Since the beginning of 2017, Android phones have been collecting the addresses of nearby cellular towers – even when location services are disabled – and sending that data back to Google. The result is that Google, the unit of Alphabet behind Android, has access to data about individuals’ locations and their movements that go far beyond a reasonable consumer expectation of privacy.
Quartz observed the data collection occur and contacted Google, which confirmed the practice.
The cell tower addresses have been included in information sent to the system Google uses to manage push notifications and messages on Android phones for the past 11 months, according to a Google spokesperson. The were never used or stored, the spokesperson said, and the company is now taking steps to end the practice after being contacted by Quartz. By the end of November, the company said, Android phones will no longer send cell-tower location data to Google, at least as part of this particular service, which consumers cannot disable.
Raise your hand if you’re surprised.
I can’t stomach this Orwellian nonsense where Journalists are forced to write about Google as if it’s this hot, new property from Alphabet, which you’ve definitely heard of thanks to all their other things that aren’t Google.
Alphabet was created by Google, not the other way around. You can’t just go and declare “I am my own grandpa” and have it be true. That’s how the finances are arranged; fine, but it’s not objective reality.
Serious question, though: if Android is still under Google, then what, exactly, isn’t? I know Nest is separate, but Nest is… not healthy.
Not sure what you mean, it is the current reality that Alphabet is the parent of Google. In business you can create a company to be the parent holding company of your existing one. Companies are not people so your comparison falls short.
Take the Kmart-sears “merger” a few years ago. Kmart bought out sears, changed its name to sears, and create a new subsidiary called kmart. Try that one on for size.
How about at&t? AT&T was purchased by their former subsidiary Southwest Bell, which then renamed itself at&t. The wireless division Cingular bought out AT&T wireless before the merger. So some customers had AT&T then Cingular, then at&t after the rebrand post merger. Of course customers like myself set up in this way were in hell describing why their accounts were so strange to customer service of at&t …
https://en.wikipedia.org/wiki/Alphabet_Inc.#Structure
You might recognize some of the other Alpha companies.
something tells me this charade is elaborate way of tax avoidance, but i am no expert here.
A company I used to work for went through this. A company purchased them, purchased another rival, rebranded with the rival’s name but kept the financial structure of the my old company because they were publicly traded. It was called a “reverse takeover”. The other company was worth less, but had more capital to purchase. They kept doing this and every few years they morph in to another slightly bigger, slightly differently company. I left after a year as it was overall a worse place to work.
Right, but that structure is for accountants and lawyers. It’s strictly an on-paper, business-internal technicality. My complaint is how journalists are forced to play along with a straight face.
“Alphabet, Inc.’s Google”, or similar phrasing, frames Alphabet as the established predecessor and Google as the new concept being introduced to the conversation in relation to it, which is precisely the inverse of reality.
If you were writing about another Alphabet subsidiary and wanted to draw the relationship back to Google, it would be appropriate to mention Alphabet. But if we’re talking about Google and only Google, the pragmatically correct, non-Orwellian way to bring up Alphabet would be “Google, now a subsidiary of Alphabet, Inc.”, which has the added benefit of being undisguised for the irrelevant PR boilerplate that it is.
No it doesn’t. it states reality. Reality is Google is a child of Alphabet. That is accurate, no implication as to what came first can be derived by the current structure. All its meant to do is establish the current ownership structure.
The reason for Alphabet is that Google wants to buy or create other brands that are distinct from Google. If they left the corporate name as Google then the identity or mission of these brands would invariably be seen as a subset of the Google identity and mission, along with all the positive (pods to sleep in at work) and negative (spying on customers) that that entails. For example, Alphabet (as opposed to Google) could in theory buy or build a super private OS where employees work in a drafty warehouse in the middle on nowhere, with no wi-fi and bags over their heads as they get bussed to and from work. And people might even believe (or forget they they don’t believe) it is true. It’s far less likely people would believe Google would do that, even though deep down we would know it was Google. There is no magic wand to truly separate the investments from the origin in the Google case, but it is possible to show that intent and that intention impression is what the Alphabet strategy is trying to achieve. I agree with the comment in that the author of the article is trying (hopelessly) to make an intention a reality.
In fact, this is Larry Page’s own reality distortion field
its the google framework, run something like LineageOS without the google crap, you get privacy and twice the battery life.
