tag:theconversation.com,2011:/au/topics/location-data-19998/articlesLocation data – The Conversation2023-02-20T16:13:58Ztag:theconversation.com,2011:article/1906112023-02-20T16:13:58Z2023-02-20T16:13:58ZSatellite data: The other type of smartphone data you might not know about<figure><img src="https://images.theconversation.com/files/510420/original/file-20230215-2150-v1lai3.jpg?ixlib=rb-1.1.0&rect=54%2C45%2C5916%2C3962&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Satellite data isn't collected and treated the same way location data are.</span> <span class="attribution"><span class="source">(Shutterstock)</span></span></figcaption></figure><p>When you think about location data on your mobile phone, tablet or laptop, what comes to mind? Mailing addresses? Postal codes? These data indicate where you live, where you work, and the places you visit. </p>
<p>When combined with other types of data over time, companies and governments use them to analyze your consumption patterns, occupation, education, health and financial status.</p>
<p>Turning location services off only prevents smartphone apps from receiving location data. Smartphones <a href="https://www.techrepublic.com/article/your-smartphone-can-be-tracked-even-if-gps-location-services-are-turned-off/">can still be located by cell towers and wireless networks</a> when location services are switched off. </p>
<p>This was highlighted by German politician Malte Spitz <a href="https://www.zeit.de/digital/datenschutz/2011-03/data-protection-malte-spitz">over a decade ago</a> when he sued his cellphone provider, Deutsche Telekom, for any personal data they had about him.</p>
<p>When the case was settled and he eventually received the data, Spitz found 35,000 references to his location. He was able to visually reconstruct his movements over the previous six months, demonstrating the relevance of data protection laws to the public.</p>
<p>But there is more. By using <a href="https://mitpress.mit.edu/9780262043656/critical-code-studies/">critical code</a> and documentary research methods, we found that raw satellite location measurement data are perpetually created in our devices all the time. </p>
<p>Because satellite data are building blocks used by our phones to determine where we are, they don’t always get turned off — nor are they collected and treated the same way as location data.</p>
<h2>Data outputs</h2>
<p>Smartphones determine your location in several ways. The first way involves phones <a href="https://doi.org/10.3141/2526-14">triangulating distances between cell towers or Wi-Fi routers</a>. </p>
<p>The second way involves smartphones interacting with navigation satellites. When satellites pass overhead, they transmit signals to smartphones, which allows smartphones to calculate their own location. This process uses a specialized piece of hardware called the <a href="https://doi.org/10.1088/1361-6501/ab8a7d">Global Navigation Satellite System (GNSS) chipset</a>. Every smartphone has one.</p>
<p>When these GNSS chipsets calculate navigation satellite signals, they output data in two standardized formats (known as protocols or languages): the GNSS raw measurement protocol and the National Marine Electronics Association protocol (NMEA 0183). </p>
<figure class="align-center ">
<img alt="A satellite floating above the Earth in space" src="https://images.theconversation.com/files/510419/original/file-20230215-20-w278oe.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/510419/original/file-20230215-20-w278oe.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/510419/original/file-20230215-20-w278oe.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/510419/original/file-20230215-20-w278oe.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/510419/original/file-20230215-20-w278oe.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/510419/original/file-20230215-20-w278oe.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/510419/original/file-20230215-20-w278oe.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">When satellites pass overhead, they transmit signals to smartphones, which enable smartphones to calculate their own location.</span>
<span class="attribution"><span class="source">(Shutterstock)</span></span>
</figcaption>
</figure>
<p>GNSS raw measurements include data such as the distance between satellites and cellphones and measurements of the signal itself.</p>
<p>NMEA 0183 contains similar information to GNSS raw measurements, but also includes additional information such as satellite identification numbers, the number of satellites in a constellation, what country owns a satellite, and the position of a satellite.</p>
<p>NMEA 0183 was created and is governed by the <a href="https://www.nmea.org/">NMEA</a>, a not-for-profit lobby group that is also a marine electronics trade organization. The NMEA was formed at the <a href="https://www.nmea.org/history.html">1957 New York Boat Show</a> when boating equipment manufacturers decided to build stronger relationships within the electronic manufacturing industry. </p>
<p>In the decades since, the NMEA 0183 data standard has <a href="https://www.passagemaker.com/technical/speaking-their-languages">improved marine electronics communications</a> and is now found on a wide variety of non-marine communications devices today, including smartphones.</p>
<h2>Who has access to these data?</h2>
<p>It is difficult to know who has access to data produced by these protocols. Access to NMEA protocols is <a href="https://www.nmea.org/standards.html">only available under licence to businesses</a> for a fee.</p>
<p>GNSS raw measurements, on the other hand, are a universal standard and can be read by different devices in the same way without a license. In 2016, <a href="https://www.gpsworld.com/google-to-provide-raw-gnss-measurements/">Google allowed industries to have open access to it</a> to foster innovation around device tracking accuracy, precision, analytics about how we move in real-time, and predictions about our movements in the future.</p>
<p>While automated processes can quietly harvest location data — like when a <a href="https://www.vice.com/en/article/xgz4n3/muslim-app-location-data-salaat-first">French-based company extracted location data</a> from Salaat First, a Muslim prayer app — these data don’t need to be taken directly from smartphones to be exploited.</p>
<p>Data can be modelled, experimented with, or emulated in licensed devices in labs for innovation and algorithmic development.</p>
<p>Satellite-driven raw measurements from our devices were used to <a href="https://www.euspa.europa.eu/standardisation-gnss-threat-reporting-and-receiver-testing-through-international-knowledge-exchange">power global surveillance networks like STRIKE3</a>, a now defunct European-led initiative that monitored and reported perceived threats to navigation satellites.</p>
<h2>Data and citizen rights</h2>
<p>Our research raises questions about how rights are protected in the midst of these practices. Citizens have little to no access to the data output from NMEA 0183 and GNSS raw measurements. Because of this, people are unable to negotiate the visibility of their data in these datasets.</p>
<p>The data output from NMEA 0183 and GNSS raw measurements flow unrestricted from every smartphone on the planet. Smartphones have unique identifiers — <a href="https://support.bell.ca/mobility/smartphones_and_mobile_internet/what_is_an_imei_number_and_how_can_i_find_mine">IMEI numbers</a> — that are known to the tech ecosystem. They can be <a href="https://citizenlab.ca/2015/05/the-many-identifiers-in-our-pocket-a-primer-on-mobile-privacy-and-security/">connected to a user’s personal details</a>. </p>
<p>The flow of NMEA 0183 and GNSS data is invisible to the average person, meaning citizens are unsure of how these data are used, or with whom they are shared. Because of this, it’s impossible for people to challenge how their personal data are used.</p>
<figure class="align-center ">
<img alt="A boat through a large body of water with a city skyline visible in the background" src="https://images.theconversation.com/files/510421/original/file-20230215-4182-dy33y3.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/510421/original/file-20230215-4182-dy33y3.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/510421/original/file-20230215-4182-dy33y3.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/510421/original/file-20230215-4182-dy33y3.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/510421/original/file-20230215-4182-dy33y3.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/510421/original/file-20230215-4182-dy33y3.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/510421/original/file-20230215-4182-dy33y3.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">A U.S. Coast Guard boat in Biscayne Bay, Fla., in June 2022. The National Marine Electronics Association is working on improving search-and-rescue operations by ensuring radio distress signals sent by marines contain GPS information.</span>
<span class="attribution"><span class="source">(AP Photo/Lynne Sladky)</span></span>
</figcaption>
</figure>
<p>As interest in the supposed security, entertainment and surveillance value of these protocols continue to grow, these protocols are increasingly susceptible to misuse by third-party developers.</p>
<p>But there is another layer to this: NMEA 0183 and GNSS raw measurements are standards in industries that offer products and services that many of us benefit from. The NMEA has foundations in safe passage at sea, making their data an important part of <a href="https://www.tradeonlytoday.com/industry-news/nmea-works-on-improving-distress-signal-communication">emergency services operations</a>. GNSS raw measurements are also utilized for <a href="https://www.researchgate.net/publication/309645977_Precise_GNSS_for_Everyone_Precise_Positioning_Using_Raw_GPS_Measurements_from_Android_Smartphones">safety purposes</a>.</p>
<p>Could solutions restrict the use of these data for life-critical situations only? Is there an oversight body that could assess what impacts industrial usage of these data might have upon smartphone owner rights and liberties? What about an audit led by civil society, who would be appropriately positioned to objectively inspect these issues to determine whether they might harm the public? For example, consider the way the <a href="https://globalnews.ca/news/9022878/federal-privacy-commissioner-arrivecan-app-investigation/">federal privacy commissioner reviews app data activities</a>.</p>
<p>Location data now flows constantly from GNSS chipsets. There is uncertainty about who is using these data, and for what purposes. Until industry and government reassure citizens that personal data are not being exploited and that rights are protected, these remain open questions.</p><img src="https://counter.theconversation.com/content/190611/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Tommy Cooke has received funding from the Social Sciences and Humanities Research Council of Canada, the Centre for Advanced Internet Studies (Bochum, Germany), and Queen's University's Wicked Ideas Competition. </span></em></p><p class="fine-print"><em><span>Benjamin Muller receives funding from SSHRC and King's University College.</span></em></p><p class="fine-print"><em><span>Kirstie Ball has received funding from SSHRC, ESRC, EPSRC, EU Framework 7 SSH and Security Programmes, The Leverhulme Trust and The British Academy. </span></em></p><p class="fine-print"><em><span>Alicia Sabatino does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>Cellphones are constantly collecting location data from global satellites, but there is uncertainty about who is using these data, and for what purposes.Tommy Cooke, Visiting Professor, Department of Geography & Environmental Systems, University of Maryland, Baltimore CountyAlicia Sabatino, Master's Student in Geography and Environmental Systems, University of Maryland, Baltimore CountyBenjamin Muller, Associate Professor in Migration and Border Studies, King’s University College, Western UniversityKirstie Ball, Professor of Management, University of St AndrewsLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/1871392022-07-22T12:31:36Z2022-07-22T12:31:36ZSurveillance is pervasive: Yes, you are being watched, even if no one is looking for you<figure><img src="https://images.theconversation.com/files/475248/original/file-20220720-11760-u3jww7.jpg?ixlib=rb-1.1.0&rect=0%2C6%2C4632%2C3064&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Video cameras on city streets are only the most visible way your movements can be tracked.</span> <span class="attribution"><a class="source" href="https://newsroom.ap.org/detail/AmericaProtestsRethinkingPolice/afb962959ce14ce4bbd6fd03729c2e57/photo">AP Photo/Mel Evans</a></span></figcaption></figure><p>The U.S. has the <a href="https://www.techspot.com/news/83061-report-finds-us-has-largest-number-surveillance-cameras.html">largest number of surveillance cameras per person</a> in the world. Cameras are omnipresent on city streets and in hotels, restaurants, malls and offices. They’re also used to <a href="https://www.mordorintelligence.com/industry-reports/united-states-video-surveillance-market">screen passengers</a> for the Transportation Security Administration. And then there are <a href="https://www.vox.com/recode/23207072/amazon-ring-privacy-police-footage">smart doorbells</a> and other home security cameras. </p>
<p>Most Americans are aware of video surveillance of public spaces. Likewise, most people know about online tracking – and <a href="https://morningconsult.com/2021/04/27/state-privacy-congress-priority-poll/">want Congress to do something about it</a>. But as a researcher who <a href="https://scholar.google.com/citations?hl=en&user=tMOMmqsAAAAJ&view_op=list_works&sortby=pubdate">studies digital culture and secret communications</a>, I believe that to understand how pervasive surveillance is, it’s important to recognize how physical and digital tracking work together. </p>
<p>Databases can correlate <a href="https://theconversation.com/impending-demise-of-roe-v-wade-puts-a-spotlight-on-a-major-privacy-risk-your-phone-reveals-more-about-you-than-you-think-182504">location data from smartphones</a>, the growing number of private cameras, <a href="https://www.wired.com/story/license-plate-reader-alpr-surveillance-abortion/">license plate readers</a> on police cruisers and toll roads, and <a href="https://www.theverge.com/2019/12/9/21002515/surveillance-cameras-globally-us-china-amount-citizens">facial recognition technology</a>, so if law enforcement wants to track where you are and where you’ve been, they can. They need a warrant to use <a href="https://www.upturn.org/work/mass-extraction/">cellphone search</a> equipment: Connecting your device to a <a href="https://csrc.nist.gov/Projects/Mobile-Security-and-Forensics/Mobile-Forensics">mobile device forensic tool</a> lets them extract and <a href="https://www.forensicmag.com/518341-Digital-Forensics-Window-Into-the-Soul/">analyze all your data</a> <a href="https://casetext.com/case/people-v-riley-263">if they have a warrant</a>. </p>
<p>However, private <a href="https://www.wired.com/story/opinion-data-brokers-know-where-you-are-and-want-to-sell-that-intel/">data brokers</a> also track this kind of data and <a href="https://issues.org/data-brokers-police-surveillance/">help surveil citizens</a> – without a warrant. There is a large market for personal data, compiled from information people volunteer, information people unwittingly yield – for example, <a href="https://www.digitaltrends.com/mobile/how-to-control-which-apps-access-your-location-on-ios-and-android/">via mobile apps</a> – and information that is stolen in data breaches. Among the customers for this largely unregulated data are <a href="https://www.vox.com/recode/22565926/police-law-enforcement-data-warrant">federal, state and local law enforcement agencies</a>.</p>
<h2>How you are tracked</h2>
<p>Whether or not you pass under the gaze of a surveillance camera or license plate reader, you are tracked by your mobile phone. GPS tells weather apps or maps your location, Wi-Fi uses your location, and <a href="https://cyberforensics.com/services/cellular-triangulation/">cell-tower triangulation</a> tracks your phone. <a href="https://www.eurekalert.org/news-releases/955287">Bluetooth</a> can identify and track your smartphone, and not just for COVID-19 contact tracing, Apple’s “Find My” service, or to connect headphones.</p>
<p>People volunteer their locations for <a href="https://us.norton.com/internetsecurity-privacy-ridesharing-privacy-ride.html">ride-sharing</a> or for games like <a href="https://www.pokemon.com/us/app/pokemon-go/">Pokemon Go</a> or <a href="https://www.ingress.com">Ingress</a>, but apps can also <a href="https://research.checkpoint.com/2021/mobile-app-developers-misconfiguration-of-third-party-services-leave-personal-data-of-over-100-million-exposed/">collect and share location</a> without your knowledge. Many late-model cars feature telematics that track locations – for example, <a href="https://www.popularmechanics.com/cars/how-to/a7469/your-car-is-spying-on-you-but-whom-is-it-spying-for/">OnStar or Bluelink</a>. All this makes opting out impractical.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/475532/original/file-20220721-9531-4dkmtj.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="over-the-shoulder view of a young woman on a city street holding a smart phone displaying a map" src="https://images.theconversation.com/files/475532/original/file-20220721-9531-4dkmtj.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/475532/original/file-20220721-9531-4dkmtj.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/475532/original/file-20220721-9531-4dkmtj.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/475532/original/file-20220721-9531-4dkmtj.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/475532/original/file-20220721-9531-4dkmtj.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/475532/original/file-20220721-9531-4dkmtj.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/475532/original/file-20220721-9531-4dkmtj.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Your phone knows where you are, and that information can readily make its way from apps to data brokers and on to law enforcement.</span>
