (NCIS) has a contract for “Augury” – a mass monitoring tool that reportedly covers 93% of the world’s internet traffic and provides access to petabytes of current and historical data
Millions of Americans’ everyday movements can be traced by police with the click of a mouse and possibly without a warrant, thanks to a data broker that’s selling phone geolocation data to state and local law enforcement, an Electronic Frontier Foundation investigation has found.
Over the past few years, data brokers and federal military, intelligence, and law enforcement agencies have formed a vast, secretive partnership to surveil the movements of millions of people. Many of the mobile apps on our cell phones track our movements with great precision and frequency. Data brokers harvest our location data from the app developers, and then sell it to these agencies. Once in government hands, the data is used by the military to spy on people overseas, by ICE to monitor people in and around the U.S., and by criminal investigators like the FBI and Secret Service. This post will draw on recent research and reporting to explain how this surveillance partnership works, why is it alarming, and what can we do about it.
Two new reports from university think-tanks call attention to surveillance and profiling — including surveillance of, and action against, domestic and international travelers — by the Department of Homeland Security and its components.
The Centers for Disease Control and Prevention used phone location data to track millions Americans in 2021. The CDC monitored curfew zones, churches, schools, neighbor-to-neighbor visits and trips to pharmacies through SafeGraph, a controversial data broker.
A new class-action lawsuit filed in California targets Otonomo, a data broker that harvests location data from tens of millions of vehicles around the world and then sells access to that information.
Imagine being filmed 24/7. Knowing someone is watching you the whole time, would your behaviors and decisions remain the same? When governments or tech companies promote “smart” cities projects, they talk about how having more data about us could make things better. What they don’t talk about is the way having surveillance technologies embedded in our physical surroundings would change the way we behave and impact our fundamental rights and freedoms.
News outlets entrusted with promoting transparency and privacy are also lobbying behind closed doors against proposals to regulate the mass collection of Americans’ data.
This government of Peeping Toms is watching everything we do, reading everything we write, listening to everything we say, and monitoring everything we spend. Beware of what you say, what you read, what you write, where you go, and with whom you communicate, because it is all being recorded, stored, and catalogued, and will be used against you eventually, at a time and place of the government’s choosing.
Smart-home devices like thermostats and fridges may be too smart for comfort – especially in a country with few laws preventing the sale of digital data to third parties
US Defense Intelligence Agency has just confirmed that the US government does indeed buy your location data collected from your smartphones by brokers.
The Supreme Court ruled that law enforcement agencies needed a warrant to obtain cell site location info. The ability to turn third parties (like telcos) into proxy long-term tracking devices concerned the court, which decided this wasn’t permissible under the Fourth Amendment. Every American carries a cellphone. But just because they do doesn’t mean they agree the government should be able to track their movements with them.
The Feds are using the pandemic as an excuse to ID and track millions of innocent American's cellphones inside their homes. This past August, a Motherboard article revealed the U.S. Customs and Border Patrol (CBP) had signed a $476,000 contract with Venntel, a cellphone data mining corporation.
This latest revelation will no doubt be an embarrassment to what is already looking like a haphazard biosurveillance operation being run by the UK government.
A Virginia-based software company founded by two US military veterans with backgrounds in intelligence has been tracking hundreds of millions of mobile phones across the world, according to documents reviewed by the Wall Street Journal.
The United States Internal Revenue Service says it purchased access to a marketing database that offers location data for millions of US cellphones, so the IRS can identify and track persons suspected of tax-related crimes.
