Tracking technologies have become a hot-button issue with implications for consumers’ privacy online and off the web. With the advent of location-capable smart devices, keeping tabs on users has become affordable, easier and more pervasive; now governments, employers and retailers have a broad range of embedded tools and tracking capabilities available to monitor people’s actions.
Let’s take a look at three most popular tracking technologies and their impact on privacy:
It seems like just about every mobile device out there today is equipped with whiz-bang technology, including the ability to pinpoint its location using GPS coordinates. The advances in global positioning systems have made traveling much less stressful for the recreational and business traveler. Additionally, GPS in company-supplied phones makes it easy to track where the device is – and by extension, the location of the worker holding it.
However, privacy issues have cropped up as law enforcement agencies and governments have begun using the GPS feature to track individuals. The Fourth Amendment limits the use of global positioning systems in this way, but it is not necessarily safe from unreasonable search and seizure.
Case in point: A famous decision was handed down by the US Supreme Court in the case of U.S. v. Jones, a privacy verdict that highlighted location tracking by the U.S. government. The court held that a government agency attaching a GPS-enabled device to Jones’ wife’s vehicle was a breach of the protection laid out in the Fourth Amendment.
However, the 5-4 opinion of the majority was geared towards the “physical intrusion” involved in the action of deploying a GPS tracker on a suspect’s vehicle. Also, the Five-Justice majority said that whether government agencies constitute a search isn’t measured by analyzing discrete activities but instead a collective sum of different actions over time. The reasoning meant open privacy concerns regarding GPS-tracking practices, which don’t necessarily imply persistent observation or physical intrusion.
Besides government agencies, organizations that track company-owned smartphones and vehicles pose a significant threat to employee privacy. In 2015, Ireland-based UPC came under fire for wanting to integrate GPS tracking into workers’ everyday operations. Staff members were concerned about their privacy, and that the GPS would ultimately be used as a spy tool.
With GPS tracking devices and apps, the vast majority of employers want to boost their employees’ productivity. However, if the software was to be used for spying, employee backlash could disrupt operations. Security holes could also result in the device/software being hacked, which means personal data could be used for illegitimate activities, putting the personnel in question at risk.
Retailers increasingly are using electronic technology based on transmitters and sensors, called beacons, to monitor buying behavior and improve customer service. For example, they might publish relevant promotions and messages to a shopper’s smart device and deliver location-specific marketing. But the technology, which has the ability to identify and track consumers’ devices in-store, has also raised concerns over privacy.
There are three main reasons behind these privacy concerns. Firstly, the location data beacons generate can also be used by malware applications, which can provide adversaries with insights about consumers’ locations. Many of these malware programs function invisibly, so a shopper whose location data is misused or hacked may not even know about the unauthorized access to their location.
Secondly, retailers or tracking companies may not be practicing ethically Companies are supposed to offer an “opt-out” option, which requires them to give shoppers a choice to make themselves invisible to these technologies, but not every company follows their own rules. For example, retail tracking firm Nomi Technologies had to settle with the FTC for failing to stand by their own opt-out promises. And the privacy concern is further exacerbated by the fact that most people don’t know their location information may be collected when they visit an airport or walk into a store.
Lastly, because smart cellular devices continuously receive and send electronic signals to connect with wireless networks and cell towers, MAC addresses of Bluetooth-enabled and Wi-Fi-capable devices can be tracked by system operators at a granular scale.
However, overall customer sentiment toward beacons remains “lukewarm” as many of them (especially millennials) are open to providing merchants access to their location — as long as they receive an upgrade, discount or deal for it.
Mobile Device Penetration Testing
Online Behavioral Tracking
Online behavioral tracking, the practice of tracking people’s online actions over time to deliver targeted advertising, has become a primary method for publishers and ecommerce companies to reach consumers across a splintered Internet landscape. Simultaneously, it has become the bogeyman for privacy activists who are concerned about the way data is collected, stored and used.
In fact, software company Ghostery’s “Tracking the Trackers” report revealed that on three-quarters of all websites that people visit, they’re receiving a tracking cookie that monitors their online behavior. Also, 15 percent of page loads on the World Wide Web are monitored by ten or more companies. 10 percent of all sites transmit the data they collect to ten or more additional firms.
Therefore, even if you’re opening websites of businesses that you trust – such as your child’s educational institute or your personal bank – there’s no way of guaranteeing that any of your online activity won’t be packaged up and distributed. Even if companies like Google and Facebook take your consent, your data could end up in the hands of an organization who uses it in an unethical manner.
Another major concern is the security of the information that is being collected. Cybercrime has become a norm in this century. Data breaches and other similar incidents can potentially expose highly-sensitive data stored on the servers of organizations utilizing online behavioral tracking. One case occurred as recently as the end of 2017 when Equifax – a credit reporting firm – was hacked, and the sensitive data of its 143 million customers was exposed.
Given the vast and growing threats to consumers’ data, it seems that privacy concerns around online behavioral tracking remain far from being resolved.
GPS, beacon and behavioral tracking technologies make today’s smart devices and browsers convenient and fun to use. However, the risks to users’ privacy should not be neglected. People should be encouraged to deactivate location services whenever they aren’t required. And remember, rejecting website cookies won’t distort user experience in most instances.
In the end, enjoying our smart devices also means staying vigilant.
United States v. Jones, USSC
UPC wins right to use GPS to track staff, Irish Examiner
Tracking the Trackers, Ghostery