<span class="attribution"><a class="source" href="https://www.gettyimages.com/detail/photo/woman-using-gps-navigation-app-on-smartphone-to-royalty-free-image/1306359673">Oscar Wong/Moment via Getty Images</a></span>
</figcaption>
</figure>
<p>The same thing is true online. Most websites feature <a href="https://themarkup.org/blacklight">ad trackers and third-party cookies</a>, which are stored in your browser whenever you visit a site. They identify you when you visit other sites so advertisers can follow you around. Some websites also use <a href="https://www.malwarebytes.com/keylogger">key logging</a>, which monitors what you type into a page before hitting submit. Similarly, session recording monitors mouse movements, clicks, scrolling and typing, even if you don’t click “submit.” </p>
<p>Ad trackers know when you browsed where, which browser you used, and what your device’s internet address is. <a href="https://www.politico.com/news/2022/07/18/google-data-states-track-abortions-00045906">Google</a> and Facebook are among the main beneficiaries, but there are many <a href="https://privacybee.com/blog/these-are-the-largest-data-brokers-in-america/">data brokers</a> <a href="https://www.cbsnews.com/news/the-data-brokers-selling-your-personal-information/">slicing and dicing such information</a> by religion, ethnicity, political affiliations, social media profiles, income and medical history for profit.</p>
<h2>Big Brother in the 21st century</h2>
<p>People may implicitly consent to some loss of privacy in the interest of perceived or real security – for example, in stadiums, on the road and at airports, or in return for cheaper online services. But these trade-offs benefit individuals far less than the companies aggregating data. <a href="https://theconversation.com/why-some-americans-dont-trust-the-census-130109">Many Americans</a> are suspicious of government <a href="https://www.pewtrusts.org/en/research-and-analysis/reports/2010/01/20/most-view-census-positively-but-some-have-doubts">censuses</a>, yet they willingly share their jogging routines on apps like <a href="https://www.theguardian.com/world/2018/jan/28/fitness-tracking-app-gives-away-location-of-secret-us-army-bases">Strava</a>, which has <a href="https://www.popularmechanics.com/technology/apps/a15912407/strava-app-military-bases-fitbit-jogging/">revealed</a> sensitive and secret <a href="https://www.washingtonpost.com/world/a-map-showing-the-users-of-fitness-devices-lets-the-world-see-where-us-soldiers-are-and-what-they-are-doing/2018/01/28/86915662-0441-11e8-aa61-f3391373867e_story.html">military data</a>. </p>
<p>In the <a href="https://scholarworks.law.ubalt.edu/ublr/vol50/iss1/2/">post-Roe v. Wade legal environment</a>, there are <a href="https://www.nytimes.com/2022/05/19/opinion/privacy-technology-data.html">concerns</a> not only about <a href="https://www.stopspying.org/pregnancy-panopticon">period tracking</a> apps but about <a href="https://www.techdirt.com/2022/05/04/data-brokers-selling-location-data-of-americans-who-visit-abortion-clinics/">correlating data</a> on physical movements with online searches and <a href="https://theconversation.com/impending-demise-of-roe-v-wade-puts-a-spotlight-on-a-major-privacy-risk-your-phone-reveals-more-about-you-than-you-think-182504">phone data</a>. Legislation like the recent <a href="https://legiscan.com/TX/bill/SB8/2021">Texas Senate Bill 8</a> anti-abortion law invokes “private individual enforcement mechanisms,” raising questions about who gets <a href="https://www.politico.com/news/2022/07/18/google-data-states-track-abortions-00045906">access to tracking data</a>. </p>
<p>In 2019, the <a href="https://www.vox.com/platform/amp/2019/10/31/20939890/missouri-abortion-clinic-hearing-periods-roe-wade">Missouri Department of Health</a> stored data about the periods of patients at the state’s lone Planned Parenthood clinic, correlated with state medical records. Communications <a href="https://www.icij.org/inside-icij/2015/05/be-paranoid-how-one-reporter-learned-danger-metadata/">metadata</a> can reveal who you are in touch with, when you were where, and who else was there – whether they are in your contacts or not.</p>
<p>Location data from apps on hundreds of millions of phones lets the <a href="https://www.politico.com/news/2022/07/18/dhs-location-data-aclu-00046208">Department of Homeland Security</a> track people. Health <a href="https://www.democraticmedia.org/CDD-Wearable-Devices-Big-Data-Report">wearables</a> pose similar risks, and medical experts note a <a href="https://pubmed.ncbi.nlm.nih.gov/31146589/">lack of awareness</a> about the security of data they collect. Note the resemblance of your Fitbit or smartwatch to ankle bracelets people wear during court-ordered monitoring.</p>
<p>The most pervasive user of tracking in the U.S. is Immigration and Customs Enforcement (ICE), which <a href="https://americandragnet.org/">amassed a vast amount of information</a> without judicial, legislative or public oversight. Georgetown University Law Center’s Center on Privacy and Technology <a href="https://americandragnet.org/">reported on how ICE searched</a> the driver’s license photographs of 32% of all adults in the U.S., tracked cars in cities home to 70% of adults, and updated address records for 74% of adults when those people activated new utility accounts.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/475235/original/file-20220720-26-5djlgp.jpg?ixlib=rb-1.1.0&rect=0%2C6%2C4068%2C2697&q=45&auto=format&w=1000&fit=clip"><img alt="A streetlight post with a second boom with a round black sphere hanging off the end" src="https://images.theconversation.com/files/475235/original/file-20220720-26-5djlgp.jpg?ixlib=rb-1.1.0&rect=0%2C6%2C4068%2C2697&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/475235/original/file-20220720-26-5djlgp.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/475235/original/file-20220720-26-5djlgp.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/475235/original/file-20220720-26-5djlgp.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/475235/original/file-20220720-26-5djlgp.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/475235/original/file-20220720-26-5djlgp.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/475235/original/file-20220720-26-5djlgp.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Video cameras and license plate readers, like those attached to this Baltimore streetlight, monitor and record the comings and goings of pedestrians and cars on city streets.</span>
<span class="attribution"><a class="source" href="https://newsroom.ap.org/detail/BaltimoreAerialSurveillance/2bd5050cf1874c85911db98629799f45/photo">AP Photo/Julio Cortez</a></span>
</figcaption>
</figure>
<h2>No one is watching the watchers</h2>
<p>Nobody expects to be invisible on streets, at borders, or in shopping centers. But who has access to all that surveillance data, and how long it is stored? There is <a href="https://www.nytimes.com/wirecutter/blog/state-of-privacy-laws-in-us/">no single U.S. privacy law</a> at the federal level, and states cope with a regulatory patchwork; only five states – California, Colorado, Connecticut, Utah and Virginia – <a href="https://www.natlawreview.com/article/state-us-state-privacy-laws-comparison">have privacy laws</a>. </p>
<p>It is possible to <a href="https://www.consumerreports.org/privacy/how-to-turn-off-location-services-on-your-smartphone-a8219252827/">limit location tracking</a> on your phone, but not to avoid it completely. Data brokers are supposed to mask your <a href="https://dataprivacymanager.net/what-is-personally-identifiable-information-pii/">personally identifiable data</a> before selling it. But this “<a href="https://www.techdirt.com/2021/11/22/anonymized-data-is-gibberish-term-rampant-location-data-sales-is-still-problem/">anonymization</a>” is meaningless since individuals are easily identified by cross-referencing additional data sets. This makes it easy for <a href="https://www.vice.com/en/article/panvkz/stalkers-debt-collectors-bounty-hunters-impersonate-cops-phone-location-data">bounty hunters and stalkers</a> to abuse the system. </p>
<p>The biggest risk to most people arises when there is a <a href="https://www.tripwire.com/state-of-security/security-data-protection/4-credit-bureau-data-breaches-predate-2017-equifax-hack/">data breach</a>, which is happening more often – whether it is a <a href="https://www.forbes.com/sites/ajdellinger/2019/06/07/many-popular-android-apps-leak-sensitive-data-leaving-millions-of-consumers-at-risk/?sh=367a2418521e">leaky app</a> or careless <a href="https://www.theverge.com/2022/7/6/23196805/marriott-hotels-maryland-data-breach-credit-cards">hotel chain</a>, a <a href="https://www.techdirt.com/2019/11/26/california-makes-50-million-annually-selling-your-dmv-data/">DMV data sale</a> or a compromised <a href="https://www.securityweek.com/massive-credit-bureau-hack-raises-troubling-questions">credit bureau</a>, or indeed a <a href="https://www.cnn.com/2019/07/22/tech/equifax-hack-ftc/index.html">data brokering</a> middleman whose <a href="https://www.washingtonpost.com/technology/2020/03/02/cloud-hack-problems/">cloud storage</a> is hacked. </p>
<p>This illicit flow of data not only puts <a href="https://www.theatlantic.com/technology/archive/2017/06/online-data-brokers/529281/">fuzzy notions</a> of privacy in peril, but may put your addresses and passport numbers, biometric data and social media profiles, credit card numbers and dating profiles, health and insurance information, and more <a href="https://epic.org/issues/consumer-privacy/data-brokers/">on sale</a>.</p><img src="https://counter.theconversation.com/content/187139/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Peter Krapp does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>It’s increasingly difficult to move about – both in the physical world and online – without being tracked.Peter Krapp, Professor of Film & Media Studies, University of California, IrvineLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/1461202020-10-13T13:34:29Z2020-10-13T13:34:29ZSouth Africa needs a national database of addresses: how it could be done<figure><img src="https://images.theconversation.com/files/358565/original/file-20200917-24-8v7uvr.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Accurate address data is vital for public services, including health monitoring.</span> <span class="attribution"><span class="source">TippaPatt/Shutterstock</span></span></figcaption></figure><p>Addresses provide people with a social status: a sense of identity and being recognised as a proper citizen. They are needed for the provision of postal and utility services; billing; disaster relief; emergency response; opening bank accounts – or just visiting friends. </p>
<p>During a pandemic like COVID-19, addresses are also vital for mapping cases. Through addresses, authorities can find out where the infected and potentially affected live. They can identify emerging infection clusters, target responses and trace contacts. Many non-pharmaceutical interventions can only be successfully implemented if health authorities know where the most vulnerable people live and which geographical clusters are most affected.</p>
<p>These addresses need to be geocoded, translating text-only, sometimes handwritten addresses into their corresponding identifiable locations on a map. Geocoding is crucial for assessing the spread of COVID-19. That’s because it allows infection clusters to be identified quickly to target interventions. </p>
<p>In South Africa, this process is hindered by the poor quality and incompleteness of addresses extracted from the forms completed at COVID-19 testing facilities. These forms provide no guidance on how addresses should be written down. Front-line health workers are also not trained to validate the addresses.</p>
<p>Unfortunately, few forms in general fit <a href="https://store.sabs.co.za/pdfpreview.php?hash=6d57ad536e49d8e0e01a2a0eff9584f2c45ee23e&preview=yes">the standard</a> that specifies and defines the data elements, as well as the address types that can be constructed from the data elements for South African addresses. This makes it difficult to use the address data on the forms. Instead municipalities, provinces and national departments have to laboriously validate and – often manually – geocode the addresses. That leads to significant delays in finding those who might be affected, increasing the risk of further infections.</p>
<p>Consequently, infection data released by the National Institute for Communicable Diseases has addresses that are ambiguous and difficult to geocode. The most difficult are addresses in <a href="https://www.britannica.com/topic/township-South-Africa">townships</a>, informal settlements and rural areas. There is also no national dataset against which addresses can be validated and geocoded. As a result, infected cases can get assigned to the wrong areas; some don’t get assigned to any area at all. </p>
<p>In a <a href="https://gcro.ac.za/m/documents/Strenghtening_Governance_through_SDI_-_the_case_of_address_data.pdf">recent study</a> we propose establishing a single address dataset for the country’s Gauteng province. This is informed by a review of international good practice. It can also be rolled out in the other eight provinces, with a view to creating a national address dataset.</p>
<h2>A solid standard</h2>
<p>Our study was conducted for the Gauteng City-Region Observatory (GCRO) and published as part of its <a href="https://gcro.ac.za/outputs/provocations">provocations series</a>. The GCRO is an independent research organisation, which generates data and analysis to help inform development and decision making in the Gauteng City-Region. It is a partnership between the provincial government, organised local government, the University of the Witwatersrand, and the University of Johannesburg.</p>
<p>We investigated the current situation regarding address data in the Gauteng City-Region by interviewing experts who maintain or use address data. We found that address data are maintained in silos at different government entities. There is limited coordination and adherence to international standards; good practice is lacking around information management. </p>
<p>To escape this conundrum, we argue for using the <a href="https://store.sabs.co.za/catalogsearch/result/?q=1883">standard on addresses</a>, known as SANS 1883-1 and published by the South African Bureau of Standards in 2009. It describes all the different addresses in use in South Africa. These include street addresses, site addresses (addresses without street names, common in townships) and informal addresses (verbal descriptions). The standard is highly regarded: it actually spawned the development of <a href="https://www.iso.org/standard/61710.html">international standards on addressing</a>.</p>
<p>SANS 1883-1 explains how to convert addresses into a single uniform data format, whether written on paper, entered in an online form or part of a municipal geospatial data infrastructure. The use of standard terminology for different address types prevents inconsistencies and confusion. And using the standard data format enables the development of tools that verify and validate addresses, as well as integrating data from different municipalities. </p>
<p>Having a standard is one thing. The next challenge lies in coordinating a single national address dataset or register.</p>
<h2>Integration</h2>
<p>Municipalities assign addresses and many of them maintain address data for their areas of jurisdiction. But they are not concerned with data beyond their boundaries. Another government entity needs to integrate data into provincial and national address datasets, as has been argued repeatedly <a href="https://journals.co.za/content/sajsci/103/11-12/EJC96627">over the past two decades</a>. Which entity should this be?</p>
<p>A recent <a href="http://www.sasdi.gov.za/sites/SASDI/Pages/All-News.aspx">news item</a> alludes to the appointment of the South African Post Office as coordinating custodian of the national address dataset. Municipalities would continue to maintain address data for their areas of jurisdiction; the Post Office, meanwhile, would coordinate integration into a national dataset. This would require the Post Office to deal with many more address types than the four postal address types within its mandate. Also, <a href="https://www.dailymaverick.co.za/article/2020-02-11-why-lindiwe-kwele-was-suspended-by-the-sa-post-office/">recent issues with its CEOs do not bode well</a>. </p>
<p>The Department of Home Affairs is another contender, since it maintains the population register. Or perhaps the Department of Planning, Monitoring and Evaluation in the Presidency should be considered because of its overarching mandate and the key role of addresses in governance. </p>
<p>The South African Revenue Service, Statistics South Africa, the Independent Electoral Commission and the Financial Intelligence Centre – and with the COVID-19 geocoding challenges, the Department of Health – could all play a role, too. The road to better address data requires multiple interventions and initiatives in parallel, including raising awareness, describing, encouraging and nurturing good practices, as well as providing policies and legislation to guide government. </p>
<h2>Moving forward</h2>
<p>A firm decision, strong political leadership and sustainable funding are required to move forward. Gauteng is one of few provinces with address data maintained at its municipalities. So it could lead by example, establishing a single, uniform address dataset available for everybody. </p>
<p>This would have positive implications far beyond COVID-19. Good quality address data is essential for future pandemics and other disasters, for good governance and for socio-economic benefits generally.</p>
<p><em>This article has been updated to reflect the fact that the South African Bureau of Standards has changed its pricing policy on SANS 1883.</em></p><img src="https://counter.theconversation.com/content/146120/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Antony K Cooper received funding from the Gauteng City-Region Observatory (GCRO) for this work. He represents the CSIR on the Committee for Spatial Information (CSI), a statutory body charged with building the South African Spatial Data Infrastructure (SASDI).