Set it up for my none technical wife and she happily updates and manages it, with all the apps she needs…
I am having an excellent experience of LineageOS too, though relying on Google Hangouts and Mail and Maps are killing some of the privacy advantages. It’d be wonderful to migrate to the free alternatives to that, given that they’re mature.
I wonder if a combination of Lineage, F-droid and yalp store wil give me the less google thing I want.
I should accept some loss of paid apps.
Just a quick question: how and where can you get information about LineageOS? Their homepage is probably the most unhelpful site I’ve ever seen.
It’s annoying enough that I specifically have to disallow sharing of location data with google every single time I enable GPS. If it turns out that they’ve been collecting triangulation data anyways all along then this kind of crap needs to be punished with fines. Businesses have no ethics, the only thing that influences genuine change is shareholders realizing they’ll loose significant earnings each and every time the company misbehaves, otherwise it is business as usual.
It’s not that different from when google’s code was found to deliberately track safari users who were explicitly blocking google’s tracking cookies.
http://www.businessinsider.com/google-tracking-apple-users-2012-2
Edited 2017-11-21 21:00 UTC
Google/Alphabet giveth and the taketh.
You get all that lovely software from them you don’t expect to pay for it somewhere along the line?
Just accept thet Google wants to know everything (and I mean everything) about you, your life, your location and who you are talking to both online and in person.
In other words, Google is BIG BROTHER.
Once you accept that you can get on with your life and try to minimise your exposure to Google.
It seems more and more these days the only way to avoid your own devices ratting you out is to carry receive-only gear like one-way pagers, then call back from (increasingly hard to find) pay phones.
We’re still not quite in a full Orwellian state, but we’re inching closer every day. Frogs being boiled, as it were.
Morgan,
It’s scary how much has been foreshadowed by his works, they are only becoming increasing relevant. However I think he missed the mark in one way: many of these Orwellian events have come from corporate rather than political origins.
This irony seems to be lost of many people who possess deep anti-government sentiments and vote against governmental oversight every change they can in the name of individual liberties, yet they end up giving corporations more and more control over our personal lives and individual liberties.
I’d say that government and corporate interests are so intertwined that it may as well be the government spying on us. Look at the shenanigans surrounding the pending FCC vote to nullify net neutrality guidelines. Corporations are literally pulling Pai’s strings, and he gleefully admits it. He’s proud of the fact that he’s going against the will of the people to further the interests of his owners.
Morgan,
The guy’s previous job was fighting FCC regulation to promote corporate interests, it’s pretty clear he was hired by the trump administration to take the FCC down from within.
I understand why some people want less regulation, however it is extremely naive for anyone to believe corporations will act in consumer interests given the chance to promote their own corporate interests instead. This is exacerbated by the massive mergers/consolidation that’s been happening throughout the corporate world. Consumers end up highly dependent upon few companies that don’t give a damn about their individual rights.
Edited 2017-11-22 01:57 UTC
This is one of the reasons why Bitcoin will be 10k by year end, and 100k by 2020. Decentralized currency will slowly but surely catch on. People used to technology will embrace it and governments and corporations will continue to fight this. Power to the people.
dbox2005,
Bitcoin’s growth so far has been predominantly driven by speculation. Bitcoin “investors” joined because of the profitability of bitcoin mining, which makes sense, but it’s been far less successful as a real currency. So what happens when mining stops being profitable? It’s pretty clear that for bitcoin to have a future, it has to gain traction in the real world.
Maybe we’ll assume bitcoin demand will go up among normal consumers, but there are severe technological limitations that put it’s viability into question.
#1 It scales very poorly and the block chain is already exceeding many people’s resources to run a P2P bitcoin client at home. This will only become significantly worse as more transactions are added. The main solution to this is to outsource this to someone else who has the resources to handle the bandwidth and blockchain requirements. However this consolidation actually results in the same kinds of corporate control we wanted to avoid.
#2 Bitcoin exchanges and portfolios keep getting hacked. Even if this isn’t the fault of the protocol, I still think this is a serious problem and there will be millions of victims in the future.
