croom new

Eclipse Integrated Systems Blog

The Wild Ride That Is Data Privacy, Part I

The Wild Ride That Is Data Privacy, Part I

Data Privacy is a huge topic these days. We often talk about data security when it comes to protecting your organization’s information, but we often don’t go into a lot of depth when it comes to protecting an individual’s information. It’s important to understand how personal information moves around, so you know what you are up against when it comes to protecting your privacy online. This post is going to be a bit of a deep rabbit hole, but I really want to shine some light on the subject for my readers.

There has been a lot of talk about privacy with big names like Facebook and Google, but I want to break things down with something I think we’re all experiencing, but probably not aware of.

DISCLAIMER: I want to point out that I’m a heavy technology user. I use my smartphone every day for business. I use all of these technologies and I’m passionate about what technology can do for us personally and professionally, so what I’m about to talk about is coming from someone who appreciates and relies on technology.

I’m going to start with a story. I was talking to a colleague of mine, for the sake of his quote-unquote privacy, we’ll refer to him as Dave. Dave was telling me how he gets a lot of those bogus robocalls. I mean, a LOT of calls. Dave said he sometimes received 10-to-15 robocalls to his personal cell phone every day.

In fact, he received one while we were talking. It was a company offering Dave health insurance. It wasn’t a local company, but they were calling from a local number.

Dave told me he usually ignores the calls, but since we were just talking about them, he put it on speaker. It was what you’d expect; a perky recording offering to help connect Dave with a representative who will sell him health insurance. Dave said he also gets calls stating they are from the IRS and that he owes back taxes, calls from car insurance companies letting him know it’s his last chance to extend his warranty, and even calls about getting medical-grade back braces.

Okay, so Robo-Callers Have My Number. So What?

These calls aren’t uncommon. I told Dave that they are probably just using an auto-dialer, calling millions of numbers with a recorded message and seeing who they can catch. There is a huge kerfuffle right now between carriers and the FCC in the US to get this under control. I told him the numbers look local because these robo-callers are spoofing numbers based on Dave’s area code. That’s when Dave pointed out something very unnerving to me, and proved me wrong.

Dave had done some traveling last fall. He spent some time going up the east coast and flew to a seminar in California in the middle of it. While he was traveling, the robo-callers gradually started calling him from area codes of his current location. It didn’t happen immediately, but a couple days after being at the seminar, his call history showed that some of the calls were from California, and then back to area codes from North Carolina and Virginia.

Somehow, the robo-callers had Dave’s location.

The Rabbit Hole Gets Deeper

It makes sense to me how a robo-caller can get a cell phone number. They can dial millions of random numbers in no time at all and track the numbers that are real. Public lists can be scraped. On top of that, credit bureaus give away information, as could websites we sign up for, charities we donate to, and much more. But I’m just talking about our numbers. If these telemarketers are getting our up-to-date location information in order to spoof local numbers, there is something else at play.

The First Suspect - Cell Phone Carriers

This seemed like an obvious direction to do some finger pointing. Your cell phone carrier tracks the location of your device. They do so even without GPS by using, what is essentially, triangulation between cell towers, and it’s needed to keep your service running. I won’t get too deep into the details; the least of your worries is your carrier knowing where your phone is.

The real problem is that for a long time, the four major carriers in the US and several in Canada were selling access to all of that location information to a company called LocationSmart. LocationSmart collects all of this data and then dishes it out to whoever wants it. The carriers weren’t in the right - they were just opting consumers in without appropriate consent.

This all came to light in May 2018 when a former Missouri sheriff was charged for using this data to track the location of a judge and several members of the state highway patrol. The data is accurate enough to find a phone within a few blocks, in real time. In some regions the data is more accurate.

The short version: your cell phone carrier has likely been selling your location data without consent.

The good news is that AT&T, Verizon, T-Mobile, and Sprint have agreed to stop sharing location data. That said, whether or not they did stop sharing this information is still a little up in the air. The case doesn’t appear to be completely shut. Until there’s an actual verdict, I guess we should hope for the best and examine other ways our personal information gets out.

Your Apps Might Know Too Much

You can tell a lot about a person based on the apps they have on their phone. Do they read ebooks or audiobooks in their free time, or do they play addictive mobile games? Do they use a news aggregator or do they stick with one news source?

I looked at Dave’s app drawer and could tell he liked to travel (he had multiple airline apps, hotel apps, and had an icon for Yelp right on his main screen). I could also tell he liked breweries and camping, since he had a few apps that helped him find these points of interest with reviews and comments while traveling.

Dave also, like the vast majority of us, uses Facebook, Gmail (as well as dozens of other Google services), and other apps that utilize personal data to make the app experience better.

There is nothing inherently wrong with an online service using your data to curate a better user experience. Google’s search engine is a prime example of this; your search results are tailored based on your location, your search history, and the device you are using. If you are on a mobile device, sites that are not mobile friendly tend to not show up first.

