I'm really over trying to fight companies on this on an app-by-app basis. If we want this to stop, it has to be through legislation. Either we allow companies to do it and stop acting shocked when it happens, or we legislate the possibility away.
I prefer non-legislative way. Mobile OSes are already doing something towards this. Notification warning like "app X is using your GPS" - even though it's closed or even though your screen is off. Or only allowing GPS usage while the app is on your screen.
I don't think many people care though. And even if you disagree on that, I think it should be their right to sell their privacy for convenience if they want to.
iOS (as of version 11) gives you an option to force "Only while using the app" access for location services.
The change was probably triggered by Uber's creepy "we're going to track you for several minutes after you get out of the car" thing last year. Generated a lot of media attention and Uber has since stopped doing it.
Mobile OSes and web APIs should have distinct permissions for foreground location data and background location data. I'll gladly give my current location in exchange for temporary convenience, but the way it works now I have to give my location away from now until such time as I uninstall the app or jump through the hoops necessary to revoke permission.
I definitely have complaints about the existing business models of companies that do this, like opaque (or outright dishonest) TOS. But I agree that privacy legislation is far from the only obvious answer.
Ideally, I'd have control over the location data my phone provides at the active-app, installed-app, and total-shutoff levels. I don't actually mind giving out location data, I just want to know and make a choice when it happens. Fortunately, iOS is rapidly headed that way, and Android has made some promising moves.
I do think there's a slightly scarier conversation to be had about the externalities of "selling privacy", though. The Facebook 'shadow profile' situation is the obvious demonstration, but far from the scariest possibility. The possibility of building up a near-comprehensive profile of someone from other people's location, image, and messaging data raises real questions about what it even means to talk about 'personal privacy' in any public setting.
I don't know why everyone is always so shocked. People want smart devices/services that understand them. Where do you think the data comes from? From you!
This can be used to excuse the worst kind of behaviour. Maybe if MoviePass can't operate profitably without violating people's privacy, it's just not a good startup idea.
But since a million people are happy to sell their location data for movie tickets, it is a good startup idea. To say otherwise an excuse to restrict other users' freedom, a pretty bad behavior.
> But since a million people are happy to sell their location data for movie tickets, it is a good startup idea. To say otherwise an excuse to restrict other users' freedom, a pretty bad behavior.
It is a different story if they are upfront with what MoviePass is using it's users' location data for.
That's the struggle. Virtually unlimited movie tickets each month for the price of one movie ticket a month sounds too good to be true because it is. There's no way for this to work without some other source of revenue. If you would like the option to pay more and NOT be tracked, we just call that buying movie tickets and you've been able to do it all along.
But as a consumer I don't care what MoviePass wants or needs, that's not my problem. I'd milk them for all the tickets they're worth and then when they shutter I'd just go back to buying tickets like I used to for decades past. They offer marginal convenience at best for something that really wasn't all the inconvenient to begin with.
I think it's because there is no apparent user facing feature that uses this data. In the future they may get parking related features, or deeper ride share integrations. But because they're not upfront with how they are using the data, and their are currently 0 user facing features it seems unwarranted.
The market equilibrium rests where you can extract maximum value, if they can get away with tracking, they will do it, it has absolutely nothing to do with it being a fair deal or not.
Moreover how can our government condemn commercial data mining while at the same time expanding domestic surveillance? "Don't share your data its harmful! Unless you share it with us!".
Just because we have not made progress in domestic surveillance does not mean we can't make progress in commercial data mining. It may be hypocritical to have one at the rate we do and legislate the other (though I don't think it necessarily is), but it's better to do that than to have both.
Back when the US Constitution was drafted, there was virtually no commercial data gathering. So we arguably need the Fourth Amendment extended to the commercial sector. Maybe also the First Amendment.
Why is a one size fits all government solution better? You control your phone and the apps on it. Don’t like the app tracking your location before and after movies? Kill it or limit it to While Using (if on iOS). And you can always uninstall it.
Why don't you do what I did and put your money where your mouth is. Go back to using an old style text message only mobile like a nokia (other brands are available). It is such a joy to have a simple communications device. Do it!
Should the government also ban the possibility of ad-supported websites? Technology costs money and if there is a way to subsidize or remove the cost faced by consumers that isn't always a bad thing.
Transparency of "this is how we are able to provide you a free app/service" could be improved, though.
Well, the government benefits from scarcely regulated data gatherers. While the law doesn't seem to matter these days, the government has long used the data of private companies which it can't legally collect.
Probably the likeliest solution is at the software level. There's no reason there couldn't be software to send fake locations to apps that you don't make an explicit exception for.
Rare is the problem that legislation actually solves.
And
People don't want to pay for apps with money, they "just want them". So they pay with their data. The problem here isn't with the transaction, the problem is people are in the dark with what they are actually paying with.
Companies are allowed to do this. Their TOS protects them.
