Geolocation Tracking & Privacy in 2024: The Creepy Details You Need to Know
Many common technologies can be used to track your location, including your phone. To protect yourself, turn off location settings on all your accounts and use a VPN to browse anonymously. I recommend ExpressVPN, which you can try for free with a 30-day money-back guarantee.
In the 21st century, we were supposed to get jetpacks and faster-than-light space travel. Instead, we got geotracking: a suite of exciting new ways to invade people’s privacy.
Modern smartphones are the most sophisticated tracking devices ever invented. In part, that’s because they somehow convinced us all to carry tracking devices around willingly. Nearly every phone is equipped with “location services,” which really means the ability to track your phone — and to track you by proxy.
- Best VPN to prevent tracking
Geolocation tracking, also known as geotracking, was sold to us as a convenient method to get directions or find missing phones. However, it’s also a boon to advertisers, stalkers, overbearing parents and many other people you don’t want following you.
Privacy Journal’s mission is to help you fight back. In this article, we’ll explain how geotracking works, who’s using it to follow you and how you can foil their plans.
Is Location Tracking Legal?
It’s illegal for an individual to track another individual’s location without their consent. Ironically, it’s completely legal for a corporation to do this, though that would change if ADPPA becomes law.How Do You Get Geolocation?
Turn geolocation on or off on your iPhone by going to Privacy > Location Services, or on your Android phone by going to Settings > Biometrics and Security > App Permissions > Location.Why Is Location Tracking Bad?
Every citizen has a right to privacy under the Fourth Amendment to the U.S. Constitution. Violating this right without the person’s consent is not only morally wrong, it’s also illegal.
What Is Geolocation Tracking (or Geotracking)?
Geolocation tracking, or geotracking (sometimes written as geo-tracking), is a technology that makes it possible to remotely track an object’s exact position. Advanced geotracking can follow an object — and by extension, the object’s owner — in real time.
As long as the object is connected to the internet in some way, it can be located by triangulation. That’s the science of calculating a point using its direction from two other points. It’s like following a pirate treasure map: There’s only one spot on the island that’s due south of the cove and due west of the crossed palm trees.
Geotracking of cell phones uses information from cell towers, GPS satellites and WiFi access ports. Using the direction of the signal from two or three towers to your phone, it’s possible to pinpoint your location down to the square foot.
That sounds terrifying, and it is. However, like any technology, there are some non-evil uses. In fact, you probably take advantage of geolocation every day. If you’ve used Google Maps to navigate to an address, tracked down your phone with the “find my phone” feature or determined what hot singles are currently in your area, you’ve used geotracking.
But there are plenty of uses of geotracking that are creepy, and that’s mostly what I’ll be discussing today. First, I’ll help you understand the scale of the problem, then give you some tools to fight back.
What Kind of Data Does Geotracking Reveal?
Geotracking takes several forms. It can look like a corporation watching you through a back door in its app, but it can also be more physical. Right now, you can order a tracking device on Amazon, plant it on someone’s car and follow their movements in real time. In more than half of U.S. states, it’s not even illegal.
Real-time geotracking can reveal not just your location, but how long you spend there. From there, information brokers can deduce your entire daily routine. It’s a short hop from there to detailed information about your life.
How is that possible? Imagine you were tracking someone’s every move through their phone, but had no other information about them. You watch them for a full day and notice that their phone stays in the same place for 12 hours straight. The conclusion is clear: That’s where they live.
Knowing someone’s home address is creepy enough, but from there, you can puzzle out nearly everything else. Residence can indicate a subject’s language, income, habits, family and education. Chances are, there’s a neighborhood in your city where, if someone lives there, you know all you need to know about them.
A 2018 New York Times expose revealed that many apps locate their users as often as every 20 minutes. NYT reporters followed a volunteer for four months, during which they gathered location information over 8,000 times. From her location alone, they figured out that the subject worked as a teacher, owned a dog and was trying to lose weight.
This information is worth more than gold to people who are trying to sell you things. App companies make a lot of money — in some cases all their money — from selling location data and related information. Across the globe, the market for location intelligence is expected to grow to $36 billion by 2028.
Who Is Tracking You and Why?
As the NYT report shows, geotracking is both legal and easy. Everyone wants to get their hands on your location data: corporations, governments — even family members and individuals who might mean you harm.
You might think geotracking is limited to people who can get into the back doors of apps (or pay the people who can), but this is changing as tracking devices get cheaper and more widely available. An Amazon search for “GPS tracker” revealed 487 results, some costing less than $20. That’s how much your privacy is worth if someone you know wants to track you.