We are only going to see more of this as companies figure out more ways they can personalize their services to the user in order to provide a better service altogether or to make more money by doing so. The problem is when the data gets shared without your consent.

Protecting your data is very much protecting yourself. This is only the beginning, check back later in the week for part two of our thorough look at data privacy.

The Wild Ride That Is Data Privacy, Part II
Google Location Services and How They Apply to the...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, March 21 2019

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Privacy Business Computing Cloud Network Security Google User Tips Hackers Internet Microsoft Productivity Business Management Malware Software Innovation Efficiency Tech Term Hosted Solutions Computer Backup Email Business Browser Mobile Devices Windows 10 Smartphones Apps Communication Cybersecurity Hardware Managed IT Services Productivity Data Smartphone Internet of Things Saving Money Windows Data Backup Collaboration Passwords Data Recovery Small Business Android communications Cybercrime Virtualization VoIP Data Security Holiday Workplace Tips Network Operating System Users Wireless Mobile Device IT Support Ransomware Disaster Recovery Microsoft Office IT Services Mobility Law Enforcement Windows 10 Business Continuity Office 365 Chrome Outsourced IT Cloud Computing Miscellaneous IT Support Gadgets BDR Quick Tips Money Server Social Media Mobile Device Management Telephone Systems Update Phishing Password Wi-Fi Health Unsupported Software Social Vulnerability Cost Management Employer-Employee Relationship Managed IT Services Application App Information Technology Government Upgrade Facebook Best Practice Risk Management Google Drive Sports Two-factor Authentication USB Personal Information Shortcut Artificial Intelligence Antivirus Networking Automation Identity Theft Proactive IT Managed IT Politics Alert Computers Blockchain Information Work/Life Balance Hacking Spam Patch Management Streaming Media Data Management Bandwidth User Error Managed Service Provider Current Events Office tips Save Money Marketing Remote Computing Office Samsung OneNote Legal Excel Cleaning Recovery Storage Search Analytics Devices BYOD Remote Monitoring and Management Training Flexibility Gmail Meetings Tech Support Cortana Going Green Access Control Touchscreen Medical IT Encryption Transportation Apple G Suite Audit Router Mobile Security Company Culture History Save Time Internet Exlporer Wireless Technology Wireless Charging eWaste End of Support Battery The Internet of Things Google Docs Mobile Computing DDoS SaaS Commerce Instant Messaging Hosted Solution Fraud WiFi Managed Service Computer Care Private Cloud Business Intelligence Data Storage Connectivity Data Protection iPhone Managing Stress VPN Word HaaS Compliance Social Engineering Applications Maintenance Telephony Humor Outlook Television Automobile IT Management Fax Server Error Upgrades Windows Ink Ciminal Healthcare Managed IT Service Music Hard Drive Reputation Access Licensing Device Security RAM Certification Uninterrupted Power Supply Operating Sysytem Cast Sales Computing Plug-In Budget Teamwork Trends Troubleshooting IT solutions IT Solutions FAQ Internet Explorer Microsoft Office 365 Consultant Virtual Reality Google Maps Project Management E-Commerce Cables Scam Nanotechnology Retail Chromebook Reporting Black Market Travel Microsoft Teams Security Cameras Hiring/Firing iOS Entertainment Avoiding Downtime Wearable Technology App store Chromecast Sync Workers A.I. Profitability Windows 10s Time Management Files Charger Threat Education Data Loss IT budget Payment Virus Voice over Internet Protocol Employer Employee Relationship Root Cause Analysis Big Data Conferencing Printing Tablets Spyware Wearables Benefits Analysis Settings Scalability Updates Movies Eliminating Downtime Solid State Drive PDF Worker Commute Laptop Legislation Chrome OS Augmented Reality Books WIndows Server 2008 PowerPoint Authentication Electronic Medical Records Vulnerabilities Proactive Computer Accessories HBO Gifts Google Assistant GDPR Robot NFL Bring Your Own Device Smart Technology Computer Fan Experience Running Cable Identity How To Adobe Microsoft Word Wireless Internet Hacker Hard Disk Drive Text Messaging Touchpad Comparison Trending Data Breach SharePoint Authorization Safety Emails Point of Sale Data storage Microsoft Excel Identities Cryptocurrency Websites Amazon Credit Cards Bluetooth Distributed Denial of Service Value Dark Web Unified Threat Management Lithium-ion battery Edge Hybrid Cloud WannaCry Phone System Data Privacy Administrator Unified Communications Help Desk Keyboard Screen Mirroring Specifications Virtual Assistant Vendor Management Video Games Evernote Downloads Webinar Advertising File Sharing Language Paperless Office Data Theft Twitter Monitors Regulation Windows 7 Worker Disaster Relocation Cache Remote Monitoring CrashOverride Printers Emergency

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *

      Latest News

      Eclipse Integrated Systems launches new website!

      Eclipse Integrated Systems is proud to announce the launch of our new website at www.eisystems.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for prospective clients.

      Read more ...

      Account login