3 tracking technologies and their impact on privacy
Tracking technologies have become a hot-button issue with implications for consumers' privacy online and off the web. With the advent of location-capable smart devices, keeping tabs on users has become affordable, easier and more pervasive; now governments, employers and retailers have a broad range of embedded tools and tracking capabilities available to monitor people's actions.
Let's take a look at the three most popular tracking technologies and their impact on privacy.
What should you learn next?
GPS tracking
It seems like just about every mobile device out there today is equipped with whiz-bang technology, including the ability to pinpoint its location using GPS coordinates. The advances in global positioning systems have made traveling much less stressful for the recreational and business traveler. Additionally, GPS in company-supplied phones makes it easy to track where the device is – and by extension, the location of the worker holding it.
However, privacy issues have cropped up as law enforcement agencies and governments have begun using the GPS feature to track individuals. The Fourth Amendment limits the use of global positioning systems in this way, but it is not necessarily safe from unreasonable search and seizure.
Case in point: A famous decision was handed down by the US Supreme Court in the case of U.S. v. Jones, a privacy verdict that highlighted location tracking by the U.S. government. The court held that a government agency attaching a GPS-enabled device to Jones' wife's vehicle was a breach of the protection laid out in the Fourth Amendment.
However, the 5-4 opinion of the majority was geared towards the "physical intrusion" involved in the action of deploying a GPS tracker on a suspect's vehicle. Also, the Five-Justice majority said that whether government agencies constitute a search isn't measured by analyzing discrete activities but instead a collective sum of different actions over time. The reasoning meant open privacy concerns regarding GPS-tracking practices, which don't necessarily imply persistent observation or physical intrusion.
Besides government agencies, organizations that track company-owned smartphones and vehicles pose a significant threat to employee privacy. In 2015, Ireland-based UPC came under fire for wanting to integrate GPS tracking into workers' everyday operations. Staff members were concerned about their privacy, and that the GPS would ultimately be used as a spy tool.
With GPS tracking devices and apps, the vast majority of employers want to boost their employees' productivity. However, if the software was to be used for spying, employee backlash could disrupt operations. Security holes could also result in the device/software being hacked, which means personal data could be used for illegitimate activities, putting the personnel in question at risk.
Beacon-based tracking
Retailers increasingly are using electronic technology based on transmitters and sensors, called beacons, to monitor buying behavior and improve customer service. For example, they might publish relevant promotions and messages to a shopper's smart device and deliver location-specific marketing. But the technology, which has the ability to identify and track consumers' devices in-store, has also raised concerns over privacy.
There are three main reasons behind these privacy concerns. Firstly, the location data beacons generate can also be used by malware applications, which can provide adversaries with insights about consumers' locations. Many of these malware programs function invisibly, so a shopper whose location data is misused or hacked may not even know about unauthorized access to their location.
Secondly, retailers or tracking companies may not be practicing ethically Companies are supposed to offer an "opt-out" option, which requires them to give shoppers a choice to make themselves invisible to these technologies, but not every company follows their own rules. For example, retail tracking firm Nomi Technologies had to settle with the FTC for failing to stand by their own opt-out promises. And the privacy concern is further exacerbated by the fact that most people don't know their location information may be collected when they visit an airport or walk into a store.
Lastly, because smart cellular devices continuously receive and send electronic signals to connect with wireless networks and cell towers, MAC addresses of Bluetooth-enabled and Wi-Fi-capable devices can be tracked by system operators at a granular scale.
However, overall customer sentiment toward beacons remains "lukewarm" as many of them (especially millennials) are open to providing merchants access to their location — as long as they receive an upgrade, discount or deal for it.
Online behavioral tracking
Online behavioral tracking, the practice of tracking people's online actions over time to deliver targeted advertising, has become a primary method for publishers and ecommerce companies to reach consumers across a splintered Internet landscape. Simultaneously, it has become the bogeyman for privacy activists who are concerned about the way data is collected, stored and used.
In fact, software company Ghostery's "Tracking the Trackers" report revealed that on three-quarters of all websites that people visit, they're receiving a tracking cookie that monitors their online behavior. Also, 15 percent of page loads on the World Wide Web are monitored by ten or more companies. 10 percent of all sites transmit the data they collect to ten or more additional firms.
