And yet the most important piece of the puzzle remains elusive: Which apps are selling user location data into this market?
Most of these companies refused to tell us where they get their data—except Foursquare, which disclosed to us that “
a considerable portion” of its location data comes from its own apps, such as Swarm, CityGuide, and Rewards.
Most other companies appear to rely on a shadowy pipeline that starts when you give permission to an app to use your location data. That app might have a legitimate reason to need your data, but it might also have language in its privacy policy that allows it to share that data with third parties.
“When the app asks for location, in the moment, because maybe you click the button to find stuff near you and you get a permission dialog, you might reasonably infer that ‘Oh, that’s to service that request to provide that functionality,’ but there’s no guarantee of that,” Serge Egelman, a researcher at UC Berkeley’s International Computer Science Institute and chief technology officer of AppCensus, which audits apps for privacy violations, told The Markup.
Yiannis Tsiounis, the CEO of the location analytics firm Advan Research, told The Markup that his company buys from aggregators that collect the data from thousands of apps—but would not say which apps. “Everybody sells to everybody else,” he said.
In 2018, a New York Times team led by Jennifer Valentino-DeVries
tested and was able to identify several apps, including The Weather Channel and theScore, a sports app, that were passing location data on to location data tracking companies. The apps said that the data sharing was disclosed in their privacy policies.
The Wall Street Journal reporter Byron Tau has also been diligently tracking military use of cellphone location data. Last year, he and Michelle Hackman reported that the Department of Homeland Security was
using location data from Venntel for immigration and border enforcement. Earlier this year, Byron reported that the Defense Intelligence Agency was using commercial databases to
monitor U.S. cellphone locations without a warrant.
Sen. Ron Wyden has introduced legislation, the
Fourth Amendment Is Not For Sale Act, that would prohibit law enforcement and intelligence agencies from buying commercial data about Americans without court oversight—closing what he called a “legal loophole.” Congress has not acted on the bill as of yet.
The researchers also found that location tracking was booming across the board. They found location tracking code in 450 apps, including 64 dating apps and 42 messaging apps. And despite the furor over the use of location data from the Muslim prayer app disclosed by Vice, they found location tracking code in another 10 Muslim religious and cultural apps.
Of course, all this tracking of our movements is legal. The location data brokers we identified all freely advertise their wares, and many of them are registered as data brokers in California and/or Vermont—the two states that require data brokers to identify themselves.
And the data broker industry is a powerful political force. As investigative data journalist Maddy Varner and reporter Alfred Ng revealed earlier this year,
data brokers spent nearly as much lobbying Congress as Big Tech did in 2020. Maddy and Alfred identified 25 data brokers who spent $29 million on federal lobbying in 2020, compared with $19 million spent by Facebook, $18 million by Amazon, and $8 million by Google.
Still, we plan to keep shining a light on this little-known industry. If you have any insights to share about the location data tracking industry, please send them along to Jon Keegan at keegan@themarkup.org.
As always, thanks for reading.
Best,
Julia Angwin
Editor-in-Chief
The Markup