Hacker News new | ask | show | jobs
by indymike 2234 days ago
Many of the apps that sell your location use location as a critical component of the experience. Apple and Google added a permission last year - only allow access to location when app is running (in the foreground). That change has made a dramatic reduction in the amount of location data available.

Ultimately, free is the culprit. People like to navigate, buy stuff online, see things on a map, get local weather, and so on - especially if it is free. The old adage about if it is free, you are the product probably applies.
6 comments
cocoa19 2234 days ago
"Ultimately, free is the culprit. "

False... Plenty of companies take your money and still sell your data.

link
rmrfstar 2234 days ago
Airnb and the cell provides are good examples [1],[2].

The cell provider location data is the most insidious. They add noise to it, but the central limit theorem is a real thing and people who buy the data are aware of that.

[1] https://www.nytimes.com/2020/01/15/technology/data-privacy-l...

[2] https://www.vice.com/en_us/article/nepxbz/i-gave-a-bounty-hu...

link
derivativethrow 2234 days ago
I’m aware of what the central limit theorem is, but I’m confused as to what you mean here. Do you mind clarifying? It sounds like you’re saying the CLT leads to deanonymization. I don’t see how the two are related.
link
rmrfstar 2234 days ago
Take several measurements and average them. The variance scales like 1/n_samples, which can take you from city-block resolution to building resolution quite rapidly.
link
unishark 2234 days ago
There are conditions for the central limit theorem to hold though. One can generate random noise which violates them. It's certainly hard to guarantee privacy, but it's not trivially easy to hack if they're halfway smart about it.
link
meritt 2234 days ago
Correct. This "if the product is free, then you're the product!" thinking needs to go away. The reality is numerous companies sell your data today, regardless if you're paying for the service or not.
link
snovv_crash 2234 days ago
No, that thinking is correct. What isn't correct is when people think this has some bearing on when the product isn't free.
link
steerablesafe 2234 days ago
Most free as in freedom software are free as in beer and are not packed with anti-features.
link
snovv_crash 2234 days ago
Most cloud / Android / iOS software which is free as in beer isn't libre. Which is where the consumers are the product.
link
surround 2234 days ago
...such as cell service providers. All of them (in the US, at least) sell your location and browsing data to advertisers.

I would happily pay for a provider that doesn’t triangulate my location 24/7, but none exist.

link
chris_va 2234 days ago
(not defending their practices at all...)

They are required to for 911 support.

Obviously they are not required to keep the data, and especially not sell it.

(Minus maybe a sealed NSA directive, though that is pure speculation on my part)

link
eru 2234 days ago
In the EU they are required to keep some data by law. No clue about the location data, though.
link
zeepzeep 2234 days ago
Right? Seems like enough people are willing to pay for their privacy, the demand is there.
link
indymike 2234 days ago
It is possible for two things to be true at the same time. You are right, there are paid apps that sell location data to brokers... but the vast majority are free apps that rely on mass monetization of users for their income.
link
hnick 2234 days ago
And I'm not sure I need to say it on here but OSS exists, of course.
link
matheusmoreira 2234 days ago
Being a user of free applications and services does not automatically give corporations the right to exploit people by collecting and selling their personal information without consent.

Ironically, the data of paying customers is even more valuable. Spending money on these things is probably a great way to make them pay even more attention to you. For example, mobile game companies seem to know everything about their big spenders and I've read that some are in direct contact with those players.

link
judge2020 2234 days ago
> without consent.

that's the point, they "gave consent" via the terms and conditions checkbox, and this is upheld in court since the user knew they were getting the service for free. Few countries have kept up with their laws to protect consumers from this.

link
matheusmoreira 2234 days ago
> Few countries have kept up with their laws to protect consumers from this.

Seems to be a US thing. Apparently people can give up their rights and consumer protections by agreeing to a contract. Naturally, these "you agree to not exercise your rights" clauses have become standard in privacy policies and terms of service. In many other countries, a judge would simply invalidate the abusive clause.

Very few people are going to take this to court though. Regulators need to establish rules and proactively enforce compliance in order to bring about change.

link
rrix2 2234 days ago
>> Few countries have kept up with their laws to protect consumers from this.

> Seems to be a US thing.

This article was written about data collected in Norway by a data broker based in the UK.

link
kevin_thibedeau 2234 days ago
The US has no meaningful consumer protections to give up. Abusive agreements don't make things appreciably worse.
link
aaomidi 2234 days ago
Then allow me to pay if I want to?

I don't get this argument when an alternative doesn't exist.

link
nisse72 2234 days ago
And even if you are able to pay and choose to do so, do you think this means they stop collecting your data? I very much doubt it.
link
askvictor 2234 days ago
I think the problem is developers/companies only have so much time/resources, and figure that x people might pay for an app/service, but 100x will use it if it's free (with other monetisation strategy), then why bother coding & interfacing with a payment system (and this starts to get convoluted and require and entire department handling payment and tax issues across different countries and jurisdictions) for just 1% of likely users?

Not saying that's the right approach, but that's probably how the thinking goes. Billing is certainly easier than it used to be (that's what the 30% app store cut is for), but can still get convoluted, and might have the perception of being convoluted.

link
goatinaboat 2234 days ago
Then allow me to pay if I want to?

If you pay then you signal that you have disposable income and your data becomes even more lucrative to sell. It’s a no-win situation.

link
mayneack 2234 days ago
Some do. I pay to remove ads from the wunderground app which IBM claims means they don't sell my data. Not sure if believe them, but at least I don't see ads.

https://i.imgur.com/TlOo07T.png

link
meritt 2234 days ago
> Ultimately, free is the culprit.

No, it isn't. Consumer data being sold in a completely unregulated manner is the culprit.

Paying for the product or service has nothing to do with whether or not your data is being sold.

link
nerdponx 2234 days ago
Ultimately, free is the culprit.

Sort of. The real question is: how much does Google make with their free ad-driven model? You'd have to beat that with a paid model (taking into account the reduced userbase as a result of increasing the perceived price).

Also there is genuine value to having $0-cost high-quality maps, Internet search, translation, and many many many other things available to the general public, worldwide. I don't think you could match that same level of public benefit with a paid-only product.

link
alexfromapex 2234 days ago
Letting an app use your location and allowing it to sell that data should be mutually exclusive opt-ins in my opinion instead of just one setting
link
freepor 2234 days ago
The problem is that Apple has no way of truly controlling what someone does with data once they have it.
link