Therefore, even if you're opening websites of businesses that you trust – such as your child's educational institute or your personal bank – there's no way of guaranteeing that any of your online activity won't be packaged up and distributed. Even if companies like Google and Facebook take your consent, your data could end up in the hands of an organization that uses it in an unethical manner.
Another major concern is the security of the information that is being collected. Cybercrime has become a norm in this century. Data breaches and other similar incidents can potentially expose highly sensitive data stored on the servers of organizations utilizing online behavioral tracking. One case occurred as recently as the end of 2017 when Equifax – a credit reporting firm – was hacked, and the sensitive data of its 143 million customers was exposed.
Conclusion
Given the vast and growing threats to consumers' data, it seems that privacy concerns around online behavioral tracking remain far from being resolved.
GPS, beacon and behavioral tracking technologies make today's smart devices and browsers convenient and fun to use. However, the risks to users' privacy should not be neglected. People should be encouraged to deactivate location services whenever they aren't required. And remember, rejecting website cookies won't distort user experience in most instances.
In the end, enjoying our smart devices also means staying vigilant.
What should you learn next?
Sources
- United States v. Jones, USSC
- UPC wins right to use GPS to track staff, Irish Examiner
- Retail Tracking Firm Settles FTC Charges it Misled Consumers About Opt Out Choices, FTC
- Tracking the Trackers, Ghostery
- What we learned from Facebook's latest data misuse grilling, TechCrunch
- 12 pre-built training plans
- Employer-requested skills
- Personalized, hands-on training
In this Series
- 3 tracking technologies and their impact on privacy
- Free Valentine's Day cybersecurity cards: Keep your love secure!
- How to design effective cybersecurity policies
- What is attack surface management and how it makes the enterprise more secure
- Is a cybersecurity boot camp worth it?
- The aftermath: An analysis of recent security breaches
- Understanding cybersecurity breaches: Types, common causes and potential risks
- Breaking the Silo: Integrating Email Security with XDR
- What is Security Service Edge (SSE)?
- Cybersecurity in Biden’s era
- Password security: Using Active Directory password policy
- Inside a DDoS attack against a bank: What happened and how it was stopped
- Inside Capital One’s game-changing breach: What happened and key lessons
- A DevSecOps process for ransomware prevention
- What is Digital Risk Protection (DRP)?
- How to choose and harden your VPN: Best practices from NSA & CISA
- Will immersive technology evolve or solve cybercrime?
- Twitch and YouTube abuse: How to stop online harassment
- Can your personality indicate how you’ll react to a cyberthreat?
- The 5 biggest cryptocurrency heists of all time
- Pay GDPR? No thanks, we’d rather pay cybercriminals
- Customer data protection: A comprehensive cybersecurity guide for companies
- Online certification opportunities: 4 vendors who offer online certification exams [updated 2021]
- FLoC delayed: what does this mean for security and privacy?
- Stolen company credentials used within hours, study says
- Don’t use CAPTCHA? Here are 9 CAPTCHA alternatives
- 10 ways to build a cybersecurity team that sticks
- Verizon DBIR 2021 summary: 7 things you should know
- 2021 cybersecurity executive order: Everything you need to know
- Kali Linux: Top 5 tools for stress testing
- Android security: 7 tips and tricks to secure you and your workforce [updated 2021]
- Mobile emulator farms: What are they and how they work
- In-game currency & money laundering schemes: Fortnite, World of Warcraft & more
- Quantitative risk analysis [updated 2021]
- Understanding DNS sinkholes - A weapon against malware [updated 2021]
- Python for network penetration testing: An overview
- Python for exploit development: Common vulnerabilities and exploits
- Python for exploit development: All about buffer overflows
- Python language basics: understanding exception handling
- Python for pentesting: Programming, exploits and attacks
- Increasing security by hardening the CI/CD build infrastructure
- Pros and cons of public vs internal container image repositories
- CI/CD container security considerations
- Vulnerability scanning inside and outside the container
- How Docker primitives secure container environments
- Top 4 Zapier security risks
- Common container misconfigurations and how to prevent them
- Building container images using Dockerfile best practices
- Securing containers using Docker isolation
- Introduction to container security
- Top 8 Microsoft Teams security issues
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
General security
Free Valentine's Day cybersecurity cards: Keep your love secure!
General security
General security