June 15, 2011
Google does a great job of finding local addresses. However, they could have gotten a lot of help from you. When your Wi-Fi is turned on, Google Maps may tell others where you’ve been. This is the finding of an exclusive report by CNET that could reopen the entire issue of "locationgate," but this time all eyes will be on Google, not Apple. Last April, Apple representatives were forced to visit Washington, D.C. to explain why iDevices tracked a user’s previous whereabouts using a file embedded into iOS. However, what became known as “locationgate” was quickly forgotten once Apple released iOS 4.3.3, which eliminated the pesky code. However, this isn’t the end of the story. While Apple was the one largely grilled over “locationgate,” they weren’t the only ones at the conference table in D.C. Google representatives were also there. Perhaps they weren't listening. CNET has learned Google publishes the estimated location of millions of iPhones, laptops, and other devices with Wi-Fi connections. In a practice also followed by Microsoft, Apple, and Skyhook Wireless, Android phones with location services enabled regularly beam the unique hardware IDs of those near them back to Google. This process makes it easier to map the street addresses of access points and routers around the globe. In turn, a customer’s mobile device can find locations quicker than by using GPS alone. However, only Google and Skyhook take this practice to the next level. According to CNET, they:
“Make their location databases linking hardware IDs to street addresses publicly available on the Internet, which raises novel privacy concerns when the IDs they're tracking are mobile. If someone knows your hardware ID, he may be able to find a physical address that the companies associate with you--even if you never intended it to become public.”In total, CNET uncovered that approximately 10 percent of laptops and mobile phones using Wi-Fi are listed by Google as corresponding to street addresses. For Skyhook, the number was 5 percent. Naturally, this becomes a privacy issue and a new one at that. As part of its study, CNET asked for the assistance of security researcher Ashkan Soltan, who also testified in D.C. last April. Of this new concern, Soltan concludes:
"Someone who doesn't have a lot of information about me can track me down. You can find where someone lived previously and where someone moved to."In a statement, a Google spokeman said:
We collect the publicly broadcast MAC addresses of Wi-Fi access points. If a user has enabled wireless tethering on a mobile device, that device becomes a Wi-Fi access point, so the MAC address of such an access point may also be included in the database. Wi-Fi access points that move frequently are not useful for our location database, and we take various steps to try to discard them.It will be interesting to see what happens following CNET's discovery. While no doubt many will be unconcerned, others will be angered by Google's practices. What do you think? Are you concerned by this news? Let us know by using the comments below.