There are moments, as a reporter, where you find yourself crossing a line from objective, level-headed taker-of-facts to creeped-out, tinfoil-hat wearing neurotic. In reporting my recent story about how companies use geolocation data to target us with ads, I found myself wandering over that line nearly a half dozen times during my interviews with sources.
“Are you kidding me?” I replied when I learned from a source that some of the apps on my phone can pull GPS coordinates on my whereabouts as often as every two minutes.
“Is this for real?” I asked out loud when I learned about automated content recognition, the tool that allows our phones to effectively listen in when we’re watching television and know whether we see an ad and were later inspired to visit a store.
“This is terrifying,” I retorted when a privacy advocate pointed out that companies could effectively determine if I was experiencing a health problem based on the frequency of my visits to a doctor’s office.
In the wake of the article’s publication, I’ve heard similar responses from readers, most of whose notes featured key words like “creepy,” “freaky,” or “throwing phone into the Charles.”
Fear not, fellow Cassandras. While the mere act of owning a smartphone means giving into the notion of being surveilled in some sense — we wouldn’t be able to make those phone calls in the first place if they weren’t connecting with cellular towers — there are some steps to take to help stop companies from knowing where you are all the time.
I asked Dave Choffnes, an assistant professor at Northeastern University whose research focuses on privacy and security in mobile devices, for some suggestions to help stop the surveillance.
Go into your phone’s settings to sort out who’s using your location data. In iOS, look for Location Services; in Android its Security & Location. Once there, you’ll see all the apps that use cell tower locations, GPS, Bluetooth, or Wi-Fi hotspots to help locate you. (You might be surprised how many are pulling this data when it’s unrelated to their actual purpose.) If you have an iOS system, you can change your preferences to only allow the apps to know your location when they’re in use. With Android, it’s a simple yes or no. Want to know more? Choffnes and his team have examined privacy standards for more than 500 apps on their site ReCon, and tools like AppCensus looks at the privacy settings for thousands more.
Choffnes recommends turning off location tracking on any app that doesn’t require it to operate. He also suggests disabling microphone and camera access for your apps if you want to be extra careful. And while you’re at it, he says, go ahead and uninstall any apps that you’ve forgotten about or don’t regularly use. Why should they be getting access to your data if you’re not accessing theirs?
If you’re like me, you probably use your phone’s search engines to search for things online about a dozen times a day, and turn up map-related responses. And if you’re also like me, you keep those tabs open ad infinitum, rarely remembering to close them. Choffnes says while it’s not clear the phone’s operating systems ping your GPS coordinates every time you open your browser window, it’s worth doing a quick round of swipes on a regular basis to clear out old tabs just in case.
Another way to help cut back on browser-based tracking is to remove the cookies from your phone — the tracking software that helps remember your user info when you visit and revisit a site, helping you log in to websites faster and manage your preferences. In Safari, you can choose to “Ask Websites Not to Track Me.” “Analytics companies can track you across multiple websites,” he says. Don’t make it easier for them if you don’t want to.
If you’re serious about trying to help untangle the web of who is accessing your location data, it’s key to examine exactly what apps and websites are pulling data from your social media profiles. Facebook’s privacy shortcuts now allow you to see where you’ve used Facebook logins in the past and shut off their access.
“Whenever possible don’t sign in to an app using Facebook or Google,” says Choffnes. “Always create your own account so they aren’t able to get access to data on others’ platforms and vice versa.”
Most of us have enabled our Wi-Fi settings on our phone to recognize networks we’ve logged into before and reconnect whenever we’re in range. This can be fine if you’re at home or at the office, but if you don’t want Starbucks to know every time you walk by just because you once logged onto their network while savoring a Frappuccino, it’s best to change your settings so that your phone asks you to join a network whenever its detected. This will mean more notifications on your phone, which could be annoying. If you prefer not to deal with them, toggle your Wi-Fi on and off, using it only when you want to be detected.
For those seriously committed to shaking off would-be trackers, Choffnes offers a more extreme option: Using a virtual private network (VPN) on your phone as a workaround to redirect location data.
We tend to use secure VPNs when we log onto our work computers remotely, but you can pay to use a service that provides a similar level of privacy. In short, it sends all of your smartphone traffic to a remote server, which then redirects the traffic back to you without disclosing your whereabouts.
In Choffnes’ case, his experiment with VPNs meant his smartphone data was being routed to an Amazon server in Virginia before it returned to Boston. This meant when he went to Target or Walmart websites on his phone, they suggested nearby stores in Old Dominion.
Annoying? Perhaps. But having the dominion over his data is well worth it, he says.