A new era: Mobile-location tracking, user consent and government surveillance
Last week, Quartz reported that Google has been collecting user and cell-tower location data even when people have turned location services off:
Since the beginning of 2017, Android phones have been collecting the addresses of nearby cellular towers — even when location services are disabled — and sending that data back to Google. The result is that Google, the unit of Alphabet behind Android, has access to data about individuals’ locations and their movements that go far beyond a reasonable consumer expectation of privacy.
This practice was reportedly designed to “improve the speed and performance of message delivery” according to a statement provided by Google to Quartz. Google also said it would phase out the practice at the end of this month.
Undoubtedly, the data was collected anonymously and is part of Google’s overall efforts to increase the accuracy of location and context. However, it seems nefarious, especially given that it was happening outside of the control of users and even when location services were turned off. (Last year, ad network InMobi agreed to pay nearly $1 million to settle Federal Trade Commission charges that it deceived consumers and tracked their locations without knowledge and consent.)
Location data has become incredibly valuable to everyone in the digital ecosystem because it can be used for so many things. A partial list of use cases includes offline attribution, audience segmentation, personalization, competitive intelligence and retargeting.
Practices like what is described in the Quartz article will almost certainly be illegal in Europe under the forthcoming General Data Protection Regulation (GDPR), which requires explicit user consent for use of personal data. Indeed, collection and use of mobile location data in Europe will become a complicated proposition and may have a spillover impact in North America.
However, a case being heard this week in the US Supreme Court could go in the opposite direction. Carpenter v. United States will decide if government authorities can access individual mobile location histories without a search warrant.
The case originally involved a 2011 criminal investigation in Michigan. The criminal defendant, Timothy Carpenter, was convicted partly because of mobile location history evidence. The criminal conviction was appealed on the grounds that the warrantless collection of mobile location data violated the Fourth Amendment’s “unreasonable searches and seizures” clause.
A divided Sixth Circuit Court of Appeals held that the police did not need a warrant to capture and use the data. If the US Supreme Court affirms that ruling, which is highly possible given the court’s new conservative majority, it will potentially usher in a new and frightening era of domestic spying. It could also turn companies collecting and using location data into instruments of government surveillance.