Public open to cybercrime thanks to location tracking
Mobile and WiFi businesses accused of behaving dishonestly with customers
Customers are being put at risk by mobile and WiFi operators collecting and storing historical location data, it has been claimed.
Two independent reports carried out by privacy and digital rights organisations Open Rights Group (ORG) and Krowdthink,have found consumers are unknowingly signing up to have their location tracked 24 hours a day by mobile and WiFi service providers, which then sell the data on for profit.
Key findings from the report include:
- Service providers were not telling customers up front at the point of entering into a contractual agreement that their location will be constantly tracked and that information sold on to third parties or used for marketing.
- Not making it clear to consumers that they can opt out of tracking and data sharing
- Claiming they have to collect location data for security purposes, when they do not
- Questionable anonymisation practices to protect customer data
According to ORG and Krowdthink, if accessed by cybercriminals this data could end up for sale on the dark web. This could allow burglars to target houses when they know the occupants will be away and show when parents are doing the school run, thereby putting children at risk.
Jim Killock, executive director of the ORG, said: "Most of us have no idea that on top of the money they charge us, mobile phone companies are making money from our personal information - even the movements we make. Companies are permitted to collect and keep data for business purposes such as billing but that doesn't mean that they have an automatic right to process that data for other purposes without asking for our consent."
"We have a right to decide how our personal data is used. Companies need to make their privacy policies clearer and give us clear information about exactly what they are collecting, how long they will keep it for, how they will use it and, importantly, who they will share it with," he added.
To help overcome the problem, the two organisations have launched a campaign to raise awareness of the issue among the British public and encourage them to demand Wi-Fi and mobile service providers are more transparent about the information they collect. It also urges mobile operators to operate an opt-in policy, rather than an opt-out one. More information about the campaign can be found here.
The essential guide to cloud-based backup and disaster recovery
Support business continuity by building a holistic emergency planDownload now
Trends in modern data protection
A comprehensive view of the data protection landscapeDownload now
How do vulnerabilities get into software?
90% of security incidents result from exploits against defects in softwareDownload now
Delivering the future of work - now
The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.Download now