</span></em></p><p class="fine-print"><em><span>Samy Katumba is a Researcher at the Gauteng City-Region Observatory (GCRO). </span></em></p><p class="fine-print"><em><span>Serena Coetzee received funding from the Gauteng City-Region Observatory (GCRO) for this work. She represents the Council on Higher Education (CHE) on the Committee for Spatial Information (CSI), a statutory body charged with building the South African Spatial Data Infrastructure (SASDI), and until recently also represented the CHE on the South African Geomatics Council. </span></em></p>Address data are maintained in silos at different government entities. There is limited coordination and adherence to international standards; good practice is lacking around information management.Antony K Cooper, Principal Researcher, Council for Scientific and Industrial ResearchSamy Katumba, Researcher in Geospatial Science, Pr. Sci. Nat., Gauteng City-Region ObservatorySerena Coetzee, Professor, University of PretoriaLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/1348952020-03-27T03:28:14Z2020-03-27T03:28:14ZPrivacy vs pandemic: government tracking of mobile phones could be a potent weapon against COVID-19<p>Borders, beaches, pubs and churches are closed, large events are cancelled, and travellers are subject to 14 days’ isolation – all at significant cost to taxpayers and the economy. But could telecommunications technology offer a more targeted approach to controlling the spread of the COVID-19 coronavirus? </p>
<p>One possibility is to use location history data from the mobile phones of confirmed cases, to help track and trace the spread of infection.</p>
<p>Some people can be contagious without knowing, either because they have not yet developed symptoms, or because their symptoms are mild. These individuals cannot be identified until they become sufficiently unwell to seek medical assistance. Finding them more quickly could help curb the spread of the disease.</p>
<p>This suggestion clearly raises complex privacy issues. </p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/explainer-what-is-contact-tracing-and-how-does-it-help-limit-the-coronavirus-spread-134228">Explainer: what is contact tracing and how does it help limit the coronavirus spread?</a>
</strong>
</em>
</p>
<hr>
<p>All mobile service providers in Australia are required to hold <a href="https://theconversation.com/australians-accept-government-surveillance-for-now-110789">two years of data</a> relating to the use of each mobile phone on their network, including location information. </p>
<p>For anyone who tests positive with COVID-19, this data could be used to list every location where they (or, more accurately, their phone) had been over the preceding few weeks. Using that list, it would then be possible to identify every phone that had been in close proximity to the person’s phone during that time. The owners of those phones could then be tested, even though they may not necessarily have developed symptoms or suspected that they had come into contact with the coronavirus.</p>
<p>The government could do this in a systematic way. It could assemble everyone’s location history into a single, searchable database that could then be cross-referenced against the locations of known clusters of infection. This would allow contact tracing throughout the entire population, creating a more proactive way to track down suspected cases.</p>
<h2>The privacy problem</h2>
<p>You may well ask: do we want the government to assemble a searchable database showing the locations of almost every person over 16 in Australia over the past month? </p>
<p>Some people will undoubtedly find it a confronting prospect to be contacted by the government and told that surveillance analysis suggests they need to be isolated or tested. Others will be concerned that such a database, or the broad surveillance capability that underpins it, could be used to intrude on our privacy in other ways. </p>
<p>Several countries are already using mobile phone data in the fight against the coronavirus. The UK government is <a href="https://www.theguardian.com/world/2020/mar/19/plan-phone-location-data-assist-uk-coronavirus-effort">reportedly</a> in talks with major mobile phone operators to use location data to analyse the outbreak’s spread.</p>
<p>India, Hong Kong, Israel, Austria, Belgium, Germany are also among the <a href="https://www.top10vpn.com/news/surveillance/covid-19-digital-rights-tracker/">list of countries</a> taking advantage of mobile data to tackle the pandemic.</p>
<p>The Singapore government has launched an app called <a href="https://www.gov.sg/article/help-speed-up-contact-tracing-with-tracetogether">Trace Together</a>, which allows mobile users to voluntarily share their location data. Iran’s leaders have been accused of being rather less transparent, amid <a href="https://www.vice.com/en_us/article/epgkmz/iran-launched-an-app-that-claimed-to-diagnose-coronavirus-instead-it-collected-location-data-on-millions-of-people">reports</a> that its coronavirus “diagnosis” app also logs people’s whereabouts.</p>
<h2>Is it legal anyway?</h2>
<p>We may well take the view that the privacy risks are justified in the circumstances. But does the Australian government actually have the power to use our data for this purpose? </p>
<p>The <a href="https://www.legislation.gov.au/Details/C2019C00104">Telecommunications Act</a> requires carriers to keep telecommunications data secure, but also allows federal, state and territory governments to request access to it for purposes including law enforcement, national security, and protecting public revenue.</p>
<p>Being infected with COVID-19 is not a crime, and while a pandemic is arguably a threat to national security, it is not specifically listed under the Act. Limiting the outbreak would undoubtedly benefit public revenue, but clearly the primary intent of contact tracing is as a public health measure.</p>
<p>There is another law that could also compel mobile carriers to hand over users’ data. During a “human biosecurity emergency period”, the <a href="https://www.legislation.gov.au/Details/C2017C00303">Biosecurity Act 2015</a> allows the federal health minister to take any action necessary to prevent or control the “emergence, establishment or spread” of the declared emergency disease. A human biosecurity emergency period was declared on Sunday 23 March.</p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/explainer-what-are-the-laws-mandating-self-isolation-and-how-will-they-be-enforced-133757">Explainer: what are the laws mandating self-isolation and how will they be enforced?</a>
</strong>
</em>
</p>
<hr>
<p>In recent years there has been a <a href="https://theconversation.com/au/topics/metadata-6464">great deal of debate</a> over the use of telecommunications data for surveillance purposes. The introduction of the mandatory data retention regime was contentious, as was the broad power granted to multiple agencies to access the data for law enforcement. </p>
<p>One reason for the controversy was the relatively low threshold for use of these laws: authorities could access data relating to any suspected offence punishable by three years or more in prison. </p>
<p>Australia is now facing a crisis that is orders of magnitude more serious. Many Australians would be willing to see their information used in this way if it saves lives, limits the economic impact, and impedes the spread of COVID-19. </p>
<p>The Commonwealth has the legal power to do it, the security and privacy issues can be managed, and the benefits may be significant.</p><img src="https://counter.theconversation.com/content/134895/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Patrick Fair is principal of Patrick Fair Associates, and Chairman of the Communications Security Reference Panel at the Communications Alliance.</span></em></p>Our mobile phone’s location data could be a valuable tool to help track and trace the spread of the coronavirus outbreak. The government has the legal power to do it, given what’s at stake.Patrick Fair, Adjunct Professor, School of Information Technology, Deakin UniversityLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/1107602019-02-11T11:43:55Z2019-02-11T11:43:55ZMost Americans don’t realize what companies can predict from their data<figure><img src="https://images.theconversation.com/files/257337/original/file-20190205-86233-1nwgowd.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">What does your phone know about you?</span> <span class="attribution"><a class="source" href="https://www.shutterstock.com/image-photo/young-woman-using-smartphone-subway-1038574906?src=t1oTaTbawdiv1zYvT90j-A-1-34">Rawpixel.com/Shutterstock.com</a></span></figcaption></figure><p><a href="https://themanifest.com/app-development/popularity-google-maps-trends-navigation-apps-2018">Sixty-seven percent of smartphone users</a> rely on Google Maps to help them get to where they are going quickly and efficiently.</p>
<p>A major of feature of Google Maps is its ability to predict how long different navigation routes will take. That’s possible because the mobile phone of each person using Google Maps sends data about its location and speed back to Google’s servers, where it is analyzed to generate new data about traffic conditions. </p>
<p>Information like this is useful for navigation. But the exact same data that is used to predict traffic patterns can also be used to predict other kinds of information – information people might not be comfortable with revealing.</p>
<p>For example, data about a mobile phone’s past location and movement patterns <a href="https://www.nytimes.com/interactive/2018/12/10/business/location-data-privacy-apps.html">can be used to predict</a> where a person lives, who their employer is, where they attend religious services and the age range of their children based on where they drop them off for school.</p>
<p>These predictions label who you are as a person and guess what you’re likely to do in the future. Research shows that people are largely unaware that these predictions are possible, and, if they do become aware of it, <a href="https://repository.upenn.edu/asc_papers/398/">don’t like it</a>. In my view, as someone who studies how predictive algorithms affect people’s privacy, that is a major problem for digital privacy in the U.S. </p>
<h2>How is this all possible?</h2>
<p>Every device that you use, every company you do business with, every online account you create or loyalty program you join, and even the government itself collects data about you. </p>
<p>The <a href="https://www.ftc.gov/system/files/documents/reports/data-brokers-call-transparency-accountability-report-federal-trade-commission-may-2014/140527databrokerreport.pdf">kinds of data they collect include things like</a> your name, address, age, Social Security or driver’s license number, purchase transaction history, web browsing activity, voter registration information, whether you have children living with you or speak a foreign language, the photos you have posted to social media, the listing price of your home, whether you’ve recently had a life event like getting married, your credit score, what kind of car you drive, how much you spend on groceries, how much credit card debt you have and the location history from your mobile phone.</p>
<p><iframe id="HZttR" class="tc-infographic-datawrapper" src="https://datawrapper.dwcdn.net/HZttR/2/" height="400px" width="100%" style="border: none" frameborder="0"></iframe></p>
<p>It doesn’t matter if these datasets were collected separately by different sources and don’t contain your name. It’s still easy to match them up according to other information about you that they contain. </p>
<p>For example, there are identifiers in public records databases, like your name and home address, that can be matched up with GPS location data from an app on your mobile phone. This allows a third party to link your home address with the location where you spend most of your evening and nighttime hours – presumably where you live. This means the app developer and its partners have access to your name, even if you didn’t directly give it to them. </p>
<p>In the U.S., <a href="https://harvardlawreview.org/2017/05/if-these-walls-could-talk-the-smart-home-and-the-fourth-amendment-limits-of-the-third-party-doctrine/">the companies and platforms you interact with</a> own the data they collect about you. This means they can legally sell this information to data brokers. </p>
<p>Data brokers are companies that are in the business of buying and selling datasets from a wide range of sources, including location data from <a href="https://www.wired.com/story/carriers-sell-location-data-third-parties-privacy/">many mobile phone carriers</a>. Data brokers combine data to create detailed profiles of individual people, which they <a href="https://motherboard.vice.com/en_us/article/bjpx3w/what-are-data-brokers-and-how-to-stop-my-private-data-collection">sell to other companies</a>. </p>
<p>Combined datasets like this can be used to predict what you’ll want to buy in order to target ads. For example, a company that has purchased data about you can do things like connect your social media accounts and web browsing history with the route you take when you’re running errands and your purchase history at your local grocery store. </p>
<p>Employers use large datasets and predictive algorithms to make decisions about who to interview for jobs and <a href="https://www.businessinsider.com/workday-predicts-when-employees-will-quit-2014-11">predict who might quit</a>. Police departments make lists of people who may be <a href="https://bigdata.fairness.io/predictive-policing/">more likely to commit violent crimes</a>. FICO, the same company that calculates credit scores, also calculates a <a href="https://www.fico.com/en/products/fico-medication-adherence-score">“medication adherence score”</a> that predicts <a href="https://www.fico.com/en/resource-download-file/3630">who will stop taking their prescription medications</a>.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/257557/original/file-20190206-174861-1w2r23i.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/257557/original/file-20190206-174861-1w2r23i.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/257557/original/file-20190206-174861-1w2r23i.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=393&fit=crop&dpr=1 600w, https://images.theconversation.com/files/257557/original/file-20190206-174861-1w2r23i.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=393&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/257557/original/file-20190206-174861-1w2r23i.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=393&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/257557/original/file-20190206-174861-1w2r23i.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=494&fit=crop&dpr=1 754w, https://images.theconversation.com/files/257557/original/file-20190206-174861-1w2r23i.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=494&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/257557/original/file-20190206-174861-1w2r23i.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=494&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Research shows that people are only aware of predictions that are shown to them in an app’s user interface, and that make sense given the reason they decided to use the app.</span>
<span class="attribution"><a class="source" href="https://www.shutterstock.com/image-photo/closeup-shot-bearded-sportive-man-after-485402515?src=jfwCSwgeTOnU54CqULK6uA-1-16">SIFO CRACHO/shutterstock.com</a></span>
</figcaption>
</figure>
<h2>How aware are people about this?</h2>
<p>Even though people may be aware that their mobile phones have GPS and that their name and address are in a public records database somewhere, it’s far less likely that they realize <a href="http://dx.doi.org/10.14722/usec.2016.23017">how their data can be combined to make new predictions</a>. That’s because privacy policies typically only include <a href="https://doi.org/10.1086/688669">vague language</a> about how data that’s collected will be used.</p>
<p><a href="http://www.pewinternet.org/2019/01/16/facebook-algorithms-and-personal-data/">In a January survey</a>, the Pew Internet and American Life project asked adult Facebook users in the U.S. about the predictions that Facebook makes about their personal traits, based on data collected by the platform and its partners. For example, Facebook assigns a “multicultural affinity” category to some users, guessing how similar they are to people from different race or ethnic backgrounds. This information is used to target ads. </p>
<p>The survey found that 74 percent of people did not know about these predictions. About half said they are not comfortable with Facebook predicting information like this.</p>
<p><a href="https://scholar.google.com/citations?user=uXpvv2V2xKkC&hl=en">In my research</a>, I’ve found that people are only aware of predictions that are shown to them in an app’s user interface, and that makes sense given the reason they decided to use the app. For example, a <a href="https://www.usenix.org/conference/soups2017/technical-sessions/presentation/rader">2017 study of fitness tracker users</a> showed that people are aware that their tracker device collects their GPS location when they are exercising. But this doesn’t translate into awareness that the activity tracker company can predict where they live.</p>
<p>In another study, I found that Google Search users know that Google collects data about their search history, and Facebook users are aware that Facebook knows who their friends are. But <a href="https://www.usenix.org/conference/soups2014/proceedings/presentation/rader">people don’t know</a> that their Facebook “likes” can be used to <a href="https://doi.org/10.1073/pnas.1218772110">accurately predict their political party affiliation or sexual orientation</a>.</p>
<p><iframe id="0A04L" class="tc-infographic-datawrapper" src="https://datawrapper.dwcdn.net/0A04L/5/" height="400px" width="100%" style="border: none" frameborder="0"></iframe></p>
<h2>What can be done about this?</h2>
<p>Today’s internet largely relies on people managing their own digital privacy. </p>
<p>Companies ask people up front to consent to systems that collect data and make predictions about them. <a href="https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2171018">This approach</a> would work well for managing privacy, if people refused to use services that have privacy policies they don’t like, and if companies wouldn’t violate their own privacy policies. </p>
<p>But research shows that <a href="https://doi.org/10.1080/08838151.2018.1451867">nobody reads or understands</a> those privacy policies. And, even when companies face consequences for breaking their privacy promises, it doesn’t stop them from <a href="https://www.recode.net/2019/1/23/18193314/facebook-ftc-investigation-explained-privacy-agreement">doing it again</a>. </p>
<p>Requiring users to consent without understanding how their data will be used also allows companies to shift the blame onto the user. If a user starts to feel like their data is being used in a way that they’re not actually comfortable with, they don’t have room to complain, because they consented, right? </p>
<p>In my view, there is no realistic way for users to be aware of the kinds of predictions that are possible. People naturally expect companies to use their data only in ways that are related to the reasons they had for interacting with the company or app in the first place. But companies usually aren’t legally required to restrict the ways they use people’s data to only things that users would expect. </p>
<p>One exception is Germany, where the Federal Cartel Office <a href="https://www.bundeskartellamt.de/SharedDocs/Publikation/EN/Pressemitteilungen/2019/07_02_2019_Facebook.pdf?__blob=publicationFile&v=2">ruled on Feb. 7</a> that Facebook must specifically ask its users for permission to combine data collected about them on Facebook with data collected from third parties. The ruling also states that if people do not give their permission for this, they should still be able to use Facebook.</p>
