Joerg Lorenz wrote:

> It is always a good starting point to turn off all location data
> generating sensors and applications when not really needed if privacy is
> of any importance.

It's better in some ways to spoof the location data instead of turning it
off (which is a PITA compared to spoofing it) and of course it's also best
to NOT give any apps the PERMISSION to access location data, particularly
in the background, and of course, to prevent Google from getting that
location data which, let's be clear, includes not only GPS but Wi-Fi access
point information.

I thank badgolferman for posting that article as I was unaware that the
government was abusing their power in this new surveillance tactic.

*CDC Tracked Millions of Phones to See If Americans Followed COVID Lockdown Orders*
<https://www.vice.com/en/article/m7vymn/cdc-tracked-phones-location-data-curfews>
"Newly released documents showed the CDC planned to use phone location
data to monitor schools and churches, and wanted to use the data for
many non-COVID-19 purposes, too."

Some notable points in that article kindly source by badgolferman today:
1. The Centers for Disease Control and Prevention (CDC) bought access to
location data harvested from tens of millions of phones in the United
States

2. Although the CDC used COVID-19 as a reason to buy access to the data
more quickly, it intended to use it for more-general CDC purposes.

3. Researchers have repeatedly raised concerns with how location data can
be deanonymized and used to track specific people.

4. The CDC paid SafeGraph $420,000 for access to one year of data

5. SafeGraph includes Peter Thiel and the former head of Saudi intelligence
among its investors

6. Google banned SafeGraph in June of 2021 from being on the app store
because "They are willing to sell extremely fine-grained data and anyone
with a credit card can start buying it"
<https://www.vice.com/en/article/5db4ad/google-bans-safegraph-former-saudi-intelligence>

7. Last year Motherboard bought a small set of data from SafeGraph for
around $200 to test how easy it was to obtain and to verify the sort of
information it contained. For example, one line showed the people who went
to The Church of Jesus Christ of Latter-day Saints then visited a list of
particular convenience stores.

8. Researchers at the EFF separately obtained documents concerning the
CDC�s purchase of similar location data products from a company called
Cubeiq as well as the SafeGraph documents.

9. SafeGraph has previously said it obtains location data via Veraset, a
spin-off company which interfaces with the app developers.

10. Both the CDC and SafeGraph did not respond to multiple requests for
comment.

Andy Burnelli wrote:

> 9. SafeGraph has previously said it obtains location data via Veraset, a
> spin-off company which interfaces with the app developers.

I, for one, thank badgolferman for informing us of this recent news.

I hadn't known about SafeGraph nor of Veraset, where below is one link for
the latter (which is only mentioned but not explained in badgolferman's
kindly referenced article alerting users to this abuse of location data).

*Data broker shared billions of location records with District during pandemic*
<https://www.washingtonpost.com/technology/2021/11/10/data-broker-shared-billions-phone-location-records-with-dc-government-part-covid-tracking-effort/>
"The bulk sales of location data have fueled a debate over public health
and health privacy"

1. Veraset shared billions of �highly sensitive� phone location records
with the D.C. government last year that revealed how people moved about the
city.

2. That location data is usually collected without consumer knowledge and
then resold to both public and private buyers.

3. The company, Veraset, provided the data as part of a free trial,
according to internal emails obtained through a Freedom of Information Act
request by the Electronic Frontier Foundation.

4. Veraset refuses to reveal even how they get their data or which apps
they purchase it from.

5. Veraset�s location data includes sequences of code, known as
�advertising identifiers,� that can be used to pinpoint individual phones.

6. Veraset and other data brokers pay software developers to include
snippets of code in their apps that then share location data back to the
firm.

7. Veraset is a spinoff of SafeGraph, which Google banned earlier this year
as part of an effort to restrict covert location tracking.

8. The Post last year used SafeGraph data to visualize changes in
attendance and potential risk at bars, churches, workplaces and restaurants

9. Datarade said Veraset's location tracking records cover roughly 10
percent of the U.S. population from �billions of daily precise location
data observations� taken from thousands of apps.

