> Pulling up a Google Maps-like satellite view, the sales rep showed the NSA’s headquarters in Fort Meade, Maryland, and the CIA’s headquarters in Langley, Virginia.
> Clicking on one of dots from the NSA allowed Clark to follow that individual’s exact movements, virtually every moment of their life, from that previous year until the present.
Anyone with a seat on a prominent ad exchange gets access to the millions of requests per second that include IDFA/AAID, a timestamp, the request source (e.g. app or web URL) and the likely location of the device to be used as a targeting option-- in some cases the device's phone number may even be populated in requests. Anyone with the resources can store (probably violating exchange's TOS) this firehose of data and do something similar. De-anonymizing the IDFA/AAID is probably pretty trivial, so who knows who else has this information-- essentially anyone posing as a DSP or advertiser on an exchange.
I would imagine this requires location access enabled for the app?
Credit to Apple for trying to rein in location access in apps. However, if location access is only enabled while using the app, it would then obviously get shared when positing and reading Twitter. That means even if you look at Twitter or Instagram once a day, then that builds a pretty good location history.
The real question is why would Twitter include GPS data in firehouse access? Seems like a serious privacy violation and obvious one at that. The President and other officials around the world look at Twitter. Seems like serious negligence on Twitter’s part.
We cannot count on people being paranoid about their location data like tech savvy people are. Maybe it’s time to limit location access to just Maps and any other app must justify location access, and also be verified not to share that data.
Android 'improve location accuracy' seems to hunt for previously geocoded wifi beacons, to locate those people who have their phone GPS disabled. It's surprising to me how people are willing to allow their phones to send this info to data brokers.
Oh, they just click Yes after google maps asked them literally every time they try to locate themselves on a map. This is clearly a dark pattern and a constant reminder why Google cannot be trusted.
The worst part is, once you've selected high accuracy (or accidentally clicked allow once), you can neber lermanently disable it again. It will re-enable high accuracy every time location is turned back on. I don't know how that was legal.
I don't know if this is still the case as I don't see a high accuracy option in settings anymore.
Someone in the industry once told me that it's common knowledge that what the NSA and CIA does with this data is then being sold to Saudi Arabia. The money just goes around and around.
> Clicking on one of dots from the NSA allowed Clark to follow that individual’s exact movements, virtually every moment of their life, from that previous year until the present.