Wearing GPS ankle monitor is a search, yet apps track your location every 3 minutes

If you were forced to wear a GPS ankle monitor at all times so your location would be known, that would be a Fourth Amendment search according to the U.S. Supreme Court which ruled on Torrey Dale Grady v. North Carolina (PDF).

A GPS ankle monitor was installed on twice-convicted sex offender Torrey Grady, without his consent, and he was ordered to wear it at all times for the rest of his life. Grady challenged the GPS ankle bracelet program as an unreasonable search, but North Carolina Court of Appeals looked at the case as civil in nature — unlike U.S. v Jones— and ruled the ankle monitor was not a search.

But the Supreme Court agreed it was an unreasonable search and explained (PDF):

The only theory we discern […] is that the State’s system of nonconsensual satellite-based monitoring does not entail a search within the meaning of the Fourth Amendment. That theory is inconsistent with this Court’s precedents.

“A State also conducts a search when it attaches a device to a person’s body, without consent, for the purpose of tracking that individual’s movements,” the Supreme Court’s unanimous opinion said. “The State’s program is plainly designed to obtain information. And since it does so by physically intruding on a subject’s body, it effects a Fourth Amendment search.”

“It doesn’t matter what the context is, and it doesn’t matter whether it’s a car or a person. Putting that tracking device on a car or a person is a search,” EFF senior staff attorney Jennifer Lynch told The Atlantic. “They should have the opportunity to rebuild their lives and not be under a state of government surveillance for the rest of their lives, and that’s what a GPS tracker constitutes. Sex offenders—it’s the easiest class of people to place these kinds of punishments on, but I worry that we start with sex offenders and then we go down the line to people who’ve committed misdemeanors.”

North Carolina lower courts will have to reconsider Grady’s case, but the time is certainly coming when the Supreme Court will rule on geolocation data because you no longer need to have a GPS ankle bracelet to have your location “constantly” tracked.

Android smartphone apps are spamming your location about every 3 minutes

GPS gives location and if you have a smartphone then your location is shared a ridiculous number of times per hour by apps, according to a recent study (PDF) conducted by Carnegie Mellon University. At one point in the study, 23 Android smartphone users would receive a daily “privacy nudge” that provided “concise privacy-relevant information” about how many times their location, phone contact lists, calendar or call logs had been shared. One user was notified, “Your location has been shared 5,398 times with Facebook, Groupon, GO Launcher EX and seven other apps in the last 14 days.”

One phase of the study used AppOps, “an app which allows you to selectively grant/deny apps access to your personal information (e.g. location, phone contacts, calendar, SMS messages, etc) on your phone.” Alone, AppOps was a “weak privacy nudge” but AppOps plus a daily privacy nudge seemed to really drive the point home.

In fact, the researchers found “that many popular Android apps tracked their users an average 6,200 times per participant over a two-week period, or about every three minutes!” The Wall Street Journal added:

Even apps that provided useful location-based services often requested the device’s location far more frequently than would be necessary to provide that service, the researchers said. The Weather Channel, for example, which provides local weather reports, requested device location an average 2,000 times, or every 10 minutes, during the study period. Groupon, which necessarily gathers location data to offer local deals, requested one participant’s coordinates 1,062 times in two weeks.

The researchers concluded that “permission managers are essential,” yet “Google famously removed AppOps from Android phones” in Android 4.4.2, which “seemed to clash with Google’s public stance of providing users with tools to exercise control over their information.”

Does an app tracking your location about every three minutes seem reasonable to you? Could this be the type of geolocation case the Supreme Court will eventually rule upon?

“It may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties,” Justice Sonia Sotomayor wrote in U.S. v Jones. “This approach is ill-suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks.”

Visa to track cardholders via smartphone to fight fraud

Lastly, would you be inclined to have your location tracked via a smartphone if it could potentially stop you from being a victim of fraud? Have you ever had a credit card payment declined because you forgot to tell your bank/credit card company that you would be traveling? Visa wants to track cardholders via their smartphones to fight fraud, claiming that it would mean “fewer legitimate transactions” would be declined while you were traveling.

Mobile Location Confirmation (PDF) “is an opt-in service available through your card issuer’s mobile banking app. It uses mobile geolocation data to match the location of Visa transactions with the location of your mobile device.” Visa added, “During the payment authorization process, if your mobile device is in proximity of the payment transaction, your issuer can more confidently approve the transaction.”

Is the convenience of using your credit card without any potential payment issues enough of an incentive to opt in to be tracked via your smartphone?