<p>I believe that the U.S. needs stronger privacy-related regulation, so that companies will be more transparent and accountable to users about not just the data they collect, but also the kinds of predictions they’re generating by combining data from multiple sources.</p><img src="https://counter.theconversation.com/content/110760/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Emilee Rader receives funding from the National Science Foundation. </span></em></p>Every device that you use, every company you do business with, every online account you create – they all collect data about you and analyze it to figure out minute details of your life.Emilee Rader, Associate Professor of Media and Information, Michigan State UniversityLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/1091302019-02-04T11:39:39Z2019-02-04T11:39:39ZIs your VPN secure?<figure><img src="https://images.theconversation.com/files/255948/original/file-20190128-108334-kvfy4j.jpg?ixlib=rb-1.1.0&rect=258%2C373%2C6131%2C4416&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Secure communications are increasingly important.</span> <span class="attribution"><a class="source" href="https://www.shutterstock.com/image-illustration/abstract-secure-network-concept-on-dark-194040659">maxuser/Shutterstock.com</a></span></figcaption></figure><p>About <a href="https://blog.globalwebindex.com/chart-of-the-day/vpn-usage-2018/">a quarter of internet users</a> use a virtual private network, a software setup that creates a secure, encrypted data connection between their own computer and another one elsewhere on the internet. Many people use them to <a href="https://lifehacker.com/how-to-choose-a-vpn-1831320407">protect their privacy</a> when using Wi-Fi hotspots, or to connect securely to workplace networks while traveling. Other users are concerned about surveillance from governments and internet providers.</p>
<p>Many <a href="https://www.zdnet.com/article/how-to-use-a-vpn-to-protect-your-internet-privacy/">VPN companies promise</a> to use strong encryption to secure data, and say they protect users’ privacy by not storing records of where people access the service or what they do while connected. If everything worked the way it was supposed to, someone snooping on the person’s computer would not see all their internet activity – just an unintelligible connection to that one computer. Any companies, governments or hackers spying on overall internet traffic could still spot a computer transmitting sensitive information or browsing Facebook at the office – but would think that activity was happening on a different computer than the one the person is really using.</p>
<p>However, most people – including VPN customers – don’t have the skills to double-check that they’re getting what they paid for. A group of researchers <a href="https://scholar.google.com/citations?user=NDPIex8AAAAJ&hl=en">I was part of</a> do have those skills, and our examination of the services provided by 200 VPN companies found that <a href="https://dl.acm.org/citation.cfm?id=3278570">many of them mislead customers about key aspects</a> of their user protections.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/255939/original/file-20190128-108364-zo4rwk.png?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/255939/original/file-20190128-108364-zo4rwk.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/255939/original/file-20190128-108364-zo4rwk.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=433&fit=crop&dpr=1 600w, https://images.theconversation.com/files/255939/original/file-20190128-108364-zo4rwk.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=433&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/255939/original/file-20190128-108364-zo4rwk.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=433&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/255939/original/file-20190128-108364-zo4rwk.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=544&fit=crop&dpr=1 754w, https://images.theconversation.com/files/255939/original/file-20190128-108364-zo4rwk.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=544&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/255939/original/file-20190128-108364-zo4rwk.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=544&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">How a VPN secures internet activity.</span>
<span class="attribution"><span class="source">Mohammad Taha Khan</span>, <a class="license" href="http://creativecommons.org/licenses/by-nd/4.0/">CC BY-ND</a></span>
</figcaption>
</figure>
<h2>Consumers are in the dark</h2>
<p>Our research found that it is very hard for VPN customers to get unbiased information. Many VPN providers <a href="https://www.ctrl.blog/entry/pcmag-vpn-review">pay third-party review sites and blogs</a> to <a href="https://onemorecupof-coffee.com/best-vpn-affiliate-programs/">promote their services</a> by <a href="https://www.ivpn.net/blog/closed-affiliate-program">writing positive reviews</a> and <a href="https://thatoneprivacysite.net/choosing-the-best-vpn-for-you/">ranking them highly</a> in industry surveys. These amount to advertisements to people considering purchasing VPN services, rather than independent and unbiased reviews. We studied 26 review websites; <a href="https://dl.acm.org/citation.cfm?id=3278570">24 of them</a> were getting some form of kickback payment for positive reviews. </p>
<p>A typical example was a site listing hundreds of VPN companies that rated more than 90 percent of them as 4 out of 5 or higher. This is not illegal, but it skews evaluations that could be independent. It also makes competition much more difficult for newer and smaller VPN providers that may have better service but lower budgets to pay for good publicity.</p>
<h2>Vague on data privacy</h2>
<p>We also learned that VPN companies don’t always do much to protect users’ data, despite advertising that they do. Of the 200 companies we looked at, 50 had no privacy policy posted online at all – <a href="https://www.ftc.gov/tips-advice/business-center/privacy-and-security">despite laws</a> <a href="https://termsfeed.com/blog/privacy-policy-mandatory-law/">requiring them to do so</a>.</p>
<p>The companies that did post privacy policies varied widely in their descriptions of how they handle users’ data. Some policies were as short as 75 words, a far cry from the <a href="https://www.wsj.com/articles/privacy-policies-flooding-your-inbox-how-to-cut-through-the-gibberish-1526565342">multi-page legal documents</a> standard on banking and social media sites. Others did not formally confirm what their advertisements suggested, leaving room to spy on users even after promising not to.</p>
<h2>Leaking or monitoring traffic</h2>
<p>Much of the security of a VPN depends on ensuring that all the user’s internet traffic goes through an encrypted connection between the user’s computer and the VPN server. But the software is written by humans, and humans make mistakes. When we tested 61 VPN systems, we found programming and configuration errors in 13 of them that allowed internet traffic to travel outside the encrypted connection – defeating the purpose of using a VPN and leaving the user’s online activity exposed to outside spies and observers.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/255947/original/file-20190128-108367-1j5n6tg.png?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/255947/original/file-20190128-108367-1j5n6tg.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/255947/original/file-20190128-108367-1j5n6tg.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=245&fit=crop&dpr=1 600w, https://images.theconversation.com/files/255947/original/file-20190128-108367-1j5n6tg.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=245&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/255947/original/file-20190128-108367-1j5n6tg.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=245&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/255947/original/file-20190128-108367-1j5n6tg.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=308&fit=crop&dpr=1 754w, https://images.theconversation.com/files/255947/original/file-20190128-108367-1j5n6tg.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=308&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/255947/original/file-20190128-108367-1j5n6tg.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=308&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">When VPNs don’t work right, users’ data leaks out.</span>
<span class="attribution"><span class="source">Mohammad Taha Khan</span>, <a class="license" href="http://creativecommons.org/licenses/by-nd/4.0/">CC BY-ND</a></span>
</figcaption>
</figure>
<p>Also, because VPN companies can, if they choose, monitor all online activity their users engage in, we checked to see if any were doing that. We found six of the 200 VPN services we studied actually did monitor users’ traffic themselves. This is different from accidental leaking, because it involves actively looking at users’ activity – and possibly retaining data about what users are doing.</p>
<p>Encouraged by ads that focus on privacy, users trust these companies not to do this, and not to share what they find with data brokers, advertising companies and police or other government agencies. Yet these six VPN companies don’t legally commit to protecting users, regardless of their promises. </p>
<h2>Lying about locations</h2>
<p>A huge selling point for many VPNs is that they claim to allow customers to connect to the internet as if they were in countries other than where they really are. Some users do this to avoid copyright restrictions, either illegally or quasi-legally, like watching U.S. Netflix shows while on vacation in Europe. Others do this to avoid censorship or other national rules governing internet activities.</p>
<p>We found, though, that those claims of international presence aren’t always true. Our suspicions were first raised when we saw VPNs claiming to let people use the internet <a href="https://vpn-services.bestreviews.net/countries/vpn-iran/">as if they were in Iran</a>, North Korea and smaller island territories like Barbados, Bermuda and Cape Verde – places where it’s <a href="https://www.bbc.com/news/world-asia-37426725">very difficult to get internet access</a>, if not <a href="http://www.northkoreatech.org/2015/07/06/a-peek-inside-north-koreas-intranet/">impossible for foreign companies</a>.</p>
<figure class="align-right zoomable">
<a href="https://images.theconversation.com/files/255949/original/file-20190128-108334-371qnf.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/255949/original/file-20190128-108334-371qnf.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/255949/original/file-20190128-108334-371qnf.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=336&fit=crop&dpr=1 600w, https://images.theconversation.com/files/255949/original/file-20190128-108334-371qnf.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=336&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/255949/original/file-20190128-108334-371qnf.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=336&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/255949/original/file-20190128-108334-371qnf.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=422&fit=crop&dpr=1 754w, https://images.theconversation.com/files/255949/original/file-20190128-108334-371qnf.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=422&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/255949/original/file-20190128-108334-371qnf.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=422&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Where in the world is that traffic really from?</span>
<span class="attribution"><a class="source" href="https://www.shutterstock.com/image-vector/world-map-3d-set-infographics-elements-337874288">MSSA/Shutterstock.com</a></span>
</figcaption>
</figure>
<p>When we investigated, we found some VPNs that claim to have large numbers of diverse internet connections really only have a few servers clustered in a couple of countries. Our study found they manipulate internet routing records so they appear to provide service in other locations. We found at least six VPN services that claim to route their traffic through one country but really convey it through another. Depending on the user’s activity and the country’s laws, this could be illegal or even life-threatening – but at the very least it’s misleading.</p>
<h2>Guidelines for VPN users</h2>
<p>Technically minded customers who are still interested in VPNs might consider setting up their own servers, either <a href="https://hackernoon.com/using-a-vpn-server-to-connect-to-your-aws-vpc-for-just-the-cost-of-an-ec2-nano-instance-3c81269c71c2">using cloud computing services</a> or their <a href="https://www.howtogeek.com/221001/how-to-set-up-your-own-home-vpn-server/">home internet connection</a>. People with a bit less technical comfort might consider using the <a href="https://www.torproject.org/projects/torbrowser.html.en">Tor browser</a>, a network of internet-connected computers that help <a href="https://theconversation.com/securing-web-browsing-protecting-the-tor-network-56840">guard its users’ privacy</a>.</p>
<p>Those methods are difficult and may be slow. When selecting a commercial VPN service, <a href="https://dl.acm.org/citation.cfm?id=3278570">our best advice, informed by our research</a>, is to read the site’s privacy policy carefully, and buy short subscriptions, perhaps month-by-month, rather than longer ones, so it’s easier to switch if you find something better.</p><img src="https://counter.theconversation.com/content/109130/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Mohammad Taha Khan is a PhD candidate at the University of Illinous at Chicago. This research was made possible by funding provided by the National Science Foundation and the Open Technology Fund. Also, a special thanks to the International Computer Science Insititue at Berkeley for supporting the initial phases of the project.</span></em></p><p class="fine-print"><em><span>Narseo Vallina-Rodriguez recibe fondos de National Science Foundation de USA, el Ministerio de Economia de España, y la Comision Europea.</span></em></p>Virtual private network companies make lots of promising claims about their services. Most people don’t have the skills to double-check their providers. So this group of researchers did the testing.Mohammad Taha Khan, Ph.D. Candidate in Computer Science, University of Illinois ChicagoNarseo Vallina-Rodriguez, Research Assistant Professor, IMDEA Networks Institute, Madrid, Spain; Research Scientist, Networking and Security, International Computer Science Institute based at, University of California, BerkeleyLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/949782018-05-10T02:01:36Z2018-05-10T02:01:36ZHow silent signals from your phone could be recording and tracking you<figure><img src="https://images.theconversation.com/files/215995/original/file-20180423-94149-i384la.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Advertisers may track a customer's shopping preferences within a shopping centre by using ultrasonic beacons emitted from their mobile phones.
</span> <span class="attribution"><span class="source">Mai Lam/The Conversation NY-BD-CC</span>, <a class="license" href="http://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA</a></span></figcaption></figure><p>My lounge room is bugged. My phone is broadcasting an ultrasonic signal to my blu-ray player via an acoustic side channel beyond human hearing. </p>
<p>The channel networks the two devices, similar to how a dial-up connection used to get our computers online before the days of the NBN. The same technology is behind Google’s <a href="https://developers.google.com/beacons/eddystone">Nearby API</a> through their Eddystone protocol, and is the basis of products sold by the startup <a href="https://lisnr.com/">Lisnr</a>. It’s also the reason more and more apps are requesting access permissions to your microphone.</p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/can-sound-be-used-as-a-weapon-4-questions-answered-83627">Can sound be used as a weapon? 4 questions answered</a>
</strong>
</em>
</p>
<hr>
<p>Aside from networking, companies use ultrasonic signals (or beacons) to gather information about users. That could include monitoring television viewing and web browsing habits, tracking users across multiple devices, or determining a shopper’s precise location within a store. </p>
<p>They use this information to send alerts that are relevant to your surroundings – such as a welcome message when you enter a museum or letting you know about a sale when you pass by a particular store. </p>
<p>But since this technology records sound – even if temporarily – it could constitute a breach of privacy. An analysis of various Australian regulations covering listening devices and surveillance reveals a legal grey area in relation to ultrasonic beacons.</p>
<h2>How does ultrasonic data transfer work?</h2>
<p>Google Nearby enables Android phone users who are in close proximity to each other to connect their devices and share data, such as documents or media. Google <a href="https://support.google.com/pixelphone/answer/6260286?hl=en">says</a>:</p>
<blockquote>
<p>To share and collaborate in apps, Nearby uses Bluetooth, Wi-Fi, and inaudible sound to detect devices around your device. (Some people can hear a short buzz.)</p>
</blockquote>
<p>These inaudible sounds are ultrasonic beacons transmitting data that is then picked up by your phone. </p>
<p>To demonstrate this technology, I recorded such a beacon being broadcast in my lounge room while watching Netflix. In the below image you can see the audio ends around the 15kHz mark with the ultrasonic beacon beginning at 20kHz, the point at which average human hearing ends.</p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/215787/original/file-20180421-75100-x3ti7r.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/215787/original/file-20180421-75100-x3ti7r.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=642&fit=crop&dpr=1 600w, https://images.theconversation.com/files/215787/original/file-20180421-75100-x3ti7r.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=642&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/215787/original/file-20180421-75100-x3ti7r.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=642&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/215787/original/file-20180421-75100-x3ti7r.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=807&fit=crop&dpr=1 754w, https://images.theconversation.com/files/215787/original/file-20180421-75100-x3ti7r.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=807&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/215787/original/file-20180421-75100-x3ti7r.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=807&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">Audio capture demonstrating the different frequencies over a 71 second period while watching Netflix. The ultrasonic beacon is apparent in the right hand side of the waterfall diagram.</span>
</figcaption>
</figure>
<p>Since these ultrasonic sounds are the only relevant section of the data signal, it is necessary to remove the lower frequency audible signals (such as speech) that are also captured. This is done by using a high-pass filter. A high-pass filter extracts high frequencies to remain in the data and eliminates the lower frequencies. </p>
<p>This means, in theory, that while the device could be recording sound, it isn’t keeping the parts of the recording that might include conversation.</p>
<p>Different filters process signals in different ways. While filters constructed from basic electrical components do not require any storage of the signal, digital software filters require the signal to be stored temporarily.</p>
<h2>Is this kind of recording legal?</h2>
<p>In South Australia, where I am based, a <a href="https://www.legislation.sa.gov.au/LZ/C/A/SURVEILLANCE%20DEVICES%20ACT%202016/CURRENT/2016.2.AUTH.PDF">listening device</a> is precisely defined as: </p>
<blockquote>
<p>a device capable of being used to listen to or record a private conversation or words spoken to or by any person in private conversation (…) but does not include a device being used to assist a person with impaired hearing to hear sounds ordinarily audible to the human ear.</p>
</blockquote>
<p>There is no exemption provided for recording sounds and then removing the audible portion. </p>
<p>It is generally unlawful “to overhear, record, monitor or listen to a private conversation” unless you have the express permission of all parties involved. Since audio is being recorded using a standard microphone in the course of an ultrasonic data transfer, the full audio spectrum – including any conversation occurring – is being sampled at the same time. </p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/your-mobile-phone-can-give-away-your-location-even-if-you-tell-it-not-to-65443">Your mobile phone can give away your location, even if you tell it not to</a>