In this brave new world, it’s hard to know exactly how many different parties have their fingers in your geotracking pie. In this section, I’ll run down all the categories of people who might try to track your location, and why.
1. Businesses: Data Is the New Oil
Advertising is the worst. You know it, I know it and the people showing you the ads know it. If you’re anything like me, you’ve never once looked at an ad and been wildly excited to pay for the product.
Businesses want geotracking data so they can do an end run around your natural anti-ad cynicism. Ads work best when you’re receptive to them. Ideally, this means you sought the ad out yourself, but it can also mean you’re in a situation where the ad looks a lot better than it might otherwise.
Corporate data harvesting is all about catching you in those contexts. If Coca-Cola can tell you’ve just been at the gym, it can step up advertising for cold drinks. If Weight Watchers knows you just went to McDonald’s, it can take advantage of your guilt. Practically every violation of your privacy is a potential money-making opportunity.
Not only is geolocation-based advertising popular, it’s practically necessary in a world where the internet offers many essential services for free. Just like broadcast TV can’t survive without funding through commercials, the online economy has to tie itself to advertising in order to stay afloat.
2. Spouses: Can I Track My Wife’s Phone Without Her Knowing?
Recent years have brought technology to the masses that allows stalkers, paranoid partners and other dangerous people to act on their worst impulses. Led by Spyic, this genre of app is installed on the target’s phone without them knowing. If you’re connected through a cloud service, you don’t even need to have their phone with you.
Once installed, spy apps run quietly in the background, feeding information back to a dashboard operated by the abuser — sorry, “installer.” Through geotracking, the installer can follow their target’s whole day, and even view logs of their prior movements like some kind of serial-killer Family Circus comic.
Spy apps aren’t just for spouses. Although they’re often marketed as a tool to deal with cheaters, you can secretly install them on any phone you can get alone for a few minutes. Intimate partners just happen to be the most likely target, though minors are also often victims (see the next section).
Many of these apps can also view the subject’s texts, calls and internet searches. But don’t worry! Spyic has a privacy policy that promises it won’t share your personal data with third parties. In other news, Genghis Khan has been awarded a Nobel Peace Prize.
One other thing to know about spy apps: They’re not legal. Installing Spyic or a similar app can count as warrantless wiretapping, which is a felony in all 50 states. The only exceptions are if you’re monitoring a minor you’re responsible for, or if the enrolled devices are owned by your employer and used for business purposes.
If you catch someone spying on you with an app, you can get them arrested. However, it helps to have a paper trail (see “How to Keep Your Location Data Safe”).
3. Parents: Tracking Apps for Kids
Once again, I’m going to let my feelings bubble up here. If you force your children to download an app that tracks their every move, you have no right to complain that they never call you once they’re adults.
Many parents take advantage of their legal sovereignty over their kids to make them install apps like Life360 or MamaBear — apps almost identical to the spouse-stalker apps in the last section. These parents will then complain, without a shred of irony, that kids these days don’t play outside anymore.
Life360 and its imitators prey on natural parental fears. Of course it’s scary when you don’t know where your children are. Instead of learning to respect their boundaries and autonomy, it’s so much easier to have an app tell you whether or not they’ve returned directly home after school.
The biggest problem here (yet far from the only one) is that teens are extremely good at beating technological restrictions. You will never know more about your teen’s phone than they do. Moreover, if you train them to think of their phone as a tracking device, they may just start leaving it behind. Then they won’t have it if they get into a real emergency.
The only alternative to digitally stalking your child is building trust with them through open communication. If that sounds too hard, tough: You’re the one who had the kid in the first place.
4. Stalkers: Every Breath You Take
Stalking is defined as any aggressive or persistent behavior against another person that causes them to fear for their safety and change their daily routine. It’s an insidious crime because of how hard it is to distinguish from normal behavior. Just existing in a location isn’t against the law. But if that location is your ex’s workplace, it can cause them trauma and stress regardless.
I say “ex” because nearly 3 in every 4 stalking victims were stalked by someone they knew. Like so many of the worst crimes, among them kidnapping, rape and murder, we imagine them to be perpetrated by shadowy strangers — but most crimes are committed by those close to the victim.
Why is this relevant? It’s much easier to unlock someone’s phone or bug their car if you know them already. Apps like Spyic, which were developed solely to make money from people’s insecurities, have inadvertently handed stalkers a potent weapon.