#3 Bitcoin’s underlying security is based on the assumption that no one controls a majority of the hashing power. However given the necessity of users to rely on third party providers, more and more of bitcoin’s processing will be done by few very large entities and it puts the security assumptions at risk as they have the potential to monopolize the blockchain.
https://www.pcworld.com/article/2364000/bitcoin-price-dips-as-backer…
#4 Speed. Bitcoin transactions take way too long to clear, making it highly impractical for most consumer needs compared to a traditional credit card.
#5 Privacy from government snooping. Some people don’t realize that the protocol requires all transactions to be open for all to see. It’s quite likely in a bitcoin future that the IRS would monitor your bitcoin account and have access to every single transaction you make. You might envision yourself creating a new account without sharing your ID with the IRS…fine, but assuming you are funding your account from an employer or bank, they would be able to track that and audit them for not reporting your income to the IRS.
It’s not that I don’t want an independent bitcoin-like currency to work, but all of it’s problems make it far from ideal.
https://motherboard.vice.com/en_us/article/ae3p7e/bitcoin-is-unsusta…
Bitcoin is the asset class, however altcoins are leading the change. The intrinsic value is represented by the exchange capabilities (altcoins <-> bitcoin) the key principle is the blockchain. Yes, bloated blockchain, but technology is changing by fork.
dbox2005,
Of course there are plenty of competing crypto currencies, I can’t even keep track, here are some partial lists:
https://www.hongkiat.com/blog/bitcoin-alternatives/
https://www.cryptocoinsnews.com/an-exodus-from-bitcoin-to-alternativ…
https://www.geckoandfly.com/23517/best-bitcoin-alternatives-cryptocu…
In fact, I should add another point to my earlier list: #6 fragmentation.
I’m concerned about the motivation for some of these alternatives. Obviously authors want to generate crypto coins at the beginning when it’s most profitable to do so. Then in theory once it gains popularity and valuation, it can become a stable currency. However the actual market incentive may not encourage this as we hope and as long as crypto-currencies are treated as an investment rather than a real-world currency, then the financial incentive is to sell out currencies once they’ve matured and continually restart over with very little risk using a new currency at the ground floor to maximize profits.
Obviously I cannot see the future, however human nature suggests that people will always seek the most profit, even if it destabilizes the currency du jour.
Beyond a flood of alternatives, there are the outright hard forks of bitcoin, where different factions of the community split apart over disagreements. The result can be incompatible blockchains from the point of the fork and inconsistent results depending on which version you use.
https://moneymorning.com/2017/10/23/the-bitcoin-hard-fork-survival-g…
This obviously is pretty bad. Successful transactions on one node may fail on another and then everything goes amok. I don’t know if there’s a solution because without a central authority, it’s pretty hard to enforce which algorithms people use.
Fair enough, even though your analysis is quite extensive you still don’t seem to understand what makes people invest their time and finances in this. Just looking from outside which has its merits does not guarantee that an individual has the right answers nor the right questions to tackle this. Let’s treat with the same approach which have made the Dutch tulips famous (“Tulip mania”) and agree we are living in the bubble and soon the crash will occur and wipe out 200 billions in asset value which again it may or may not. The technology behind it will continue to exist…and again there will be people willing to embrace it. That is the power and the value of this. Technically a fork is an improvement of an existing solution , I’m sure sooner then later better solution will alleviate the issue with the size of the block.
Alt-coins are just that an experiment Simple as that ..to me at least.
dbox2005,
Well sure, but it doesn’t help that you/your exchange may be using one fork and the people you need to exchange funds with may be using another. Consumers expect a principal of universality. A couple currencies may be able to co-exist, but the financial incentives for investors and developers to keep creating new currencies doesn’t help.
Excuse me but you sound like a bull investor turned into a bear
Now stay focused and see the big picture.
The Bitcoin revolution has started and there is no way back. They can make thousands of coins, nobody cares, all are derived work from Bitcoin and all are exchangeable for Bitcoin. How much simpler then that ?
dbox2005,
I’d argue that I do see the big picture, but the big picture isn’t as clear cut as many idealists want it to be. You clearly have faith in bitcoin, and I don’t have a problem with that, but it’s just not in my nature to have blind faith in these things. Furthermore I’m hesitant even to recommend bitcoin for less savvy users…it should be simple enough for everyone to use safely, except when it’s not:
https://bitcoin.org/en/alert/2015-07-04-spv-mining
In some circles bitcoin may have a sort of “V for Vendetta” allure for returning power to the people. In practice though bitcoin’s resiliency to operate without state intervention is not proven. In fact it’s not doing well in regions of the world where people have a real risk of being punished for running bitcoin nodes:
http://www.livebitcoinnews.com/venezuelan-bitcoin-miners-start-shut…
Laws are notoriously slow to catch up to technology, and in many countries bitcoin currently exists in a legal void. Yet in principal I have no reason to believe that bitcoins can’t be regulated possibly even more effectively than regular cash due to the digital footprints that are left behind.