</strong>
</em>
</p>
<hr>
<p>The type of filter used is therefore critical. If a digital filter is being used to extract the ultrasonic data, the temporary storage of the full audio spectrum could be considered a recording. And that requires consent.</p>
<p>Google gives users the chance to opt-out the first time notifications are made using the Nearby service. However, this could only be construed as consent for the phone owner, not all parties to a possible conversation being recorded in private. Also, by the time the notification happens, the recording has already occurred.</p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/215788/original/file-20180421-75107-nk39jb.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/215788/original/file-20180421-75107-nk39jb.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=212&fit=crop&dpr=1 600w, https://images.theconversation.com/files/215788/original/file-20180421-75107-nk39jb.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=212&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/215788/original/file-20180421-75107-nk39jb.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=212&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/215788/original/file-20180421-75107-nk39jb.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=267&fit=crop&dpr=1 754w, https://images.theconversation.com/files/215788/original/file-20180421-75107-nk39jb.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=267&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/215788/original/file-20180421-75107-nk39jb.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=267&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">Google’s FAQ explaining the opt-out process for the Nearby API.</span>
</figcaption>
</figure>
<h2>What about location tracking?</h2>
<p>Advertisers can use ultrasonic signals that speak to your mobile phone to establish where you are within a store. They can also correlate this data with other advertising metadata easily obtained from cookies to track your broader movements.</p>
<p>This further complicates matters regarding their legality. </p>
<p>In South Australia, a <a href="https://www.legislation.sa.gov.au/LZ/C/A/SURVEILLANCE%20DEVICES%20ACT%202016/CURRENT/2016.2.AUTH.PDF">tracking device</a> is explicitly defined as: </p>
<blockquote>
<p>a device capable of being used to determine the geographical location of a person, vehicle or thing and any associated equipment.</p>
</blockquote>
<p>Since it is generally illegal to track someone without their consent – implied or otherwise – if an advertiser is using an app combined with an ultrasonic beacon to track you and you are unaware that they are doing so, they could be breaking the law. </p>
<p><a href="https://developers.google.com/nearby/messages/android/user-consent">Google says</a> the Nearby protocol is battery-intensive due to the use of Bluetooth and wifi. As such “the user must provide consent for Nearby to utilise the required device resources”. It says nothing about the legality of needing permission to record sound or track users.</p>
<p>Google does warn that the Nearby service is a one-way communication channel with your phone never communicating directly to a Nearby service <a href="https://support.google.com/pixelphone/answer/6260286?hl=en">on its online support page</a>.</p>
<p>But since users are required to opt-out of the service, it’s hard to argue that they have given informed consent.</p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/215789/original/file-20180421-75093-sdrtwf.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/215789/original/file-20180421-75093-sdrtwf.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=293&fit=crop&dpr=1 600w, https://images.theconversation.com/files/215789/original/file-20180421-75093-sdrtwf.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=293&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/215789/original/file-20180421-75093-sdrtwf.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=293&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/215789/original/file-20180421-75093-sdrtwf.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=368&fit=crop&dpr=1 754w, https://images.theconversation.com/files/215789/original/file-20180421-75093-sdrtwf.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=368&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/215789/original/file-20180421-75093-sdrtwf.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=368&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">Google explains that the Nearby devices do not connect directly as Lisnr technology does, however, nothing is specified about what happens to data from your phone to Google or other third-party servers.</span>
</figcaption>
</figure>
<h2>What can I to protect my privacy?</h2>
<p>Users need to be aware of the potential to be tracked from ultrasonic beacons such as Google’s Nearby service. </p>
<p>Since this is a built-in feature of Google’s Pixel phone and other Android phones, users need to have informed consent regarding the Nearby service and the dangers of revealing data about themselves. Merely blocking app permissions which request to use your phone’s microphone will not be enough. </p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/7-in-10-smartphone-apps-share-your-data-with-third-party-services-72404">7 in 10 smartphone apps share your data with third-party services</a>
</strong>
</em>
</p>
<hr>
<p>One research group <a href="https://ubeacsec.org/">has released a patch</a> that proposes to modify the permission request on phones requiring apps to state when they want access to your microphone to track inaudible signals individually. This doesn’t solve the built-in problem of Google’s API though.</p>
<p>Google and other mobile phone companies should do more to ensure they are adequately gaining informed consent from users to ensure they do not fall foul of the law.</p>
<hr>
<p><em>Thanks to reader feedback we’ve updated this article at the author’s request to remove references to Apple’s iBeacon, which does not use an acoustic side channel for data transfer.</em></p><img src="https://counter.theconversation.com/content/94978/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Richard Matthews is an elected member of Council at The University of Adelaide. He is a member of the South Australian branch of the Labor Party and a Graduate Member of the Institute of Engineers Australia.</span></em></p>Inaudible sounds are being used to transmit data from our devices. While not new technology, these ultrasonic beacons may be in breach of laws regarding surveillance devices.Richard Matthews, PhD Candidate, University of AdelaideLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/654432018-02-06T11:37:10Z2018-02-06T11:37:10ZYour mobile phone can give away your location, even if you tell it not to<figure><img src="https://images.theconversation.com/files/204617/original/file-20180202-162082-escm9.png?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Fitness trackers report their location and map the Burning Man festival in the Nevada desert.</span> <span class="attribution"><a class="source" href="https://labs.strava.com/heatmap/#13.00/-119.22766/40.77968/hot/all">Screenshot of Strava Heat Map</a></span></figcaption></figure><p>U.S. military officials were recently caught off guard by revelations that servicemembers’ digital fitness trackers were <a href="https://labs.strava.com/heatmap/">storing the locations</a> of their workouts – including at or near <a href="https://www.washingtonpost.com/world/a-map-showing-the-users-of-fitness-devices-lets-the-world-see-where-us-soldiers-are-and-what-they-are-doing/2018/01/28/86915662-0441-11e8-aa61-f3391373867e_story.html">military bases and clandestine sites</a> around the world. But this threat is not limited to Fitbits and similar devices. My group’s recent research has shown how mobile phones can also track their users through stores and cities and around the world – even when users turn off their phones’ location-tracking services.</p>
<p>The vulnerability comes from the wide range of sensors phones are equipped with – not just GPS and communications interfaces, but gyroscopes and accelerometers that can tell whether a phone is being held upright or on its side and can measure other movements too. Apps on the phone can use those sensors to perform tasks users aren’t expecting – like <a href="https://doi.org/10.1109/MSP.2017.25">following a user’s movements turn by turn</a> along city streets.</p>
<p>Most people expect that turning their phone’s location services off disables this sort of mobile surveillance. But the research I conduct with my colleagues <a href="https://www.ccis.northeastern.edu/people/sashank-narain/">Sashank Narain</a>, <a href="https://www.ccis.northeastern.edu/people/triet-vo-huu/">Triet Vo-Huu</a>, <a href="https://www.ccis.northeastern.edu/people/ken-block/">Ken Block</a> and <a href="http://www.ccs.neu.edu/home/amirali/">Amirali Sanatinia</a> at Northeastern University, in a field called “<a href="https://doi.org/10.1007/3-540-68697-5_9">side-channel attacks</a>,” uncovers ways that apps can avoid or escape those restrictions. We have revealed how a phone can listen in on a user’s finger-typing to discover a secret password – and how simply carrying a phone in your pocket can tell data companies where you are and where you’re going.</p>
<h2>Making assumptions about attacks</h2>
<p>When designing protection for a device or a system, people make assumptions about what threats will occur. Cars, for instance, are designed to protect their occupants from crashes with other cars, buildings, guardrails, telephone poles and other objects commonly found in or near roads. They’re not designed to keep people safe in cars driven off a cliff or smashed by huge rocks dropped on them. It’s just not cost-effective to engineer defenses against those threats, because they’re assumed to be extremely uncommon.</p>
<p>Similarly, people designing software and hardware make assumptions about what hackers might do. But that doesn’t mean devices are safe. One of the first side-channel attacks was identified back in 1996 by cryptographer Paul Kocher, who showed he could break popular and supposedly secure cryptosystems by <a href="https://doi.org/10.1007/3-540-68697-5_9">carefully timing how long it took</a> a computer to decrypt an encrypted message. The cryptosystem designers hadn’t imagined that an attacker would take that approach, so their system was vulnerable to it.</p>
<p>There have been many other attacks through the years using all sorts of different approaches. The recent <a href="https://meltdownattack.com/">Meltdown and Spectre</a> vulnerabilities that exploit design flaws in computer processors, are also side-channel attacks. They enable malicious applications to snoop on other applications’ data in the computer memory. </p>
<h2>Monitoring on the go</h2>
<p>Mobile devices are perfect targets for this sort of attack from an unexpected direction. They are <a href="https://source.android.com/devices/sensors/sensor-types">stuffed with sensors</a>, usually including at least one accelerometer, a gyroscope, a magnetometer, a barometer, up to four microphones, one or two cameras, a thermometer, a pedometer, a light sensor and a humidity sensor.</p>
<p>Apps can access most of these sensors without asking for permission from the user. And by combining readings from two or more devices, it’s often possible to do things that users, phone designers and app creators alike may not expect.</p>
<p>In <a href="https://dl.acm.org/citation.cfm?doid=2627393.2627417">one recent project</a>, we developed an app that could determine what letters a user was typing on a mobile phone’s on-screen keyboard – without reading inputs from the keyboard. Rather, we combined information from the phone’s gyroscope and its microphones.</p>
<p>When a user taps on the screen in different locations, the phone itself rotates slightly in ways that can be measured by the <a href="https://learn.sparkfun.com/tutorials/gyroscope/all">three-axis micromechanical gyroscopes</a> found in most current phones. Further, tapping on a phone screen produces a sound that can be recorded on each of a phone’s multiple microphones. A tap close to the center of the screen will not move the phone much, will reach both microphones at the same time, and will sound roughly the same to all the microphones. However, a tap at the bottom left edge of the screen will rotate the phone left and down; it will reach the left microphone faster; and it will sound louder to microphones near the bottom of the screen and quieter to microphones elsewhere on the device.</p>
<p>Processing the movement and sound data together let us determine what key a user pressed, and we were right over 90 percent of the time. This sort of function could be added secretly to any app and could run unnoticed by a user.</p>
<h2>Identifying a location</h2>
<p>We then wondered whether a malicious application could infer a user’s whereabouts, including where they lived and worked, and what routes they traveled – information most people consider very private.</p>
<p>We wanted to find out whether a user’s location could be identified using only sensors that don’t require users’ permission. The route taken by a driver, for instance, can be simplified into a series of turns, each in a certain direction and with a certain angle. With another app, we used a phone’s compass to observe the person’s direction of travel. That app also used the phone’s gyroscope, measuring the sequence of turn angles of the route traveled by the user. And the accelerometer showed whether a user was stopped, or moving. </p>
<p>By measuring a sequence of turns, and stringing them together as a person travels, we could make a map of their movements. (In our work, we knew which city we were tracking people through, but a similar approach could be used to figure out what city a person was in.) </p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/204660/original/file-20180202-19925-l501qg.png?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/204660/original/file-20180202-19925-l501qg.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/204660/original/file-20180202-19925-l501qg.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=559&fit=crop&dpr=1 600w, https://images.theconversation.com/files/204660/original/file-20180202-19925-l501qg.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=559&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/204660/original/file-20180202-19925-l501qg.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=559&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/204660/original/file-20180202-19925-l501qg.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=703&fit=crop&dpr=1 754w, https://images.theconversation.com/files/204660/original/file-20180202-19925-l501qg.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=703&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/204660/original/file-20180202-19925-l501qg.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=703&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Matching the route of a smartphone with a trip through Boston.</span>
<span class="attribution"><a class="source" href="https://www.google.com/maps/dir/42.3470281,-71.0987153/42.3370778,-71.0897429/@42.3420599,-71.1012985,16z/am=t/data=!3m1!4b1!4m9!4m8!1m5!3m4!1m2!1d-71.1020206!2d42.3414756!3s0x89e379f4bcf581f7:0x79d33d7b8d6345e4!1m0!3e0">Screenshot of Google Maps</a>, <a class="license" href="http://creativecommons.org/licenses/by-nd/4.0/">CC BY-ND</a></span>
</figcaption>
</figure>
<p>Imagine we observe a <a href="https://www.google.com/maps/dir/42.3470281,-71.0987153/42.3370778,-71.0897429/@42.3424719,-71.0982838,16z/data=!4m9!4m8!1m5!3m4!1m2!1d-71.1020206!2d42.3414756!3s0x89e379f4bcf581f7:0x79d33d7b8d6345e4!1m0!3e0">person in Boston heading southwest</a>, turning 100 degrees to the right, making a sharp U-turn to the left to head southeast, turning slightly to the right, continuing straight, then following a shallow curve to the left, a quick jog to the right, bumping up and down more than usual on a road, turning 55 degrees right, and turning 97 degrees left and then making a slight curve right before stopping.</p>
<p>We developed an algorithm to match those movements up against a digitized map of the streets of the city the user was in, and determined which were the most likely routes a person might take. Those movements could identify a route driving from Fenway Park, along the Back Bay Fens, past the Museum of Fine Arts and arriving at Northeastern University.</p>
<p>We were even able to refine our algorithm to incorporate information about curves in roads and speed limits to help narrow options. We produced our results as a <a href="https://doi.org/10.1109/MSP.2017.25">list of possible paths</a> ranked by how likely the algorithm thought they were to match the actual route. About half the time, in most cities we tried, the real path a user followed was in the top 10 items on the list. Further refining the map data, sensor readings and the matching algorithm could substantially improve our accuracy. Again, this type of capability could be added to any app by a malicious developer, letting innocent-appearing apps snoop on their users. </p>
<p>Our research group is continuing to investigate how side-channel attacks can be used to reveal a variety of private information. For instance, measuring how a phone moves when its owner is walking could suggest how old a person is, whether they are male (with the phone in a pocket) or female (typically with the phone in a purse), or even health information about how steady a person is on his feet or how often she stumbles. We assume there is more your phone can tell a snoop – and we hope to find out what, and how, to protect against that sort of spying.</p><img src="https://counter.theconversation.com/content/65443/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Guevara Noubir has received funding for communications security research from the U.S. Department of Defense, the National Science Foundation, Google, Raytheon and Microsoft.</span></em></p>It’s not just fitness trackers – mobile phones can reveal users’ whereabouts too, even with location tracking turned off.Guevara Noubir, Professor of Computer and Information Science, Northeastern UniversityLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/882232017-11-29T02:25:26Z2017-11-29T02:25:26ZAn armed robber’s Supreme Court case could affect all Americans’ digital privacy for decades to come<figure><img src="https://images.theconversation.com/files/196798/original/file-20171128-28888-7jbmp4.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">How much can your cellphone reveal about where you go?</span> <span class="attribution"><a class="source" href="https://www.shutterstock.com/image-photo/surprised-man-holding-smartphone-connected-browsing-456114190">pathdoc/Shutterstock.com</a></span></figcaption></figure><p>A man named Timothy Carpenter planned and participated in several armed robberies at Radio Shack and T-Mobile stores in Michigan and Ohio between 2010 and 2012. He was caught, convicted and <a href="https://archives.fbi.gov/archives/detroit/press-releases/2014/cell-phone-store-robber-sentenced-to-116-years">sentenced to 116 years</a> in federal prison. His appeal, which <a href="https://www.supremecourt.gov/docket/docketfiles/html/qp/16-00402qp.pdf">was heard by the U.S. Supreme Court</a> on Nov. 29, will shape the life of every American for years to come – no matter which way it’s decided.</p>
<p>During its investigation of the robberies, the FBI got records not only of the phone calls made and received by Carpenter’s cellphone, but <a href="https://www.technologyreview.com/s/608042/warrantless-tracking-of-cell-phone-location-data-by-the-police-could-get-harder/">also its location over 127 days</a>. The information clearly placed Carpenter’s phone nearby at the times and places of each of the robberies, providing strong circumstantial evidence against him. But it also revealed other information unrelated to the investigation, such as which nights Carpenter slept at home and <a href="https://www.aclu.org/news/supreme-court-hear-first-cell-phone-location-data-case-0">what church he prayed in</a> on Sunday mornings. The FBI didn’t get a search warrant for that information; the agency just asked <a href="http://www.freep.com/story/news/2017/06/05/supreme-detroit-carpenter-cell-phone-privacy/370606001/">Carpenter’s cell service provider</a>, MetroPCS, for the data.</p>
