Our location privacy is under attack.
Dozens of data brokers collect information about the precise movements of hundreds of millions of people without their knowledge or meaningful consent. They sell this data to a variety of private and state actors. This extremely sensitive information can reveal where we live and work, who we associate with, and where we worship, protest, and seek medical care.
This data comes from one main source: third-party apps on our mobile phones.
Weather apps, navigation apps, coupon apps, and “family safety” apps often request location access in order to enable key features. Once an app has location access, it typically has free rein to share that access with just about anyone. Some apps partner with data brokers directly via software development kits (SDKs), while others share location data in the process of serving behaviorally-targeted ads via real-time bidding (RTB).
Either way, the data ends up in the hands of companies who have no direct relationship with the people they are tracking. From there, it can be sold to hedge funds, insurance companies, advertisers, and government agencies like the military, the FBI, and ICE.
Data brokers exist in the shadows, taking advantage of gaps in privacy laws and technologies that needlessly expose our information. Reining them in will require a multi-pronged approach. Tech companies must end harmful technologies like the ad identifier that enable third-party tracking and profiling. Legislators must pass strong privacy laws that require informed consent and data minimization. And U.S. government agencies must not be allowed to violate the Fourth Amendment by purchasing private information.
While this invasive surveillance persists, users can take steps to defend themselves. See our surveillance self-defense guides to mobile phones, attending a protest, and being involved in abortion access.