Edgar Cervantes / Android Authority
TL; DR
- Hackers have stolen a database containing the location data of tens of millions of devices.
- This location information originates from the ad bidding process used by popular apps.
- While the FTC has already attempted to limit the ability of companies to collect this data, more work is needed.
Of all the types of personal data we want to limit who can access it, location data should be at the top of the list. This is why platforms like Android are trying to be very open privacy permissionsoffers transparency to users about how they can read the locations of apps. But now a new report focuses on the ways that third parties are using many popular apps to track our movements.
When you’re using an app like Tinder, allowing your location makes perfect sense; the app wants to connect us with people in our area, so it needs to know where everyone is. If you’re smart, you take the time to read the app’s data management policies to find out what it intends to do with your location data and how long it plans to keep it. But how much do you pay attention to the ads served within these apps?
Gravy Analytics is a data collection company that is part of the modern advertising ecosystem that uses real-time bidding (RTB). 404 Media (via Wired).
Apps share your information with potential advertisers as part of this bidding process, which may include location information, to help target you with relevant messages and ensure you are part of the advertiser’s interested audience. Not all of this necessarily comes from something obvious, like GPS data, and likely includes a mix of sources, including your IP address.
Eric Zeman / Android Authority
Gravy, it turns out, collects vast chunks of this RTB demographic and compiles its own database, available to customers interested in paying for access to your location data. Now it’s all coming to light thanks to the Gravy hack and hackers sharing datasets that reveal the extent of this ad-driven surveillance.
The developers behind the individual apps probably didn’t know it was happening, but a spreadsheet of affected applications Touching on popular titles like Candy Crush and Microsoft 365, he describes this as an industry-wide problem. The FTC has already pushed back on the ad industry using location data for such purposes, notably including Gravy, but has scaled back its efforts to curtail its efforts. The experience needs a little more work.
Source link
