Technology companies have been pummeled by revelations about how poorly they protect their customers’ personal information, including an in-depth New York Times report detailing the ability of smartphone apps to track users' locations.
Some companies, most notably Apple, have begun promoting the fact that they sell products and services that safeguard consumer privacy.
Smartphone users are never asked explicitly if they want to be tracked every moment of each day.
But cellular companies, smartphone makers, app developers and social media companies all claim they have users' permission to conduct near-constant personal surveillance.
The underlying problem is that most people don't understand how tracking really works.
The technology companies haven't helped teach their customers about it, either.
In fact, they've intentionally obscured important details to build a multi-million dollar data economy based on an ethically questionable notion of informed consent.
How consumers are made to agree
Most companies disclose their data protection practices in a privacy policy; most software requires users to click a button saying they accept the terms before using the program.
But people don’t always have a free choice.
Instead, it’s a 'take-it-or-leave-it' agreement, in which a customer can use the service only if they agree.
Anyone who actually wants to understand what the policies say finds the details are buried in long legal documents unreadable by nearly everyone, perhaps except the lawyers who helped create them.
Often, these policies will begin with a blanket statement like 'your privacy is important to us.'
However, the actual terms describe a different reality.
It’s usually not too far-fetched to say that the company can basically do whatever it wants with your personal information, as long as it has informed you about it.
U.S. federal law does not require that a company's privacy policy actually protect users' privacy.
Nor are there any requirements that a company must inform consumers of its practices in clear, nonlegal language or provide consumers a notice in a user-friendly way.
Theoretically, users might be able to vote with their feet and find similar services from a company with better data-privacy practices.
But take-it-or-leave-it agreements for technologically advanced tools limit the power of competition across nearly the entire technology industry.
Data sold to third parties
There are a few situations where mobile platform companies like Apple and Google have let people exercise some control over data collection.
For example, both companies’ mobile operating systems let users turn off location services, such as GPS tracking.
Ideally, this should prevent most apps from collecting your location – but it doesn't always.
Further, it does nothing if your mobile provider resells your phone's location information to third parties.
App makers are also able to persuade users not to turn off location services, again with take-it-or-leave-it notifications.
When managing privileges for iOS apps, users get to choose whether the app can access the phone’s location 'always,' 'while using the app' or 'never.'
But changing the setting can trigger a discouraging message: 'We need your location information to improve your experience,' says one app.
Users are not asked other important questions, like whether they approve of the app selling their location history to other companies.
Even if you have 'Location History' off, Google often stores your precise location.
Here's how to delete those markers and some best-effort practices that keep your location as private as possible.
But there's no panacea, because simply connecting to the internet on any device flags an IP address that can be geographically mapped.
Smartphones also connect to cell towers, so your carrier knows your general location at all times.
To disable tracking on any device
Fire up your browser and go to myactivity.google.com. You'll need to be logged into Google.
On the upper left drop-down menu, go to 'Activity Controls.' Turn off both 'Web & App Activity' and 'Location History.'
That should prevent precise location markers from being stored to your Google account.
Google will warn you that some of its services won't work as well with these settings off.
In particular, neither the Google Assistant, a digital concierge, nor the Google Home smart speaker will be particularly useful.
on iOS
If you use Google Maps, adjust your location setting to 'While Using' the app. This will prevent the app from accessing your location when it's not active.
Go to Settings Privacy Location Services and from there select Google Maps to make the adjustment.
In the Safari web browser, consider using a search engine other than Google.
Under Settings Safari Search Engine, you can find other options like Bing or DuckDuckGo.
You can turn location off while browsing by going to Settings Privacy Location Services Safari Websites, and turn this to 'Never.'
This still won't prevent advertisers from knowing your rough location based on IP address on any website.
You can also turn Location Services off to the device almost completely from Settings Privacy Location Services.
Both Google Maps and Apple Maps will still work, but they won't know where you are on the map and won't be able to give you directions.
Emergency responders will still be able to find you if the need arises.
On Android
Under the main settings icon click on 'Security & location.' Scroll down to the 'Privacy' heading. Tap 'Location.' You can toggle it off for the entire device.
Use 'App-level permissions' to turn off access to various apps.
Unlike the iPhone, there is no setting for 'While Using.'
You cannot turn off Google Play services, which supplies your location to other apps if you leave that service on.
Sign in as a 'guest' on your Android device by swiping down from top and tapping the downward-facing cursor, then again on the torso icon.
Be aware of which services you sign in on, like Chrome. You can also change search engines even in Chrome.
To delete past location tracking on any device
On the page myactivity.google.com, look for any entry that has a location pin icon beside the word 'details.'
Clicking on that pops up a window that includes a link that sometimes says 'From your current location.'
Clicking on it will open Google Maps, which will display where you were at the time.
You can delete it from this popup by clicking on the navigation icon with the three stacked dots and then 'Delete.'
Some items will be grouped in unexpected places, such as topic names, google.com, Search, or Maps.
You have to delete them item by item. You can wholesale delete all items in date ranges or by service, but will end up taking out more than just location markers.
And many users don’t know that even when their name and contact information is removed from location data, even a modest location history can reveal their home addresses and the places they visit most, offering clues to their identities, medical conditions and personal relationships.
Why people don't opt out
Websites and apps make it difficult, and sometimes impossible, for most people to say no to aggressive surveillance and data collection practices.
In my role as a scholar of human-computer interaction, one issue I study is the power of defaults.
When companies set a default in a system, such as 'location services set to on,' people are unlikely to change it, especially if they are unaware there are other options they could choose.
Further, when it is inconvenient to change the location services, as is the case on both iOS and Android systems today, it's even less likely that people will opt out of location collection - even when they dislike it.
Companies’ take-it-or-leave-it privacy policies and default choices for users’ privacy settings have created an environment where people are unaware that their lives are being subjected to minute-by-minute surveillance.
They’re also mostly not aware that information that could identify them individually is resold to create ever-more-targeted advertising.
Yet the companies can legally, if not ethically, claim that everyone agreed to it.
Overcoming the power of defaults
Privacy researchers know that people dislike these practices, and that many would stop using these service if they understood the extent of the data collection.
If invasive surveillance is the price of using free services, many would rather pay or at least see companies held to stronger data collection regulations.
The companies know this too, which is why, I argue, they use a form of coercion to ensure participation.
Until the U.S. has regulations that, at a minimum, require companies to ask for explicit consent, individuals will need to know how to protect their privacy.
0 comments:
Post a Comment