5. Law Enforcement: Know Your Rights
Big tech companies like to have diverse income streams, especially since they don’t charge for their most popular products. Advertising is a big source of revenue, but something else pays well too: selling information to the United States government. Geolocation brokers like X-Mode buy information from apps that use location services, then resell it to law enforcement agencies.
One particularly egregious case concerned Muslim Pro, an app that showed Muslims the direction of Mecca for their daily prayers. The app used live location services to do this, and sold that data to X-Mode. The government then bought reams of information it could use to discriminate against an already-persecuted demographic.
In one of the U.S. Supreme Court’s few good decisions of the last 20 years, it ruled that police must show a warrant for geotracking data to be admissible in court. However, this decision doesn’t make it illegal to collect the data without a warrant in the first place.
This is to say nothing of cases like the PRISM program, revealed to the public by Edward Snowden. Under PRISM, the government doesn’t even have to pay for data on some apps: the companies install back doors for intelligence agencies to just take what they want. Google, Facebook, Amazon, Verizon and more were included.
6. Anyone Who Can Use AirTags
I can’t end this section without a quick note on AirTags. An AirTag is a device developed by Apple that’s meant to help you track items you frequently lose. Put them in your wallet or on your keychain, and those things can be tracked with the “find my” app.
If you’ve already noticed that this is a stalker’s dream device, then congratulations: You’re about 10 months quicker than Apple. After AirTags were released in April 2021, it took Apple until February 2022 to release an update grudgingly admitting that it had accidentally invented the perfect stalking machine.
In the meantime, AirTags came up in a truly mind-boggling number of stalking cases. Apple protested that it sends notifications if an AirTag is active nearby…but only if the user has an iPhone (it did eventually release an Android app with the same purpose).
Nor is Apple the only part of the problem. It may have addressed some of its issues, but other copycat products are now flooding the market, many of them far less in the public eye than Apple. There are apps that can locate the presence of trackers on your person or in your vehicle, but if you’re concerned about stalking, it’s also a good idea to search with your own eyes.
A Note About the ADPPA
The American Data Privacy and Protection Act (ADPPA) is the latest attempt to introduce legislation to protect Americans from unrestricted data harvesting. Right now, there’s no comprehensive protection for online data that doesn’t fall under another protected category, such as finance or health care.
ADPPA is a shot at creating something like the EU’s General Data Protection Regulation (GDPR), and for the moment, it seems to have a good chance of becoming law. The bill enjoys bipartisan support in congress, and President Biden is likely to sign it if it passes.
ADPPA would force corporations to collect as little data as possible, and would give individuals standing to sue for violations. It also includes a “right to be forgotten,” requiring databases to delete your information upon request.
The bill also explicitly applies to geolocation data. If anything in the last section made you angry and you’re looking for something you can do, call your representatives and ask them to support ADPPA. It’s not perfect, but it’s the best legislation to come down the pipe in a long time.
How to Keep Your Location Data Safe
Frustrated after reading about all the people engaging in location tracking, and all the technology they can use to do it? You’re in the right place. Use the tips in this section to keep yourself safe.
Turn Off Location Services on Mobile Devices
The first step is to stop consenting to location tracking. Some devices share your geolocation by default. Others don’t track you themselves, but might permit third-party apps to do so. If you don’t enable location services, you take a tool out of their arsenal.
On an iOS device, go to settings -> privacy and find the location services settings. Turn off location tracking for all apps that don’t explicitly need it. You can set the apps that do, such as Google Maps, to “only while using.” However, you’ll need to hard-close these apps when you’re done using them, lest they continue transmitting your location in the background.
If you use Android, you’re starting in a better position. The current versions of Android operating systems block apps from using location services without your explicit consent. It’ll ask you for geotracking permission on a case-by-case basis. To check whether you’ve turned on location services accidentally, go to settings -> biometrics and security -> app permissions -> location.
Stop Google From Tracking You
You may have turned off your location services, but if you have Google Chrome synced to your mobile device, the company can still track your location history through your Android or iOS mobile device — and sell that information behind your back.
You can keep this from happening by signing in to your Google account on Chrome, then going to personal info & privacy -> manage your activity controls. Under the location activity heading, turn the switch to off, and delete all the location history in your account.
Hide Your Phone’s ID Number
Did you know your phone has an ID number? You might know it has an IP address when it goes online, but an ID number is a bit different. For one thing, it’s associated with the device itself, not the modem it uses to get online. For another, it’s not used by your ISP or the websites you connect with — only by advertisers.