<p>Carpenter is <a href="https://www.oyez.org/cases/2017/16-402">appealing his conviction</a> on the grounds that his Fourth Amendment right to be protected from an unreasonable search was violated because his cellphone location was tracked without a search warrant. If you have a cellphone, what the Supreme Court decides will affect you.</p>
<h2>Cell companies know where people are</h2>
<p>As part of providing their services, cellphone companies know where their users are. Mobile phones <a href="https://technogog.com/information/how-stuff-works-cell-phone-towers/">connect to nearby towers</a>, which have <a href="https://opensignal.com/blog/2012/08/10/how-to-tell-in-which-direction-a-cell-tower-lies/">separate antennas pointing different directions</a>. Noting which antennas on which towers a particular phone connects to allows the phone company to <a href="https://null-byte.wonderhowto.com/how-to/triangular-phone-tracking-works-how-fbi-traces-cell-phones-0168005/">triangulate</a> a fairly precise location.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/196796/original/file-20171128-28849-1vti6rd.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/196796/original/file-20171128-28849-1vti6rd.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/196796/original/file-20171128-28849-1vti6rd.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=352&fit=crop&dpr=1 600w, https://images.theconversation.com/files/196796/original/file-20171128-28849-1vti6rd.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=352&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/196796/original/file-20171128-28849-1vti6rd.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=352&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/196796/original/file-20171128-28849-1vti6rd.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=442&fit=crop&dpr=1 754w, https://images.theconversation.com/files/196796/original/file-20171128-28849-1vti6rd.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=442&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/196796/original/file-20171128-28849-1vti6rd.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=442&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Triangulating the location of a mobile device.</span>
<span class="attribution"><a class="source" href="https://www.nist.gov/news-events/news/2017/04/indoor-gps-apps-closer-reality-new-nist-challenge">N. Moayeri/NIST</a></span>
</figcaption>
</figure>
<p>In addition, technological advances are allowing cell towers to serve smaller and smaller areas. That means connected users are in even more specific locations. The <a href="https://www.fcc.gov/public-safety-and-homeland-security/policy-and-licensing-division/911-services/general/location-accuracy-indoor-benchmarks">FCC actually requires</a> phone companies to be able to locate most cellphones within 50 meters when they call 911, to be able to direct emergency responders to the correct location. </p>
<h2>Police want to track suspects’ movements</h2>
<p>It is in the public’s interest for police to be able to track, catch and convict criminals. But to protect innocent citizens from harassment, the Bill of Rights established a process requiring investigators to <a href="https://www.law.cornell.edu/constitution/fourth_amendment">get a judge’s signoff</a> before conducting most searches for evidence.</p>
<p>Early in the 20th century, <a href="https://www.law.cornell.edu/supremecourt/text/277/438">courts thought</a> phone wiretaps didn’t require a warrant as long as the physical wiretap equipment was placed outside a target’s home. Over time, the importance of the telephone as a communications medium and the rise of the internet <a href="https://dx.doi.org/10.2139/ssrn.421860">led to the increased protections</a> provided by the 1986 Stored Communications Act. That law <a href="http://uscode.house.gov/view.xhtml?path=/prelim@title18/part1/chapter121&edition=prelim">clarified constitutional procedure</a> for the telephone age. </p>
<p>Under the law, police need a warrant to tap a person’s phone and listen to all his conversations. Without a warrant, officers can <a href="http://caselaw.findlaw.com/us-supreme-court/442/735.html">see what numbers a phone called</a>, what numbers called that phone and when and how long the conversations lasted – but cannot eavesdrop on what was said.</p>
<p>Those rules have not been updated for the age of the mobile phone. As a result, a legal principle called the “<a href="https://repository.law.umich.edu/mlr/vol107/iss4/1/">third party doctrine</a>” applies in Carpenter’s case – and <a href="https://www.theatlantic.com/technology/archive/2013/12/what-you-need-to-know-about-the-third-party-doctrine/282721/">in dozens</a>, if not hundreds, of others. It says that if a person gives someone else a piece of information, that knowledge is no longer considered private. </p>
<p>In practice, it seems straightforward: If you tell a friend what you did last night, you can’t later stop your friend from telling the police what you said. And in fact, the Supreme Court has held that your friend could wear a “wire” so that the police can listen in, <a href="https://supreme.justia.com/cases/federal/us/425/435/case.html">without a warrant and without informing you</a>.</p>
<p>The way this plays out regarding the location of a cellphone is the assumption that by carrying a cellphone – which communicates on its own with the phone company – you have <a href="https://www.wired.com/story/supreme-courts-cell-phone-tracking-case-could-hurt-privacy/">effectively told the phone company</a> where you are. Therefore, your location isn’t private, and the police can get that information from the cellphone company without a warrant, and without even telling you they’re tracking you. This assumption is what Carpenter’s appeal is challenging.</p>
<h2>Technology intrudes on privacy</h2>
<p>I have been at the leading edge of data science for over 30 years. Based on my work on the <a href="https://www.coursera.org/learn/data-science-ethics">ethics of data science</a>, I believe the assumptions that were safe in 1986 – when almost nobody had cellphones and nearly all telephones were landlines serving fixed locations – are no longer reasonable. Back then, the information a phone user revealed to a phone company was very limited. Today, people disclose their location all the time, for routine, law-abiding activities, by carrying around cellphones.</p>
<p>Cellphone companies can know not only whom you call and for how long you speak, but where you are when you make the call, where you go in between calls and much more. They <a href="https://theconversation.com/7-in-10-smartphone-apps-share-your-data-with-third-party-services-72404">can deduce even more information</a>, such as individuals’ religious affiliations and any number of personal habits that might be better kept secret – including <a href="https://www.theverge.com/circuitbreaker/2017/9/25/16362296/gps-accuracy-improving-one-foot-broadcom">how often an employee uses the restroom</a> during a workday.</p>
<p>It makes no practical sense to claim a person could protect the privacy of their location and movements by not carrying a cellphone: The social and economic burden that would impose on each person would be too high.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/196797/original/file-20171128-28846-sodg9p.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/196797/original/file-20171128-28846-sodg9p.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/196797/original/file-20171128-28846-sodg9p.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/196797/original/file-20171128-28846-sodg9p.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/196797/original/file-20171128-28846-sodg9p.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/196797/original/file-20171128-28846-sodg9p.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/196797/original/file-20171128-28846-sodg9p.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/196797/original/file-20171128-28846-sodg9p.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">An automated license plate reader on the street.</span>
<span class="attribution"><a class="source" href="https://commons.wikimedia.org/wiki/File%3AMiovisionALPR2015.jpg">ScottMLiebenson</a>, <a class="license" href="http://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA</a></span>
</figcaption>
</figure>
<p>This threat to privacy goes well beyond mobile phones: <a href="https://www.aclu.org/issues/privacy-technology/location-tracking/you-are-being-tracked">Automated license plate readers</a> on bridges, roadsides and even police cars can easily record the identity of every vehicle, confirming its presence at a specific location at a particular time. A privacy-conscious person might give up driving, and instead rely on walking and taking public transportation. Cameras on the streets, at bus stops and in transit vehicles – coupled with tremendous recent advances in face recognition technology – can still <a href="https://www.perpetuallineup.org/">track every move</a> you make.</p>
<p><a href="http://theconversation.com/could-your-fitbit-data-be-used-to-deny-you-health-insurance-72565">Personal health devices</a> collect a great deal of information about users to help them achieve fitness goals, and may even be useful to provide <a href="https://tricorder.xprize.org/press-release/family-led-team-takes-top-prize-qualcomm-tricorder-xprize-competition">early diagnosis</a> of diseases. But <a href="https://www.engadget.com/2017/07/13/pacemaker-arson-trial-evidence/">information from a pacemaker</a> has already been used to <a href="https://www.csoonline.com/article/3162740/security/cops-use-pacemaker-data-as-evidence-to-charge-homeowner-with-arson-insurance-fraud.html">charge an alleged arsonist</a>, and a <a href="https://www.cnn.com/2017/04/25/us/fitbit-womans-death-investigation-trnd/index.html">Fitbit helped solve a murder</a>. </p>
<p>Companies that provide internet service <a href="https://www.washingtonpost.com/news/the-switch/wp/2017/03/29/what-to-expect-now-that-internet-providers-can-collect-and-sell-your-web-browser-history/">can learn a great deal</a> about their customers simply by observing what websites users connect to, even if they don’t read the contents of each web page or email message. As electronic personal assistants (like Siri and Alexa) and home devices (like Nest) become more common and used more heavily, they will soon <a href="http://theconversation.com/your-devices-latest-feature-they-can-spy-on-your-every-move-55998">learn even more intimate details</a> about people’s lives.</p>
<p>Declining to provide information to these “third party” service providers would require people to opt out of normal life – which isn’t really a choice.</p>
<h2>Privacy extends to companies too</h2>
<p><a href="http://www.pewresearch.org/fact-tank/2016/09/21/the-state-of-privacy-in-america/">Most Americans</a> don’t want their mobile phone companies to just hand over to police the enormous amount of information cellphones can reveal – at least not without getting a warrant first. But Americans’ privacy problem goes much deeper. Most people also don’t want their mobile phone companies to <a href="https://www.theverge.com/2017/8/24/16197262/accuweather-app-mobile-sdk-collect-user-data-privacy">sell these data</a> to others.</p>
<p>Many companies may seek that information to try to persuade more customers to buy their products, but nefarious uses are also possible. A person could be blackmailed with a threat of publicizing their (completely lawful) secrets – such as a particular health condition, religious affiliation or sexual preference.</p>
<p>Today, the protection people get goes only as far as the fine print of each service’s <a href="https://theconversation.com/nobody-reads-privacy-policies-heres-how-to-fix-that-81932">privacy policy</a>. When a company goes out of business, its creditors try to make money from its assets – including data collected from and about its users. That is why I have called for companies to take the <a href="http://www.bigdatadialog.com/privacy/data-destruction-pledge">Data Destruction Pledge</a>, promising that all customer data will be destroyed if the company ceases operation.</p>
<p>The FBI found Timothy Carpenter because <a href="http://www.abajournal.com/magazine/article/carpenter_v_united_states">one of his accomplices told them</a> about him. I believe the FBI could have obtained a search warrant to track Carpenter, if agents had applied for one.
Instead, federal agents got cellphone location data not just for Carpenter, but for <a href="http://harlaninstitute.org/lesson-plans/lesson-plan-carpenter-v-united-states/#background">15 other people</a>, most of whom were not charged with any crime. One of them could be you, and <a href="https://theconversation.com/feds-we-can-read-all-your-email-and-youll-never-know-65620">you’d likely never know it</a>.</p>
<p>The more people rely on external devices whose basic functions record and transmit important data about their lives, the more critical it becomes for everyone to have real protection for their private data stored on and communicated by these devices.</p><img src="https://counter.theconversation.com/content/88223/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>H V Jagadish receives funding for his research from multiple sources including NSF, NIH, and IBM.</span></em></p>Should police be able to use cellphone records to track suspects – and law-abiding citizens?H.V. Jagadish, Bernard A. Galler Collegiate Professor of Electrical Engineering and Computer Science, University of MichiganLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/740722017-03-14T19:12:47Z2017-03-14T19:12:47ZFrom disaster planning to conservation: mobile phones as a new tracking tool<figure><img src="https://images.theconversation.com/files/160630/original/image-20170314-9628-ebme4d.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Mobile phones can be used as human tracking devices.</span> <span class="attribution"><span class="source">Shutterstock/Maxx Studio</span></span></figcaption></figure><p>We can learn a lot about things by studying how they move through the world and interact with the environment.</p>
<p>In the past, for example, it was possible to study the mobility of people within the United States by monitoring things such as the <a href="http://www.nature.com/nature/journal/v439/n7075/abs/nature04292.html">movement of banknotes</a>. Today we can use something that is much more global and widely available than US cash.</p>
<p>Mobile phones have almost totally infiltrated human society, with the number estimated at <a href="https://www.cia.gov/library/publications/the-world-factbook/rankorder/2151rank.html">more than 7 billion in 2014</a>. Ownership of mobile phones <a href="http://www.pewglobal.org/2016/02/22/smartphone-ownership-rates-skyrocket-in-many-emerging-economies-but-digital-divide-remains/">continues to grow</a>, even in some of the poorest countries.</p>
<p>Many of those phones are geolocated, continuously providing the geographic location of the user, so effectively acting as tracking devices for human populations.</p>
<p>As biologists, our understanding of animals has been transformed over the past four decades by our ability to track their movements and behaviour.</p>
<p>We were interested to see what we can learn from the use of mobile phones tracking, as we show in a study published this month in <a href="http://www.cell.com/trends/ecology-evolution/fulltext/S0169-5347(16)30239-7">Trends in Ecology and Evolution</a>.</p>
<p>It’s now possible to use the mobile phone data to gain a better insight into human movement under certain conditions.</p>
<p>For example, mobile phone data was used to study the movement of people during the <a href="http://dx.doi.org/10.1371/journal.pmed.1001083">2010 earthquake</a> and subsequent cholera outbreak in Haiti, and <a href="http://dx.doi.org/10.1371/journal.pone.0112608">Hurricane Sandy</a> in the United States in 2012.</p>
<p>It was interesting to note that the human reaction to escape from certain events we found was close to that of some animal groups, such as birds and fish, when <a href="http://dx.doi.org/10.1016/j.anbehav.2011.07.006">fleeing from attack</a>.</p>
<p>Such studies can help predict how people will respond in the future to any emergencies, and help to improve the delivery of any aid or disaster relief.</p>
<h2>Conservation with mobile phones</h2>
<p>The detail, immediacy and sheer volume of data from mobile phones also offers innovative ways to monitor and possibly solve some of the most pressing conservation problems that animal populations now face.</p>
<p>For example, geolocated phones are changing the way we tackle the crisis of illegal wildlife trade. </p>
<p>Not only is it a major driver of species extinctions, but the human cost is high with more than <a href="https://www.iucn.org/content/rising-murder-toll-park-rangers-calls-tougher-laws">1,000 wildlife rangers killed</a> in the line of duty over a ten-year period.</p>
<p>In India, rangers on the front line <a href="http://www.thehindu.com/news/cities/Coimbatore/now-an-app-to-monitor-wildlife-in-mudumalai/article7620741.ece">use a smartphone app</a> to monitor movements and record sightings of targeted species, such as tigers, and to report suspicious activity. </p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/160250/original/image-20170310-3680-107f7hs.JPG?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/160250/original/image-20170310-3680-107f7hs.JPG?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/160250/original/image-20170310-3680-107f7hs.JPG?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=399&fit=crop&dpr=1 600w, https://images.theconversation.com/files/160250/original/image-20170310-3680-107f7hs.JPG?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=399&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/160250/original/image-20170310-3680-107f7hs.JPG?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=399&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/160250/original/image-20170310-3680-107f7hs.JPG?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=501&fit=crop&dpr=1 754w, https://images.theconversation.com/files/160250/original/image-20170310-3680-107f7hs.JPG?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=501&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/160250/original/image-20170310-3680-107f7hs.JPG?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=501&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Rangers are using smartphone apps to improve the ways in which they can protect endangered wildlife from poachers such as this leopard.</span>
<span class="attribution"><span class="source">Rob Harcourt</span></span>
</figcaption>
</figure>
<p>In Africa, <a href="https://ilabafricastrathmore.wordpress.com/2016/09/20/the-wild-app-helping-conserve-our-wild-animals/">mobile phones help rangers</a> collate social and environmental information about reserves and encounter rates with animals killed by poachers. </p>
<p>The data collected by these apps is vital to combating the wildlife trade, improving our understanding of movements of both animal and poachers. </p>
<p>Phones confiscated from poachers even provide intelligence on their hunting strategies and trading networks. </p>
<h2>Out on the oceans</h2>
<p><a href="http://www.abc.net.au/news/2016-09-16/illegal-fishing-watch-site-crowdsourced-solution-overfishing/7851064">Illegal fishing</a> and <a href="http://www.bbc.com/future/story/20120920-are-we-running-out-of-fish">overfishing</a> is an enormous global problem. Yet accurate data on the behaviour of fisherfolk is both difficult and expensive to collect, and notoriously misreported. </p>
<p>Mobile phone apps can <a href="https://pubs.er.usgs.gov/publication/70173688">offer a simple solution</a> to this problem, providing real-time data to estimate fishing pressure and catch statistics.</p>
<p>Importantly, they also describe movements among locations, tracking compliance to regulations and the risk of spread of invasive species.</p>
<p>At the scale of stocks, data helps minimise bycatch to reduce the environmental impacts of open ocean fleets. </p>