I do enjoy the discussion, as off topic as it is
Edited 2017-11-24 22:52 UTC
And I did enjoy reading your posts, quite informative.
zima,
Haha, I enjoy yours too. Crypto currencies are really interesting. I’m not sure how much you follow them, but there are variations to the “proof of work” model, where bitcoin and friends rely on the difficulty of cracking difficult hash problems with enormous computing power.
Another model is known as “proof of stake”, which is used by peercoin and does away with the need for enormous hashing power. By changing the economic model, POS rewards the possession of currency (kind of like interest) rather than mining power. There are technical caveats with these too, but in terms of carbon emissions, it’s much less wasteful than POW.
https://bitcoinexchangeguide.com/proof-of-work-vs-proof-of-stake-min…
https://bitcoinmagazine.com/articles/what-proof-of-stake-is-and-why-…
Obviously currency became necessary so that people could exchange goods and services in non-reciprocal ways. You know, this sounds funny, but maybe we could just do away with currency all together. Fiat currency is already based on the arbitrary value of what it can buy, but in theory you could do away with it and instead go back to bartering. Some multi-party bartering services are on the rise, and I find this very intriguing! “I need X, I can offer Y” and the platform builds a graph of transactions between you and other users in the network to make it happen. The value of everyone’s needs and contributions can be derived in terms of the goods and services being exchanged rather than an independent currency.
How much is your work worth in lollipops? A bartering platform with enough participants should be able to tell you! This stuff is fun to think about. It just occurred to me that it should be possible to build such a platform using federated/P2P protocols with no central authority, that would be pretty cool
dbox2005,
This isn’t in response to anything you’ve said, but coincidentally it was just published today.
http://www.livebitcoinnews.com/coinomi-wallet-can-no-longer-audited…
Yikes…Open source is the way to go for bitcoin, proprietary bitcoin wallets are ripe for exploitation!
Edited 2017-11-24 23:18 UTC
Yeah, because corporations are The People, right??
Corporations with patents on how to efficiently dump data to the CIA and NSA. What the government can’t get away with, it outsources. So really, considering either corporate or government power by itself is foolhardy, because it’s going to boil down to the same good ol’ boy’s network. Either way, there’s a revolving door between the position of rich jerk and bought politician. Cronyism takes whatever it can get its hands on – that’s a simple reality we’ll have to account for when it’s time to rewrite our expectations of the government.
Edited 2017-11-22 07:43 UTC
A pager reveals your position. Otherwise it’s network operator wouldn’t be able to route the alert & message to it.
benoitb,
Did you read the article? This isn’t about the carriers knowing how to reach you, obviously they know which towers you are using. But they aren’t using your location data for advertising.
The controversy here is that google modified android so that they had the information, which their services don’t need but just because they wanted to track users without their knowledge and consent.
A one-way pager has no transmitting capability. It’s a receive-only device. POCSAG paging works kind of like your FM radio in your car, except instead of receiving music, it receives a coded signal that is broadcast from the pager company’s towers. This signal contains an address codeword and a message. All broadcasts are heard by all active pagers, and your pager will notify you if it hears its address codeword and will display the corresponding message. The paging company has no way to know whether you received the message.
Source: One of my first jobs as an adult was working as a technician for a local paging company back in the mid 90s.
Morgan,
Ah yes, I forgot about all of that. Are those kinds of systems still around?
Some emergency first responder units still use one way paging, and two way paging (similar to cell phone technology so is subject to location tracking) is still around and used by hospitals. There^aEURTMs also a subset of amateur radio that covers POCSAG one way paging.
Thanks for correcting me and sorry for spreading false information.
I’ll double check before writing nonsense in the future.
1000 upvotes
With the latests Android Google pretends the assisted GPS using the cell-tower coordinates doesn’t work unless you enabled location service and allow them to track you 24/7.
