(duplicate of post on my other blog, Nonprofit Update.)
So bad things could possibly happen if someone gains access to the tracking data on your phone. How could someone get access to the file where that data is stored?
I attended the Christian Leadership Alliance conference in Dallas last week. Learned lots of new stuff and had fun visiting with lots of colleagues. Picked up info on location tracking that I wanted to mention. Steve Hewitt of Christian Computing Magazine provided some information, which I will so identify.
Here are a few ways to get access to the location tracking data:
- Police can extract the data from your phone during a routine traffic stop. This is already happening in Michigan. I’m confident it will be arriving in your community sooner or later.
- Someone could casually get physical access to your phone for a few minutes. This would allow them to pull the one key file off your phone, if they have the savvy to do so. Could happen while leaving your phone sitting on the desk in the office, during repairs, or simply when you lend your phone to a so-called friend or colleague for a few minutes.
- Hacking – Steve mentioned at the CLA conference there are black market apps than can be pushed to a phone which would extract that file.
- Discovery phase of litigation – attorneys have learned there is wonderfully incriminating information stored on electronic devices. I have read in various places (no links at the moment) that attorneys are including electronic gadgets in discovery requests. If you wind up in a nasty litigation you will have to turn over lots of stuff. Expect to turn over the tracking data if it is at all related to the litigation.
- Subpoena – local district attorneys, various state officials, and a plethora of federal agencies could subpoena the phone company. Depending on the nature of the agency and their purposes, you may or may not even know your data was subpoenaed.
- Steal the phone – if the stakes are high enough, stealing the phone is an option. Consider what’s involved when you get involved with industrial espionage, crazy people, or really nasty political campaigns. For NPOs, consider this risk when working in certain countries.
Some other issues:
Turning off the phone does not stop the data tracking. At the CLA conference, Steve indicated the only way to turn off the tracking function is to disconnect the battery. On a Google phone, this is doable– simply pull out the battery. Not the case with the iPhone – the phone is designed so you cannot remove the battery. You cannot stop the tracking function on the iPhone.
Location embedded in pictures – one person in the session at the CLA conference mentioned his ministry tested multiple phones and found that some models (or did he say all they looked at? I don’t recall) embed the longitude and latitude on pictures. The response from most of us? Who cares?
However, this could be a real problem if you’re working in a closed country. Or you are raising funds for a domestic-abuse shelter. Or in any situation where you may not want it to be known exactly where you took a picture with this particular person. Might turn out that the longitude and latitude is as good as publishing the person’s name and street address.
This also has implications for investigative reporting.