Public open to cybercrime thanks to location tracking
Mobile and WiFi businesses accused of behaving dishonestly with customers
Customers are being put at risk by mobile and WiFi operators collecting and storing historical location data, it has been claimed.
Two independent reports carried out by privacy and digital rights organisations Open Rights Group (ORG) and Krowdthink,have found consumers are unknowingly signing up to have their location tracked 24 hours a day by mobile and WiFi service providers, which then sell the data on for profit.
Key findings from the report include:
- Service providers were not telling customers up front at the point of entering into a contractual agreement that their location will be constantly tracked and that information sold on to third parties or used for marketing.
- Not making it clear to consumers that they can opt out of tracking and data sharing
- Claiming they have to collect location data for security purposes, when they do not
- Questionable anonymisation practices to protect customer data
According to ORG and Krowdthink, if accessed by cybercriminals this data could end up for sale on the dark web. This could allow burglars to target houses when they know the occupants will be away and show when parents are doing the school run, thereby putting children at risk.
Jim Killock, executive director of the ORG, said: "Most of us have no idea that on top of the money they charge us, mobile phone companies are making money from our personal information - even the movements we make. Companies are permitted to collect and keep data for business purposes such as billing but that doesn't mean that they have an automatic right to process that data for other purposes without asking for our consent."
"We have a right to decide how our personal data is used. Companies need to make their privacy policies clearer and give us clear information about exactly what they are collecting, how long they will keep it for, how they will use it and, importantly, who they will share it with," he added.
To help overcome the problem, the two organisations have launched a campaign to raise awareness of the issue among the British public and encourage them to demand Wi-Fi and mobile service providers are more transparent about the information they collect. It also urges mobile operators to operate an opt-in policy, rather than an opt-out one. More information about the campaign can be found here.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now