I think we need to get hold of the EU commisioner again.
One would be considered naive to think that Apple doesn’t do the same thing. Get over it.
Oh, so it’s alright if Apple does it? Silly me.
BushLin,
Two wrongs make a right, dont ya know! /sarcasm
In all seriousness though, both ios and android fail to check the boxes I want. The problem is that competition is dead, with a near absolute market duopoly. Neither really cares to address product deficiencies because they know that third parties have virtually no chance at grabbing a critical mass of the market. They can essentially say FU to consumers and get away with it because both companies know that we’ll still buy their phones even when they fail to meet our expectations or ethical concerns surrounding the use of our data.
Clearly corporations have grown too big for the good of free market capitalism. It cannot work when there’s no competition.
Amen,
The last commercial operating system I can remember which doesn’t send packets of data to the internet I didn’t ask for was Windows XP.
Now even Debian have abandoned applying privacy minded defaults to Firefox(iceweasel) and it’s a shit show of connetions to the likes of Google on first launch.
On mobile, privacy is hard to obtain and a forever moving target if security is of any interest to you.
There will likely never be a fully secure, fully private mobile OS/hardware combination. Even if you could build a 100% trusted phone with a 100% trusted OS, you’d have to concede some control to the mobile network operator. There are a few who respect their users (Ting in the US and Canada is phenomenal) but they ultimately answer to their top tier service providers.
How else would maps show where places are crowded or send notifications of events, offers that are around you.
How else would electric cars know of human presence to avoid imminent accidents..
Not saying it’s OK but it’s hard enough to set this requested features in reality.
At some point everyone will do this. Problem is not storing and processing, linking data at certain point.
Okay – ignoring the obvious…. (Google has a “find my phone” app, right?), and given a little knowledge on why this sort of thing is happening, here goes:
1) Accountability – if you are a terrorist/revolutionary/troublemaker and you use a smart phone, you are being tracked. The absolute hysteria that these acts causes dictates that someone somewhere is leaning on Alphabet, Microsoft and Apple to do this. I promise you this is probably one of the primary justifications for this outside of the “Google is marketing at you because of your movements”, or Google is tracking your phone so when you lose it you get to locate it – even if you forgot to turn location on.
2) Emergency services – when you make a call to 911/999/112 (insert your local emergency response number), your mobile phone (as part of the cell tower protocol) is triangulated and the position is reported. This is wildly inaccurate, but if you’re in a wide open location, this can be the difference between the emergency services finding you, and the Police combing the area and your body being recovered 2 days later. The problem is – this requires enough cell towers to make sense of the data, and the calculation is only done at the point you make the call. If the data was being collected frequently, it would be less triangulation, more plotting a path. I know for a fact that in the UK and now Ireland, certain smart phones will spin up the GPS when phoning an emergency number and give the co-ordinates to the call centre. This is way more accurate than triangulation, but still relies on there being a GPS signal. So, taking a constant log of data is actually way, way more helpful to emergency services in finding you in time. Combine the two and you have a very powerful tool.
And here’s the thing – sometimes we don’t even get as far as making that call. Say you are hiking and your friend wants to go a little farther, but you want to rest. You agree to keep in contact, you sit and wait for them. But then you need to pee, so you walk in to the forest and something happens to you – maybe you’ve fallen down a hole, or fell in to a river and got carried away – some theoretical made up disaster. Unconscious and unable to call for help. If your friend goes looking for you after an hour, how the hell would you get found? Connect the dots. Phone 999 (etc), talk to emergency services, “yeah he has a mobile phone, number is – 07771222333, okay? 200 metres east – I’m walking forward. OMG – please sent help I see him but he is injured badly.”
But you know the real reason is “find my phone”. It’s too obvious.
112 is not local, it’s standard on all GSM networks wordwide…
But still, in the UK I would dial 999, and in the US I would dial 911. In some countries, it varies depending on the service you want even.The point was, it varies, and I wasn’t going to list every possible combination.
Well yeah, in PL 999 is for medical, 998 fire, and 997 for police (plus some other less commonly dialed numbers that I don’t even remember, like for gas (leak for example) emergency …994? Nah, I don’t remember) But those are considered ~legacy (often now just connecting you to the same “command centre” as 112) and 112 kinda supersedes them (you can get all help through it) / it’s meant to work everywhere, not to vary.