Thursday, November 29, 2007

.

We know where you are...

At least partly to comply with new regulations about emergency services and mobile phones, the phones are beginning to include GPS devices within them. That would be a boon to providers of location-based services, except that, not surprisingly, some of the telephone carriers are restricting access to the GPS information — something they can do in the US, since most carriers allow access to their networks only to phones whose software is under the carrier’s control.

Google, though, has devised a clever way to (partly) get around this problem in Google Maps. By keeping track of access by users whose GPS data are not restricted, they can correlate information about the cell towers with the unrestricted GPS data and build a database mapping the towers to the locations that they serve. And they’ve done so.

Now, when a user comes in with a phone that doesn’t provide GPS information, the software just gets the cell-tower identification and looks up the estimated coverage area in Google’s database. According to Saul Hansell in the Times:

Google nicely tried to design the service to take into account its limitations. When you push the button, it draws a dot at the nearest cell tower and draws a circle around it to identify the area in which it thinks you are. The screen will tell you the margin of error, typically between 500 and 2000 feet.

Google sent me a Blackberry to try this out. (My cheap Times-provided Samsung isn’t nearly smart enough to perform this trick.) A test on a bus trip from suburban New Jersey to midtown Manhattan shows that Google’s system can generally figure out what neighborhood you are in, but it overestimated its own accuracy. I was often just outside its margin of error circle. Most comically, it insisted I had arrived in New York for the 20 minutes I was stuck in the Lincoln Tunnel. Anyway, this is a nice modest tweak to the service that will help people who are totally lost, but it’s not going to provide real-time driving directions.

No real-time driving directions, but it’s certainly good enough to suggest nearby restaurants and other services, or to set your map to a reasonable starting point that’s not too far away. On my current BlackBerry 8700, I have to enter my approximate location myself to get myself started. This would be a great improvement.

But note, here, that Google could be keeping track of all this stuff, could be correlating your phone’s identification with your GPS data (if it’s there), your cell-tower data, and your search items. “Not a bit of personal information,” says Steve Lee of Google, but, well, that just doesn’t ring true.

No, they don’t have your name, telephone number, or the like (though they certainly could get some of that from the phone, and who would know?). But they do have the ability to connect all the information they have from the same phone, creating a profile of a single user’s activity (where, when, and what queries). That alone can be significant, as we saw a year-ish ago, when AOL released search information that was, in the aggregate, personally identifiable (from 9 August 2006):

Buried in a list of 20 million Web search queries collected by AOL and recently released on the Internet is user No. 4417749. The number was assigned by the company to protect the searcher’s anonymity, but it is not much of a shield.

No. 4417749 conducted hundreds of searches over a three-month period on topics ranging from “numb fingers” to “60 single men” to “dog that urinates on everything.”

And search by search, click by click, the identity of AOL user No. 4417749 became easier to discern. There are queries for “landscapers in Lilburn, Ga,” several people with the last name Arnold and “homes sold in shadow lake subdivision gwinnett county georgia.”

It did not take much investigating to follow that data trail to Thelma Arnold, a 62-year old widow who lives in Lilburn, Ga., frequently researches her friends’ medical ailments and loves her three dogs. “Those are my searches,” she said, after a reporter read part of the list to her.

Now, suppose you add to that a record of where you were when you asked for information — and the propensity for the government to demand access to the data — and I think many of us would be... concerned, at least.

Of course, Google Maps isn’t the only such service that people are using on their phones, and any provider of location-based services could be keeping track of this and correlating it. And, to Google’s credit, they have so far refused to provide search data in response to government demands. But we don’t know what companies, the government, or the courts will do in future.

I’ll give the last word to Mr Hansell:

For almost everyone, this won’t matter. But if your location is really a secret, don’t ask Google to help you find coffee.

4 comments:

Anonymous said...

On the subject of deanonymizing supposedly anonymous data, see the recent Netflix + IMDB efforts. Nice summary here, and links therefrom.

{inw}

scouter573 said...

I wish I could think of something specific, but it would seem that one can use the power of a Google mash-up to add their database to the Netflix and IMDB information. And a few Amazon.com reviews and suddenly Barry is getting a text message everytime he walks near a microbrewhaus or a bookstore. Wouldn't that be convenient? Not.

And buy a copy of a backup DVD of the British medical disks or, say, some stolen data from the various security lapses in the last year or so that affected millions of people... Could get ugly fast. But I'm sure the private sector is all over this problem and has a ready fix... Government regulation and public law would be so unnecessary.

Unknown said...

I'd like to find a fairly authoritative description of how they're doing this. All the descriptions I've seen (including the one you quoted) don't ring quite true. At my home it shows a location a few blocks away (not bad!) at which I'm fairly certain there's no cell tower. So it's probably doing some triangulation based on relative amplitude measurement.

So how does Google get the information on what cell towers you're near? Aren't they just getting IP packets from the network? Or do they have some special arrangement with cell phone operators? From what I understand, there aren't many restrictions on where this feature works, so it can't be too much of a special arrangement.

While I'm not crazy about the idea of Google knowing yet more about me (noting that I'm using a Google identity to post this comment!), I think it's good for people to understand what information is available to at least certain parties about their whereabouts.

Barry Leiba said...

Well, we're not just talking about going to Google Maps in a web browser; there's a Google Maps application that runs on the BlackBerry (and I presume the same is true on other phones). Having written BlackBerry applications, I can talk a bit about what they can do:

The application can get active network information, which includes the cell-tower ID. It can also get the device's ID and SIM information that includes the phone number. It can transmit all that info to Google's server. I've written a program myself that did that, as part of a location-tracking service.

If it sometimes also gets GPS data, and transmits that too, the server can build its tower-location database over time. Then when a request comes in that doesn't include GPS, but has a tower-ID that's in the database, they can make their estimate.

Of course, this only works because enough people use their service that they can build that tower-location database over time. In other words, it works precisely because they're already big and popular.