Advertisers ID phones so they can use the motions of those phones to target ads. If phone 12345 spends an hour every week at a therapist’s practice, websites seen through that phone’s browser get ads for self-help courses.
Luckily, turning off your ID is simple. On an iPhone, go to settings -> privacy -> advertising. Scroll to “limit ad tracking” and turn it on. On an Android phone, navigate to settings -> google -> ads, then turn on opt out of ads personalization.
Use a VPN to Browse Anonymously
Even if you’ve blocked advertisers from seeing your device’s ID and location history, they can still identify you with your IP address. An IP address is important for showing you the right websites, but it can also be used to track your browsing habits and location information.
There’s an easy solution: use a virtual private network (VPN). A VPN is a network of servers that encrypts any connection that runs through them. Your internet connection runs to the VPN server before its final destination, so any snoops only see the VPN’s IP address, not yours.
On your phone, that means that even if some app succeeds in obtaining data on your physical location, it can’t connect the data back to you. A VPN with a user-friendly mobile app, like ExpressVPN or NordVPN, makes this simple.
Protect Your Phone In Real Life
If you follow the four steps above, you should be safe from any attempt by strangers to track you for advertising purposes. But that’s not the whole story with geotracking. This technology can also be used by people you know in real life — people who may want to control you, threaten you or do you harm.
A lot of geotracking methods require the stalker to get ahold of your phone. If you aren’t sure about your relationship for any reason, or suspect your partner might be getting paranoid, don’t let your phone out of your sight where they might find it. Installing a tracker app on your phone takes less than five minutes. By the time you catch them, it could be too late.
If they know your access code, change it (in fact, change it anyway). Turn off touch ID immediately so they can’t force you to put your thumb on your phone or use it when you’re asleep. If you share a living space, hide your phone somewhere safe.
Make sure to disconnect your phone from your iCloud or any other sync accounts. Online connections can be used to install tracker apps on your phone from a remote location.
Even if you aren’t ready to take more serious steps like ending the relationship, defending your phone is a concrete defense of your rights and safety.
Check For Tracking Apps
If your partner or another stalker does manage to access your phone and install a tracker app, its presence will give off subtle signs. Here’s what to look for.
More than anything, watch your partner’s behavior. Do they always seem to be able to find you, even if you don’t tell them where you’re going? Do they mention things they wouldn’t know unless they read your private texts? Start recording every instance that makes you suspicious so you can show the police and your lawyers if necessary.
Your battery may start draining faster, despite your usage behavior not changing. If this happens at the same time as an increase in data consumption, there could be an app running in the background. Check the battery and data indicator pages to see if they show an app you don’t recognize.
If an app is recording your voice calls, you might hear unexpected echoes while talking. The app may also turn on your phone screen randomly while it runs in the background.
Use Apps That Fight Back
Technology is forever a mixed bag. Just as there are apps for harassing and stalking, there are also apps for self-defense. VPNs are a great start, but they can’t protect your phone from being tracked through cell towers or its own GPS signal.
If you suspect someone is tracking your phone, get iMyFone AnyTo. It’s got a terrible name, but a great function: It masks your location and shows you moving around in a plausible but false way. Any stalkers will be led to the wrong places time after time.
Think someone is spying on your phone activity? Get iAmNotified, which will send you a notification every time someone remotely accesses your mobile device. This is great for logging evidence for criminal charges.
Final Thoughts on Geolocation Tracking & Privacy
Like every invasion of your privacy, geotracking relies on you not defending yourself. A few small steps can make the difference between a private life and one where your every move is tracked.
There’s a lot of good news. As the ADPPA indicates, people are finally beginning to understand the need to regulate geotracking and data harvesting. Person-to-person stalking and spying is already illegal, but unfortunately, the onus is on the victims to step up and report it.
Together, we can fight back against the people who find our privacy and rights inconvenient. Do not consent, stay vigilant and never go online without a VPN.
We’d love to hear your geotracking stories in the comments. Did you ever foil an attempt to track you? Ever see an ad that suddenly made it clear that Google was following your movements? Let me know, and thanks for reading!
Hi,
Since a few months ago there’s a kind of vigilante app. apparently tracking live geolocalization of people who were somehow tagged (unknown criteria) as cybercriminals.
People who use the app. harass the ones labeled by that app. either by staring to them, taking pictures of the person without consent and so forth.
That’s clearly an invasion of privacy and on the top the data provided by the app is not accurate.
Have you heard about any case similar to the situation described above ? And is there a legal recourse available ?
Thanks