The New York Times today claimed that it has obtained a file with the precise location of over 12 million smartphones over a period of several months in 2016 and 2017. While this data is technically anonymized, the report details how easy it is to associate specific data points with specific individuals.
With the help of publicly available information, like home addresses, The New York Times said it easily identified and then tracked military officials, law enforcement officers, lawyers, tech employees, and others:
In one case, we observed a change in the regular movements of a Microsoft engineer. He made a visit one Tuesday afternoon to the main Seattle campus of a Microsoft competitor, Amazon. The following month, he started a new job at Amazon. It took minutes to identify him as Ben Broili, a manager now for Amazon Prime Air, a drone delivery service.
The report explains that location data is collected from third-party smartphone apps that have integrated SDKs from location data companies like Gimbal, NinthDecimal, Reveal Mobile, Skyhook, PlaceIQ, and others, adding that it is currently legal to collect and sell all this information in the United States.
Apple continues to take steps to protect the privacy of its users. In iOS 13, for example, there is no more "always allow" option when third-party apps request to access your location. If a user wants to grant an app continuous access to location data, they must do so in Settings > Privacy > Location Services.
Apple also requires that apps provide users with a detailed explanation as to how location data is being used when prompted.
iPhone users who are concerned about their privacy can better protect themselves by navigating to Settings > Privacy > Location Services and disabling access to location data for unessential apps, or choosing the "while using the app" option at a minimum. We also recommend reviewing the privacy policies of apps.
A spokesperson said Apple had no comment on The New York Times report when contacted by MacRumors.
