Public open to cybercrime thanks to location tracking

A padlock against a golden background to represent cyber security

Customers are being put at risk by mobile and WiFi operators collecting and storing historical location data, it has been claimed.

Two independent reports carried out by privacy and digital rights organisations Open Rights Group (ORG) and Krowdthink,have found consumers are unknowingly signing up to have their location tracked 24 hours a day by mobile and WiFi service providers, which then sell the data on for profit.

Key findings from the report include:

  • Service providers were not telling customers up front at the point of entering into a contractual agreement that their location will be constantly tracked and that information sold on to third parties or used for marketing.
  • Not making it clear to consumers that they can opt out of tracking and data sharing
  • Claiming they have to collect location data for security purposes, when they do not
  • Questionable anonymisation practices to protect customer data

According to ORG and Krowdthink, if accessed by cybercriminals this data could end up for sale on the dark web. This could allow burglars to target houses when they know the occupants will be away and show when parents are doing the school run, thereby putting children at risk.

Jim Killock, executive director of the ORG, said: "Most of us have no idea that on top of the money they charge us, mobile phone companies are making money from our personal information - even the movements we make. Companies are permitted to collect and keep data for business purposes such as billing but that doesn't mean that they have an automatic right to process that data for other purposes without asking for our consent."

"We have a right to decide how our personal data is used. Companies need to make their privacy policies clearer and give us clear information about exactly what they are collecting, how long they will keep it for, how they will use it and, importantly, who they will share it with," he added.

To help overcome the problem, the two organisations have launched a campaign to raise awareness of the issue among the British public and encourage them to demand Wi-Fi and mobile service providers are more transparent about the information they collect. It also urges mobile operators to operate an opt-in policy, rather than an opt-out one. More information about the campaign can be found here.

Jane McCallion
Deputy Editor

Jane McCallion is ITPro's Managing Editor, specializing in data centers and enterprise IT infrastructure. Before becoming Managing Editor, she held the role of Deputy Editor and, prior to that, Features Editor, managing a pool of freelance and internal writers, while continuing to specialize in enterprise IT infrastructure, and business strategy.

Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.