10. Officials with Veraset and SafeGraph did not respond to requests for
comment.
--
Usenet is where friendly people daily gather to discuss topics of interest.

Whenever one piece of information is revealed, it behooves intelligent people to gather more information about that topic, so as to sharpen the saw (in Covey speak).

Another related reference is as follows:
*Illinois Bought Invasive Phone Location Data From Banned Broker Safegraph*
<https://www.eff.org/deeplinks/2021/08/illinois-bought-invasive-phone-location-data-banned-broker-safegraph>

1. The Illinois Department of Transportation (IDOT) purchased access to precise geolocation data about over 40% of the state's population from Safegraph.

2. IDOT paid $49,500 for access to two years' worth of raw location data. The dataset consisted of over 50 million "pings" per day from over 5 million monthly-active users. Each data point contained precise latitude and longitude, a timestamp, a device type, and a so-called "anonymized" device identifier.

3. Although Safegraph claimed its device identifiers were "anonymized," in practice, these data points can easily be used to trace the precise movements of millions of identifiable people.

4. IDOT hired contracting firm Resource Systems Group to analyze the data as part of a larger effort by IDOT to analyze trends in travel across the state.

5. Federal law enforcement, military, and immigration agencies have garnered headlines for purchasing bulk phone app location data from companies like X-Mode and Venntel.

6. It is highly unlikely that the vast majority of users whom Safegraph tracks are aware of their inclusion in its dataset.

7. IDOT wanted to monitor at least 10% of the state's population, and Safegraph offered 42%. Also, while IDOT only requested one month's worth of data for $50,000, Safegraph offered two years of data for the same price: one year of historical data, plus one year of new data "updated at a regular cadence."

8. As a result, IDOT received received precise location traces for more than 5 million people, for two years, for less than a penny per person.

9. Safegraph is led by Auren Hoffman who then spun off a sister brand, Veraset where Safegraph says it acquires much of its location data from Veraset, thus delegating the distasteful task of actually collecting the data to its smaller sibling. Neither Safegraph nor Veraset disclose the sources of their data

10. Meanwhile, Veraset appears to have inherited the main portion of Safegraph's raw data-selling business, including the "Movement Data" product that IDOT purchased.
--
On Usenet, we can pool our knowledge and skills so everyong learns more.

Andy Burnelli wrote:

> 5. Federal law enforcement, military, and immigration agencies have
> garnered headlines for purchasing bulk phone app location data from
> companies like X-Mode and Venntel.

Like all well-informed adults, when we find out about something we were
previously ignorant of, it behooves us to flesh out some of the detail.

Regarding this "Venntel" outfit... here's one reference summarized:
*Congress investigating how data broker sells smartphone tracking info to law enforcement*
<https://www.theverge.com/2020/6/25/21303190/congress-data-smartphone-tracking-fbi-security-privacy>
"The House Committee on Oversight and Reform sent a letter to Venntel's CEO"

1. The US House Committee on Oversight and Reform has opened an investigation
into how data broker Venntel collects and sells data from Americans' mobile phones.

2. Venntel aggregates location data from smartphone apps and sells it to clients,
which include the Department of Homeland Security (DHS), the IRS's criminal
investigation division, the FBI, and other government agencies, according to the WSJ.
�<https://www.wsj.com/articles/house-investigating-company-selling-phone-location-data-to-government-agencies-11593026382>

3. Location data is collected from smartphones and in some cases even sold by
cell carriers themselves - that operate without regulatory oversight and may
have for years violated the privacy of countless US residents.
<https://www.theverge.com/2019/2/6/18214667/att-t-mobile-sprint-location-tracking-data-bounty-hunters>

4. The WSJ reported that the DHS used the company's platform to track people
crossing the US-Mexico border.
<https://www.theverge.com/2020/2/7/21127795/dhs-buying-phone-location-data-marketing-companies-border-immigration>

5. The FBI recently renewed its contract with Venntel.
<https://theintercept.com/2020/06/24/fbi-surveillance-social-media-cellphone-dataminr-venntel/>
--
Usenet is a team where every player tries to move the ball forward.