<p>At a global scale, <a href="https://www.amsa.gov.au/navigation/services/ais/">automatic ship identification systems</a> allow observers to track real-time movements of fishing fleets across oceans. </p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/160249/original/image-20170310-2293-4o4ck7.png?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/160249/original/image-20170310-2293-4o4ck7.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/160249/original/image-20170310-2293-4o4ck7.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=360&fit=crop&dpr=1 600w, https://images.theconversation.com/files/160249/original/image-20170310-2293-4o4ck7.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=360&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/160249/original/image-20170310-2293-4o4ck7.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=360&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/160249/original/image-20170310-2293-4o4ck7.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=452&fit=crop&dpr=1 754w, https://images.theconversation.com/files/160249/original/image-20170310-2293-4o4ck7.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=452&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/160249/original/image-20170310-2293-4o4ck7.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=452&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Automatic vessel identification systems provide movement of fishing vessels. The scale shows the volume of traffic.</span>
<span class="attribution"><span class="license">Author provided</span></span>
</figcaption>
</figure>
<h2>From roadkill to save the whale</h2>
<p>Road vehicles and trains kill trillions of insects and millions of other animals every year. Mitigation is difficult because gathering data on roadkill is both time consuming and expensive. </p>
<p><a href="https://www.newscientist.com/article/dn25709-roadkill-app-tracks-animal-deaths-in-car-collisions/">Mobile apps provide a solution</a> by enlisting citizen science to provide essential data the location and species type of any roadkill.</p>
<p>This information can be used to mitigate impacts through the identification of roadkill hot spots and migration corridors. </p>
<p>The data could be programmed into navigation systems for cars to warn drivers where and which animals are most likely to appear on roads. This type of approach is already being adopted to reduce ship-strike. </p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/160251/original/image-20170310-3687-11tipp9.JPG?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/160251/original/image-20170310-3687-11tipp9.JPG?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/160251/original/image-20170310-3687-11tipp9.JPG?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=399&fit=crop&dpr=1 600w, https://images.theconversation.com/files/160251/original/image-20170310-3687-11tipp9.JPG?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=399&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/160251/original/image-20170310-3687-11tipp9.JPG?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=399&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/160251/original/image-20170310-3687-11tipp9.JPG?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=501&fit=crop&dpr=1 754w, https://images.theconversation.com/files/160251/original/image-20170310-3687-11tipp9.JPG?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=501&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/160251/original/image-20170310-3687-11tipp9.JPG?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=501&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Analyses of whale movements and shipping data can help reduce the likelihood of collisions which are often fatal for whales.</span>
<span class="attribution"><span class="source">Rob Harcourt</span></span>
</figcaption>
</figure>
<p>Shipping has grown enormously over the last century and is now responsible for transportation of <a href="http://www.imo.org/en/OurWork/Environment/Pages/Default.aspx">90% of global trade</a>. More than 90,000 commercial vessels crowd global shipping routes putting large marine animals such as whales and turtles at risk.</p>
<p><a href="http://science.sciencemag.org/content/309/5734/561.full">Ship-strike is so common</a> in the North Atlantic that right whales are failing to recover from whaling, despite more than a century of protection. </p>
<p>As a consequence, authorities have developed a <a href="http://www.whalealert.org/">Whale Alert app</a> that uses automatic vessel identification systems to provide real-time information on vessel movements combined with animal tracking data to reduce ship-strike deaths.</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/6pcwx48vSlQ?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
</figure>
<p>These are just some examples of the ways that tracking data from mobile phones can be used to help monitor the movement of humans and animals.</p>
<p>But the data available is only set to grow as we see the greater use of wearable devices and the linking of digital social networks.</p><img src="https://counter.theconversation.com/content/74072/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Rob Harcourt receives funding from the Australian Research Council, The Integrated Marine Observing System and the Department of Environment, Australian Marine Mammal Centre.</span></em></p><p class="fine-print"><em><span>Carlos Duarte receives funding fromKing Abdullah University of Science and Technology</span></em></p><p class="fine-print"><em><span>Mark Meekan receives funding from Vulcan Inc, a Paul G, Allen Foundation and Quadrant Energy Ltd. </span></em></p>You can learn a lot about the movement of people and animals if you tap into the tracking data from many of today’s mobile phones.Rob Harcourt, Professor of Marine Ecology, Macquarie UniversityCarlos M. Duarte, Adjunct professor, King Abdullah University of Science and TechnologyMark Meekan, Principal Research Scientist, Australian Institute of Marine ScienceLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/646532016-10-27T01:40:21Z2016-10-27T01:40:21ZDeep underground, smartphones can save miners’ lives<p>American mining production <a href="https://fred.stlouisfed.org/series/IPG21SQ">increased earlier this decade</a>, as industry sought to reduce its reliance on other countries for key minerals such as coal for energy and rare-earth metals for use in consumer electronics. But mining is dangerous – <a href="https://www.msha.gov/data-reports/statistics/mine-safety-and-health-glance">working underground carries risks</a> of explosions, fires, flooding and dangerous concentrations of poisonous gases.</p>
<p>Mine accidents have <a href="http://www.wvminesafety.org/fatal97.htm">killed tens of thousands</a> of mine workers worldwide in just the past decade. Most of these accidents occurred in structurally diverse underground mines with extensive labyrinths of interconnected tunnels. As mining progresses, workers move machinery around, which creates a continually changing environment. This makes search and rescue efforts even more complicated than they might otherwise be.</p>
<p>To address these dangers, <a href="http://arlweb.msha.gov/MinerAct/MinerActSingleSource.asp">U.S. federal regulations</a> require mine operators to monitor levels of methane, carbon monoxide, smoke and oxygen – and to warn miners of possible danger due to air poisoning, flood, fire or explosions. In addition, mining companies must have accident-response plans that include systems with two key capabilities: enabling two-way communications between miners trapped underground and rescuers on the surface, and tracking individual miners so responders can know where they need to dig.</p>
<p>So far, efforts to design systems that are both reliable and resilient when disaster strikes have run into significant roadblocks. My research group’s work is aimed at enhancing commercially available smartphones and wireless network equipment with software and hardware innovations to create a system that is straightforward and relatively simple to operate.</p>
<h2>Existing connections</h2>
<p>The past decade has seen several efforts to develop monitoring and emergency communication systems, which generally can be classified into three types: through-the-wire, through-the-Earth and through-the-air. Each has different flaws that make them less than ideal options.</p>
<p>Wired systems use coaxial cables or optical fibers to connect monitoring and communications equipment throughout the mine and on the surface. But these are costly and vulnerable to damage from fires and tunnel collapses. Imagine, for example, if a wall collapse cut off a room from its connecting tunnels: Chances are the cable in those tunnels would be damaged too.</p>
<p>Systems that send signals through the Earth use large loop antennas to send low-frequency radio waves through dirt and rock. The signals can’t carry much information beyond simple texts or sensor readings, and the equipment is expensive and bulky. </p>
<p>Airwave setups use wireless links, like cordless phones or Wi-Fi signals, to span distances of 1,000 to 2,500 feet. But these have limitations too. They depend on wired base stations distributed throughout mines, which are very like the wired-only systems and have similar cost and connectivity problems. </p>
<h2>Tracking underground</h2>
<p>Because they have to track individual miners’ movements underground, all of these systems also require every worker to carry expensive custom sensing units. The costs involved have meant that so far, most mines today use equipment that provides the bare minimum amount of safety required. This includes manually tracking miners’ locations using two-way pagers or video surveillance.</p>
<figure class="align-right zoomable">
<a href="https://images.theconversation.com/files/143318/original/image-20161026-32322-1has19l.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/143318/original/image-20161026-32322-1has19l.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/143318/original/image-20161026-32322-1has19l.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=445&fit=crop&dpr=1 600w, https://images.theconversation.com/files/143318/original/image-20161026-32322-1has19l.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=445&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/143318/original/image-20161026-32322-1has19l.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=445&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/143318/original/image-20161026-32322-1has19l.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=559&fit=crop&dpr=1 754w, https://images.theconversation.com/files/143318/original/image-20161026-32322-1has19l.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=559&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/143318/original/image-20161026-32322-1has19l.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=559&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">It’s easy to get lost in here.</span>
<span class="attribution"><span class="source">Sudeep Pasricha/Colorado State University</span>, <a class="license" href="http://creativecommons.org/licenses/by-nc/4.0/">CC BY-NC</a></span>
</figcaption>
</figure>
<p>If newer methods for tracking, sensing and communication could be developed, we could detect precursors to mishaps (such as noxious or combustible gas level concentrations in certain parts of a mine), and better aid rescue efforts in the aftermath of an accident. In my research, we’re trying to use regular consumer smartphones and smart wireless devices to solve these problems. This sort of system takes advantage of the facts that most people have phones with them all the time, and that modern smartphones have a wide range of sensors already built in.</p>
<p>Some prior work of mine found a way to <a href="http://dx.doi.org/10.1109/CODESISSS.2015.7331366">use smartphones to navigate indoor spaces</a>. We started by measuring the strength of the Wi-Fi signals the phone was receiving to approximate the distance the phone was from known transmitter locations. We factored in measurements from the phone’s inertial sensors to determine speed and direction of movement. And we applied a mathematical technique called <a href="http://www.cs.unc.edu/%7Ewelch/kalman/">Kalman filtering</a> to determine other useful information from additional sensors – such as number of steps taken.</p>
<p>When all these data were processed by machine learning techniques, we could determine a user’s location within one to three meters, despite noisy or erroneous readings from Wi-Fi radios and inertial sensors. That was much better than prior methods for indoor location-sensing based on inertial sensor readings and fingerprinting. But these studies were done above ground.</p>
<p>Doing the same thing underground is much more difficult. Not only are Wi-Fi signals unavailable underground, but other wireless signals, such as those from cellphone towers, are also not present. Even what signals are there, from communications equipment in the mine, bounce off uneven surfaces, are absorbed by earthen walls and must pass equipment and other obstacles in tunnels of varying dimensions. These complexities make determining a specific location even harder for an electronic device.</p>
<p>Moreover, sensors and smartphones used in mines must be particularly energy-efficient because recharging stations are scarce. And they must not use much power, to avoid igniting subsurface gases.</p>
<h2>A new approach</h2>
<p>Our research involves designing a wireless network made up of many low-cost stationary <a href="http://dx.doi.org/10.1016/j.procs.2012.09.091">Zigbee or Bluetooth sensors</a> deployed strategically around the mine, creating a web or mesh network that can connect with smartphones carried by the miners. We’ll design the exact location of the fixed sensors based on an <a href="http://dx.doi.org/10.1109/TMTT.2004.828457">analysis of how radio signals travel</a> in complex, changing and noisy <a href="http://inside.mines.edu/Mining-Edgar-Mine">underground mines</a>.</p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/143317/original/image-20161026-11236-trjutl.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/143317/original/image-20161026-11236-trjutl.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=465&fit=crop&dpr=1 600w, https://images.theconversation.com/files/143317/original/image-20161026-11236-trjutl.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=465&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/143317/original/image-20161026-11236-trjutl.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=465&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/143317/original/image-20161026-11236-trjutl.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=584&fit=crop&dpr=1 754w, https://images.theconversation.com/files/143317/original/image-20161026-11236-trjutl.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=584&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/143317/original/image-20161026-11236-trjutl.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=584&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">A proposed system layout for underground mine monitoring, tracking and communication.</span>
<span class="attribution"><span class="source">Sudeep Pasricha/Colorado State University</span>, <a class="license" href="http://creativecommons.org/licenses/by-nd/4.0/">CC BY-ND</a></span>
</figcaption>
</figure>
<p>We’re also working to design new software algorithms and filtering techniques that can work on smartphones. When connected to the wireless mesh network, they will be able to accurately and efficiently calculate location in mines, despite the highly unpredictable nature of wireless signals.</p>
<p>Our hope is that we’ll figure out how to build a combination cyber and physical system for monitoring, communication and tracking in underground mines under normal conditions. Such a setup would also be helpful in emergency response and rescue operations. This could not only improve the safety of <a href="https://fred.stlouisfed.org/series/CEU1021200001">hundreds of thousands of American miners</a>, but also offer new opportunities for communications and improving human safety in a variety of extreme environments.</p><img src="https://counter.theconversation.com/content/64653/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Sudeep Pasricha receives funding from the National Science Foundation on themes related to what is described in this article.</span></em></p>Mine communications are complex, slow and unreliable. The solution to keeping miners safe, and rescuing them when disaster strikes, might just be in their hands already.Sudeep Pasricha, Associate Professor of Electrical and Computer Engineering and Computer Science , Colorado State UniversityLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/592472016-07-03T20:07:19Z2016-07-03T20:07:19ZHow ants walk backwards carrying a heavy load and still find home<figure><img src="https://images.theconversation.com/files/128261/original/image-20160627-28366-710z6g.png?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Myrmecia croslandi ant carrying its prey backwards.</span> <span class="attribution"><a class="source" href="https://www.flickr.com/photos/myrmex/6935406278/in/album-72157594447358325/">Flickr/Ajay Narendra</a>, <span class="license">Author provided</span></span></figcaption></figure><p>Imagine carrying something heavy, like a couch, and walking backwards as you move it to a desired place. Now imagine doing it alone every day for tens of kilometres, but with the same ease as walking forwards and still reaching the place.</p>
<p>This is similar to what the Jack Jumper ant, <em><a href="http://www.antwiki.org/wiki/Myrmecia_croslandi">Myrmecia croslandi</a></em>, does almost everyday.</p>
<p>But the ability of these ants to navigate and reach home is not diminished by walking backwards while dragging heavy food, according to a study by researchers at the Insect Robotics Lab at the University of Edinburgh, Scotland, <a href="http://journal.frontiersin.org/article/10.3389/fnbeh.2016.00069/full">published in Frontiers of Behavioural Neuroscience</a> in April this year.</p>
<p>How these ants do this is an interesting problem, and figuring that out could have a use in some of the latest technologies on driverless cars currently under development. More on that later.</p>
<h2>The hunt for food</h2>
<p><em>Myrmecia croslandi</em> are commonly found in the <a href="http://bie.ala.org.au/species/Myrmecia+croslandi">eastern regions</a> of Australia and nest in the ground. They get the name Jack Jumpers due to their ability to jump. </p>
<p>Each morning, individual ants go out searching for food (nectar or insects), and if they find an insect, they sting it and pick it up in their mandibles (insect jaw).</p>
<p>If the food is heavy, the ants drag it backwards while occasionally looking forward, and still manage to make their way home.</p>
<p>You may have seen ants in your garden carrying a dead insect or some other source of food. Some ants work together to carry the food.</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/1t-eGe1NEAw?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
</figure>
<p>Others pull it alone.</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/E6zDArY88dc?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
</figure>
<p>Whether they do it together or alone, they all need to reach home once they have found food. But how do they know their way back? </p>
<h2>Finding their way home</h2>
<p>You might know that <a href="http://www.bbc.com/earth/story/20150526-ants-navigate-despite-tiny-brains">some ants use chemical trails</a> to navigate from one place to another.</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/yW4NBBM7mYQ?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
</figure>
<p>But solitary foraging ants such as the Jack Jumpers do not use the chemical trails. So how do they not get lost?</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/ZSvzQ8Tp9J0?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
<figcaption><span class="caption">A Jack jumper species pulls its prey backwards.</span></figcaption>
</figure>
<p>The solitary foraging ants use various visual cues to navigate: the sun’s position, panoramic view, landmarks and so on.</p>
