"They" Know Where You Are

By Larry Seltzer  |  Posted 2005-11-28 Print this article Print

Opinion: To make E-911 a reality, your cell phone will have GPS in it someday, if it doesn't already. Has your privacy been downgraded in the new mobile era?

Youre out on the road. Suddenly you get a sharp chest pain, radiating to your arm. You can fight the pain just enough to dial 911 on your cell phone, but thats all you can do, and you sure as hell cant speak. If you were on a land line phone (other than maybe a VoIP line; that complicates things), they would know exactly where you are, because the phone number you called from is associated with a specific address. But the 911 dispatcher doesnt know where you and your cell phone are, and in fact its not obvious to which 911 dispatcher your call should be routed.

For these reasons the FCC mandated that wireless networks provide location information with fairly good precision on 911 calls, and the easiest way to do this is with GPS hardware. Newer phones have this capability and, as a result, while your myocardium is infarcting the call will go to the local dispatcher, who can tell EMS where to look for the guy doubled over in pain.

Click here to read more about Mapquest GPS finding places and friends.
So recently an acquaintance of mine expressed concern online about the use of the GPS location information from his new Treo 650 on Verizon Wirelesss network. It seems that phone options indicate that it sends the information out with every call. Other people assert that the GPS data is part of the "network heartbeat," going out to the mothership all the time. Verizon Wireless eventually got around to telling him that whatever the option indicates, the phone only sends GPS information on 911 calls.

Almost nobody objects to this use of GPS data, but its not too big a leap to see how GPS data could be abused. Basically, its all about "Can they track where Im going? Can they find out where Ive been after the fact?" The technical question to ask is how often the phones are sending out GPS data to the network provider, and whether the provider is holding on to that data and in what form.

Emergency response isnt the only great application of GPS data. Analysts tell me that the network companies want this for lots of reasons: for instance cell companies might legitimately want to track this data, without associating any user information, in order to associate it with signal strength and build a signal strength map in order to improve their networks. This seems pretty win-win to me.

Application companies want the data in order to build rich back-end apps that show location-relevant data, and you can imagine the advertising possibilities (text message: "Youre approaching a Starbucks! Get off at exit 5 (left at the light), give them this code and get half off a triple mocha chino!")

There are more complicated and appealing possibilities: Lets say you are driving somewhere. You tell your phone where you are going. Based on your location, speed (which it can infer from your location change over time) and traffic reports from the network, the phone can project your arrival time. It can also suggest alternate routes. Obviously car-based GPS systems can do this too, but not all cars have them and a phone-based implementation could work when youre walking, biking, etc.

Better still, do you have one of those family cell phone plans so the kids can have their own phones? How would you like to know where your kid (or at least their phone) is? Verizon Wireless (which didnt respond to my inquiries) no doubt would be happy to sell you such a service.

Click here to read more about Segway putting GPS on the map. But already you can see privacy issues, even if you want to track your kids. If the network providers (Verizon Wireless, Cingular, etc.) are logging that data then it could fall into the wrong hands. Or perhaps it could fall into the right hands, but in an unpleasant way, such as into your spouses attorneys hands during divorce proceedings.

Much as network vendors look on this sort of potential to pay for the upgrades they have made to comply with the E-911 requirements Im sure they are anxious not to get into the middle of such matters and would probably be happy to require user consent before recording and using any location data. The marketing opportunities bring their own potential for privacy lawsuits and other legal problems, especially the first time someone claims a cell phone ad distracted them into a car accident. Its a tricky dance of convenience vs. trouble, typical of modern technology.

Remember, even without GPS they can track you to some extent, and in a place like London where theres GSM and a ton (make that "tonne") of cells they can zero in on you pretty tight even without GPS. But this sort of triangulation work is not quick, as it is with GPS, and in less-developed areas its not very precise, perhaps narrowing you down only within a few kilometers. (Then they bring in the bloodhounds … )

Bottom line: If you dont want "them" to track you, turn off your phone.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. He can be reached at larryseltzer@ziffdavis.com. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel