Google location service is a small app that runs in the background of every android device. It provides location details to the system and different apps that request it. If enabled, it also logs the location history of the device and stores it in the Google servers. In this analysis, we discuss the strengths and weakness of this app from a privacy point of view.
With the advent of Smartphone era, our phones have become immensely powerful, with the ability to collect different variety of data using a wide range of sensor that are embedded in our smart phone. This has raised a big concern over the privacy of the users, since these data can be used to infer very intimate details of the user's way of life. We will try to discuss these issues associated with the Google location service.
Application Description
The release of first iPhone by apple sparked a new generation of smart phones with functionality comparable to that of personal computers. According to statista.com there are 4.43 billion mobile phone users in the world (statista.com, 2015) and about 1.8 billion of them use a smart phone (statista.com, 2015). This is driven by the rapid advances in the mobile phone technology. More and more smart phones are being packed with variety of sensors like GPS, accelerometer, navigation compass etc. These sensors are extremely useful and provide possibility for some very creative and handy applications. But, they also provide detailed information about the state of the phone and its user. This can be a huge privacy compromise on the user’s part if not handled properly by the apps.
Google released its first android smart phone in October 2008, and since then there has been countless number of Android devices on the market. In fact, android currently occupies about 83% of smart phone market share (IDC.com, 2015). All of these devices require users to pair the device with a Google account. User information like contacts and emails are all synchronized with this Google account. Storage of contacts and emails in the Google server is a trivial matter but what most users are not aware of, is the storage of location details of the phone in the Google servers.
Google logs detailed information of the phone’s location through a small application called google location reporting and stores them in their server. This information is used in services like “google fit” and “google now” which try to predict the user’s daily routine by analyzing the user’s location history from the past. While this is a very neat feature that Google provides with the help of this data, it can also be used for surveillance by the government organizations like NSA. The thing that concerns me the most is that, it is not very apparent to the user that the location details of his/her is being logged in that manner.
The users can view their location data by going to the google’s dashboard at https://www.google.com/maps/timeline. There, users can see their whereabouts for each day on the Google maps. The image below provide a view of what the dashboard looks like
Figure 1: A view of Google timeline dashboard
In the picture above we can see the details of all the places I have been to on November 4th 2015. It conveniently lays path of my travel throughout the day on Google map. On the left panel you can see the timeline of the journey like when the user was at which location, how much time was spent on each location, what mode of transport was used etc. One interesting point to note here is that most of these information are actually inferred by Google’s machine learning algorithms from the logs of the location data that was collected. For example, Google does not know the address of my home and work/college. So it used the location information collected everyday to infer the address of my house. We can also see on the left panel an address marked as my work place. This is in fact KU Leuven computer science department where I travel daily. So, we can see that the algorithm is not always accurate, but it is very powerful at inferring details from the location data. We need to remember that these information are collected for each and every day that we use our android device.
Here is a detail for the date of decemebr 24th. We can see that I went for a Christmas dinner at about 6:30 in the evening on my bicycle and it even tagged the images I took at the location.
This view shows all the buildings I have ever been to in Leuven. The red spots on the map are places like university campus, University canteens, library, home, shopping malls etc.
As we can see the amount of information google can/has inferred from the location data collected so for is very concerning. It reveals even the very intimate details of my way of life and my daily routines. From this, we can also get some insight on how apps like Google Now and Google Fit is able to make accurate predictions of our actions based on these data.
It might appear that the stakeholders of this privacy issue are Google and the user but with presence of surveillance programs like PRISM by American government organization NSA proves that the government can also be involved. The amount of information that can be inferred by a government from the location details of a person is astounding. Then there is also a possibility of google’s servers being hacked. We frequently hear the news of large corporations being hacked. The incidents of hacks of servers belonging to reputed corporations like Sony and Adobe is a bitter reminder that even large powerful companies cannot keep the user’s data safely. Google is no different. And considering the sensitivity of the location data and the amount of data that is stored (huge amount of individual data combined with the large number of users), the implications of losing such data is huge. Hackers might sell such data for large sums of money. Criminals might use the data to blackmail the users based on the details of their whereabouts. Stalkers and serial killers may use the data to stalk particular user to commit crimes. These are only hypothetical scenarios for when the data get leaked from the Google’s side. But there may also be the case when the information may be leaked from the user’s side. For example, merely having access to the user’s computer with a logged in Google account (which is quite common), someone can know the details of his/her daily life. This has potentials to create disputes in families or even break relationships.
The only time a user is asked for the permission to collect this data is when he/she sets up his /her android device for the first time. And even then, it is not made very clear where this data is used. In fact Google has been collecting location data even before the launch of Google Now. According to Google: “Your location history allows Google to show you useful information based on where you’ve been with the devices that you’re signed in to with your Google Account. For example, you’ll see predictions for your frequent commutes and better search results. Your location info can also be used by any Google app or service, including the ads you see.” (Google, 2015)
It is not clear what else it plans to do with this data but it is obvious that they can be used to infer variety of user details and used to target very specific ads to the users.
Google location service is a layer that sits between android core and other apps and provides the location data to the apps. Whereas google location reporting logs the location data to the google servers for use in services like google now and google search.
Recommendation for the users: Users can easily opt out from their data being collected by going to android’s settings panel, Touch Location > Google Location History for the account you want to change. Turn Location History on or off for your account or devices. You can either turn off location history for individual device or for the entire google account.
Or users can entirely delete their location history. To do this users have to go to the settings menu then under Locations > Location history > At the bottom of the screen, touch Delete Location History. But this might limit the capability of the apps like Google Now.
Bibliography
Google. (2015, 12). google.com. Retrieved from google.com: https://www.google.com/policies/terms/
IDC.com. (2015, December). Smartphone OS Market Share, 2015 Q2. Retrieved from IDC.com: http://www.idc.com/prodserv/smartphone-os-market-share.jsp
statista.com. (2015, 12). statista.com. Retrieved from statista.com: http://www.statista.com/statistics/274774/forecast-of-mobile-phone-users-worldwide/
statista.com. (2015, 12). statista.com. Retrieved from statista.com: http://www.statista.com/statistics/330695/number-of-smartphone-users-worldwide/
Comments
Post a Comment