<p>A widespread assumption is that an ant scans and memorises all the nest-ward views while it goes out foraging – similar to taking snapshots.</p>
<p>When it has to return home, it matches the memory of experienced views to current views and moves towards the direction with minimum difference between them (retinotopic alignment), while comparing the views continually.</p>
<p>Researchers at the Insect Robotics Lab tested this by displacing ants from their nest and seeing if they could return while pulling food backwards. That is, without facing the same way as when their memory was stored.</p>
<p>Surprisingly, the ants took similar paths home as they would moving forwards without food. This means that continuously aligning themselves towards minimum difference in the view comparison might not be necessary. </p>
<p>So how do they navigate?</p>
<p>Barbara Webb was the principal investigator of the study and, in an email conversation, she said the ants could be taking images and comparing them continuously, but are able to mentally rotate the views to adjust to backward walking. </p>
<p>Alternatively, they could be matching the views only when they occasionally look forward, and then make corrections to their path accordingly. </p>
<p>In this case, they could be maintaining their chosen direction by using a sky compass, such as the sun or other cues. This means they use information from visual memory and also the celestial cues from the sky to travel in the right direction. </p>
<h2>Driverless cars</h2>
<p>Self-driving cars or autonomous robots could have something to learn from the humble ants, and the race is on to find the best way for them to cope with <a href="https://theconversation.com/driverless-cars-need-to-hit-the-road-come-rain-wind-or-shine-60436">a range of conditions</a>, including severe weather. </p>
<p>What if self-driving cars were constantly taking images of their surroundings to monitor traffic lights, road signs, pedestrians etc. In addition to other ways of sensing the surroundings, they could use the same set of simple rules that ants use to visually navigate in their complex terrain.</p>
<p>Further studies are obviously needed to try to answer how these ants manage to navigate. Until then, you know what to do next time when you see ants in your kitchen or garden. Give them a cookie crumb and observe them lug the heavy booty. Perhaps displace them with the crumb to a far place, and see what they do.</p><img src="https://counter.theconversation.com/content/59247/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Ravindra Palavalli Nettimi receives funding from Macquarie University (International Macquarie University Research Excellence Scholarship) for his PhD. </span></em></p>The navigation tactics of certain Australian ants could point the way to helping driverless cars find their way around.Ravindra Palavalli-Nettimi, PhD student in Ecological Neuroscience, Macquarie UniversityLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/524122016-01-25T10:48:46Z2016-01-25T10:48:46ZThe heavy price we pay for ‘free’ Wi-Fi<p>For many years, New York City has been developing a “free” public Wi-Fi project. Called LinkNYC, it is an ambitious effort to bring wireless Internet access to all of the city’s residents. </p>
<p>This is the latest in a longstanding trend in which companies offer ostensibly free Internet-related products and services, such as social network access on Facebook, search and email from Google or the free Wi-Fi now commonly provided in cafes, shopping malls and airports.</p>
<p>These free services, however, come at a cost. Use is free on the condition that the companies providing the service can collect, store and analyze users’ valuable personal, locational and behavioral data. </p>
<p>This practice carries with it poorly appreciated privacy risks and an opaque exchange of valuable data for very little. </p>
<p>Is free public Wi-Fi, or any of these other services, really worth it? </p>
<h2>Origins of LinkNYC</h2>
<p>New York City began <a href="https://web.archive.org/web/20141005103333/http://www.nyc.gov/html/doitt/downloads/pdf/payphone_rfi.pdf">exploring</a> a free public Wi-Fi network back in 2012 to replace its aging public phone system and <a href="https://web.archive.org/web/20140513114014/http://www.nyc.gov/html/doitt/downloads/pdf/Public-Comm-Structures-RFP-Fact-Sheet-04-30-14.pdf">called for proposals</a> two years later. </p>
<p><a href="https://web.archive.org/web/20150914192452/http://www.link.nyc/assets/downloads/LinkNYC-Media-Kit.pdf">The winning bid</a> came from CityBridge, a partnership of four companies including advertising firm Titan and designer Control Group. </p>
<p>Their proposal involved building a network of 10,000 kiosks (dubbed “links”) throughout the city that would be outfitted with high-speed Wi-Fi routers to provide Internet, free phone calls within the U.S., a cellphone charging station and a touchscreen map. </p>
<p>Recently, Google <a href="http://www.prnewswire.com/news-releases/dan-doctoroff-and-google-announce-sidewalk-labs-300097255.html">created</a> a company called Sidewalk Labs, which snapped up Titan and Control Group and <a href="https://www.theverge.com/2015/6/23/8834863/google-sidewalk-labs-linknyc-free-wifi">merged</a> them. </p>
<p>Google, a company whose business model is all about collecting our data, thus became a key player in the entity that will provide NYC with free Wi-Fi. </p>
<h1>How free is ‘free’?</h1>
<p>Like many free Internet products and services, the LinkNYC will be supported by advertising revenue. </p>
<p>LinkNYC is expected to generate about US$500 million in advertising revenue for New York City over the next 12 years from the <a href="http://www1.nyc.gov/site/doitt/initiatives/linknyc.page">display of digital ads</a> on the kiosks’ sides and <a href="http://www.link.nyc/assets/downloads/LinkNYC-Fact-Sheet.pdf">via people’s cellphones</a>. The model works by providing free access in exchange for users’ personal and behavioral data, which are then used to target ads to them. </p>
<p>Yet <a href="http://www.link.nyc/assets/downloads/Privacy-Policy.pdf">LinkNYC’s privacy policy</a> doesn’t actually use the word “advertising,” preferring instead to vaguely state it “may use your information, including Personally Identifiable Information,” to provide information about goods or services of interest.</p>
<p>It also isn’t clear the extent to which the network could be used to track people’s location.</p>
<p>Titan previously made headlines in 2014 after <a href="http://arstechnica.com/tech-policy/2014/10/new-york-city-orders-bluetooth-beacons-in-pay-phones-to-come-down/">installing</a> Bluetooth beacons in over 100 pay phone booths, for the purpose of testing the technology, without the city’s permission. Titan was subsequently ordered to remove them.</p>
<p>But the beacons <a href="http://www.link.nyc/assets/downloads/LinkNYC-Fact-Sheet.pdf">are back</a> as part of the LinkNYC contract, though users have to choose to opt in to the location services. The beacons allow targeted ads to be delivered to cellphones as people pass the hotspots, but their use isn’t spelled out in the privacy policy.</p>
<p>After close examination, it becomes evident that far from being free, use of LinkNYC comes with the price of mandatory collection of potentially sensitive personal, locational and behavioral data.</p>
<p>This is all standard practice in the terms of use and privacy policies for free Internet-based products and services. Can we really consider this to be a fully informed agreement and transparent exchange when the actual uses of the data, and the privacy and security implications of these uses, are not clear?</p>
<h2>A privacy paradox</h2>
<p>People’s widespread use of products and services with these data collection and privacy infringing practices is curiously at odds with what they say they are willing to tolerate in studies.</p>
<p>Surveys consistently show that people value their privacy. <a href="http://www.pewinternet.org/2015/05/20/americans-attitudes-about-privacy-security-and-surveillance/">In a recent Pew survey</a>, 93 percent of adults said that being in control of who can get information about them is important, and 90 percent said the same about what information is collected. </p>
<p>In experiments, people quote high prices for which they would be willing to sell their data. For instance, <a href="http://infosecon.net/workshop/pdf/location-privacy.pdf">in a 2005 study</a> in the U.K., respondents said they would sell one month’s access to their location (via a cellphone) for an average of £27.40 (about US$50 based on the exchange rate at the time or $60 in <a href="https://www.measuringworth.com/uscompare/relativevalue.php">inflation-adjusted</a> terms). The figure went up even higher when subjects were told third party companies would be interested in using the data.</p>
<p>In practice, though, people trade away their personal and behavioral data for very little. This privacy paradox is on full display in the free Wi-Fi example. </p>
<p>Breaking down the economics of LinkNYC’s business model, recall that an estimated $500 million in total ad revenue will be collected over 12 years. With 10,000 Links, and approximately eight million people in New York City, the monthly revenue per person per link is $0.000043. </p>
<p>Fractions of a cent. This is the indirect valuation that users accept from advertisers in exchange for their personal, locational and behavioral data when using the LinkNYC service. Compare that with the value U.K respondents put on their locational data alone. </p>
<p>How to explain this paradoxical situation? In valuing their data in experiments, people are usually given the full context of what information will be collected and how it will be used. </p>
<p>In real life, though, a lot of people <a href="http://www.theguardian.com/money/2011/may/11/terms-conditions-small-print-big-problems">don’t read</a> the terms of use or privacy policy. Those that do are not always able to understand what these documents are saying owing partly to the legalese used and partly to the intentionally vague wording of some passages. </p>
<p>People thus end up exchanging their data and their privacy far less than they might in a transparent and open market transaction.</p>
<p>The business model of some of the most successful tech companies is built on this opaque exchange between data owner and service provider. The same opaque exchange occurs on social networks like <a href="http://www.newyorker.com/business/currency/facebook-should-pay-all-of-us">Facebook</a>, online search and online journalism.</p>
<h2>Part of a broader trend</h2>
<p>It’s ironic that, in this supposed age of abundant information, people are so poorly informed about how their valuable digital assets are being used before they unwittingly sign their rights away. </p>
<p>To grasp the consequences of this, think about how much personal data you hand over every time you use one of these “free” services. Consider how upset people have been in recent years due to large-scale data breaches: for instance, the more than 22 million who lost their background check records in the Office of Personnel Management hack. </p>
<p>Now imagine the size a file of <em>all</em> your personal data in 2020 (including financial data, like <a href="https://www.propublica.org/article/everything-we-know-about-what-data-brokers-know-about-you">purchasing history</a>, or <a href="http://www.scientificamerican.com/article/how-data-brokers-make-money-off-your-medical-records/">health data</a>) after years of data tracking. How would you feel if it were sold to an unknown foreign corporation? How about if your insurance company got ahold of it and raised your rates? Or if an organized crime outfit stole all of it? This is the path that we are on.</p>
<p>Some have already made this realization, and a countervailing trend is already under way, one that gives technology users more control over their data and privacy. Mozilla <a href="https://blog.mozilla.org/blog/2015/11/03/firefox-now-offers-a-more-private-browsing-experience/">recently updated</a> its Firefox browser to allow users to block ads and trackers. Apple too has avoided an advertising business model, and the personal data harvesting that it necessitates, instead opting to make its money from hardware, app and digital music or video sales. </p>
<p>Developing a way for people to correctly value their data, privacy and information security would be a major additional step forward in developing financially viable, private and secure alternatives.</p>
<p>With it might come the possibility of an information age where people can maintain their privacy and retain ownership and control over their digital assets, should they choose to.</p><img src="https://counter.theconversation.com/content/52412/count.gif" alt="The Conversation" width="1" height="1" />
New York City is developing a ‘free’ public Wi-Fi network to be deployed throughout the city, but the poorly appreciated price is our privacy.Benjamin Dean, Fellow for Internet Governance and Cyber-security, School of International and Public Affairs, Columbia UniversityLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/460152015-09-02T20:05:58Z2015-09-02T20:05:58ZGive me location data, and I shall move the world<figure><img src="https://images.theconversation.com/files/93602/original/image-20150902-13432-za251i.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">A geomobile revolution is coming.</span> <span class="attribution"><span class="source">Image sourced from Shutterstock.com</span></span></figcaption></figure><p>Behind the success of the new wave of location based mobile apps taking hold around the world is digital mapping. Location data is core to popular ride-sharing services such as Uber and Lyft, but also to companies such as Amazon or Domino’s Pizza, which are <a href="http://www.amazon.com/b?node=8037720011">testing drones</a> for faster deliveries. </p>
<p>Last year, German delivery firm DHL launched its first “<a href="http://www.theguardian.com/technology/2014/sep/25/german-dhl-launches-first-commercial-drone-delivery-service">parcelcopter</a>” to send medication to the island of Juist in the Northern Sea. In the <a href="http://uaviators.org/">humanitarian domain</a>, drones are also being tested for disaster relief operations.</p>
<p>Better maps can help app-led companies gain a competitive edge, but it’s hard to produce them at a global scale. A few select players have engaged in a fierce mapping competition. Google leads the race so far, but others are trying to catch up fast. Apple has enlarged its mapping team and renewed its licensing agreement with TomTom. TomTom has <a href="http://www.wired.com/2015/07/tomtom-alive-getting-self-driving-cars/">plans</a> to 3D map European and North American freeways by next year. </p>
<p>In Europe, German carmakers Audi, BMW and Mercedes <a href="http://www.bbc.com/news/business-33756603">agreed</a> to buy Here, Nokia’s mapping business. The company had been coveted by <a href="http://www.theverge.com/2015/5/12/8591041/uber-nokia-here-maps-interest-explainer">Uber</a>, which has gained <a href="http://thenextweb.com/insider/2015/07/15/why-uber-is-buying-map-companies/">mapping skills</a> by acquiring deCarta and part of Microsoft Bing. </p>
<p>Further signs of the fever for maps are startups such as Mapbox, Mapsense, CartoDB, Mapillary, or Mapzen. The new mapping services are cloud-based, mobile-friendly and, in most cases, community-driven. </p>
<p>A flagship base map for the past ten years has been OpenStreetMap (OSM), also known as the “Wikipedia of mapping”. With more than two million registered users, OpenStreetMap aims to create a free map of the world. OSM <a href="http://hotosm.org">volunteers</a> have been particularly active in mapping disaster-affected areas such as Haiti, the Philippines or Nepal. A recent <a href="https://www.cs.colorado.edu/%7Epalen/palen-soden-etal-OSM.pdf">study</a> reports how humanitarian response has been a driver of OSM’s evolution, “in part because open data and participatory ideals align with humanitarian work, but also because disasters are catalysts for organizational innovation”.</p>
<h2>A map for the commons?</h2>
<p>While global coverage remains uneven, companies such as Foursquare, Flickr, or Apple, among others, rely on OSM free data. The commercial uses of OSM primary data, though, do not come without ongoing <a href="http://www.citylab.com/design/2015/06/who-owns-the-digital-map-of-the-world/396119/">debate</a> among the community about license-related issues.</p>
<p>Intense competition for digital maps also flags the start of the self-driving car race. Google is already testing its prototypes outside <a href="http://plus.google.com/+SelfDrivingCar/posts">Silicon Valley</a> and Apple has been rumoured to work on a secret car project code named <a href="http://www.theguardian.com/technology/2015/aug/14/apple-self-driving-car-project-titan-sooner-than-expected">Titan</a>. </p>
<p>Uber has <a href="http://www.technologyreview.com/view/540881/uber-project-may-improve-autonomous-cars-vision/">partnered</a> with Carnegie Mellon and Arizona Universities to work on vehicle safety and cheaper laser mapping systems. Tesla is also <a href="http://www.wired.co.uk/news/archive/2015-07/31/tesla-self-driving-cars-update">planning</a> to make its electric cars self-driving.</p>
<h2>The ultimate goal</h2>
<p>Are we humans ready for this brave new world? <a href="http://link.springer.com/article/10.1007/s11116-013-9496-z">Research</a> suggests young people in North America, Australia and much of Europe are increasingly becoming less likely to hold a driver’s license (or, if they do, to drive less).</p>
<p>But even if a new generation of consumers were ready to jump in, challenges remain huge. Navigation systems will need to flawlessly process, in real time, position data streams of buildings, road signs, traffic lights, lane markings, or potholes. And all this seamlessly combined with ongoing sensing of traffic, pedestrians and cyclists, road works, or weather conditions. Smart mapping at its best. </p>
<p><div data-react-class="Tweet" data-react-props="{"tweetId":"627040639553830912"}"></div></p>
<p>Legal and ethical challenges are not to be underestimated either. Most countries impose strict limits on testing self-driving cars on public roads. Similar limitations apply to the use of civilian drones. And the ethics of fully autonomous cars is still in its infancy. Autonomous cars probably won’t be caught texting, but they will still be confronted with tough decisions when trying to avoid potential accidents. Current <a href="http://www.technologyreview.com/news/539731/how-to-help-self-driving-cars-make-ethical-decisions/">research</a> engages engineers and philosophers to work on how to assist cars when making split-second decisions that can raise ethical dilemmas.</p>
<p>But the future of digital maps is not just on the go. Location-based service revenues are <a href="http://www.berginsight.com/News.aspx?m_m=6&s_m=1">forecast</a> to grow to €34.8 billion in 2020. The position data deluge of the upcoming geomobile revolution gives maps a new frontier: big data analytics. As Mapsense CEO Erez Cohen <a href="http://streetfightmag.com/2015/08/11/mapsense-ceo-the-rise-of-on-demand-location-based-apps-is-a-huge-opportunity/?utm_source=dlvr.it&utm_medium=twitter">notes:</a> </p>
<blockquote>
<p>“the industry is much larger than the traditional GIS industry. It’s actually growing at a massive rate, and there are a massive number of new companies that need the services of mapping analytics because they’re generating all this location data.”</p>
</blockquote>
<p>Digital mapping technology promises to unveil our routines, preferences, and consumer behaviour in an unprecedented scale. Staggering amounts of location data will populate our digital traces and identities. The impact on our lives, organisations, and businesses is yet to be fully understood, but one thing is sure: the geomobile revolution will be mapped.</p><img src="https://counter.theconversation.com/content/46015/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Marta Poblet does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>There’s a global race on to harness mapping technology, delivering companies the data they need to gain a competitive advantage.Marta Poblet, VC's Principal Research Fellow, Associate Professor, Graduate School of Business and Law, RMIT UniversityLicensed as Creative Commons – attribution, no derivatives.