.png)
Apps and Location Tracking: What Are the Consequences?
INTRODUCTION
Of the many digital traces we leave in daily life, location metadata may be the most revealing. Location tracking is common in many applications because it’s so useful – it can allow you to get directions from here to there, discover the closest restaurants near you, or tell you your local weather conditions. These perks, however, can come with large privacy risks.
Companies that you would never suspect needing so much of your data, are quietly collecting enormous amounts of data. For example, in 2020, an investigation was done on Tim Hortons, as the Tim Hortons app reportedly tracked an individual’s location more than 2,700 times in five months. Commissioners say Tim Hortons collected “vast amounts” of granular location data with the aim of delivering targeted advertising, to better promote its coffee and associated products, but that it never actually used the data for this purpose.
Some of the apps on our phone sell or share location data about their users with companies that analyze the data and sell their insights. There are many ways location data can be used, and the market for this data is huge – the location data industry is an estimated $12 billion market. Collectors, aggregators, marketplaces, and location intelligence firms are potential buyers interested in your location data.
WHAT IS BEING COLLECTED?
Some apps genuinely need your location to work properly, but others have different motives. Many collect location data for reasons unrelated to their main function, like targeted ads or selling it to data brokers.
Once an app collects your location data, you lose control over where it goes. It can be sold repeatedly—from data providers to aggregators that combine information from multiple sources. It could end up in the hands of a “location intelligence” firm that uses the raw data to analyze foot traffic for retail shopping areas and the demographics associated with its visitors.
You might think, “I have nothing to hide.” But location data can reveal much more than you realize, such as:
- Where you get medical treatment and what kind
- If you visit a domestic abuse shelter
- Where you worship
- Where your kids play (if they have phones)
- When you’re on vacation and where you go
- Where you shop, eat, and bank
- Who you spend time with
Even though this data isn’t directly linked to your name, experts have shown that it’s easy to match location history with other data to identify people and their habits. In 2020, a religious publication used smartphone app data to infer the sexual orientation of a high-ranking Roman Catholic official. The publication claimed it obtained “commercially available” location data from an unnamed vendor and linked it to the priest’s phone, revealing visits to gay bars and private residences while using Grindr, a dating app popular with the LGBTQ+ community.
Privacy advocates have long cautioned that advertisers gather location and personal data, which is then compiled and sold by data brokers. This information can be used to identify individuals and is not subject to regulations requiring clear consent from those being tracked.
WHAT CAN I DO TO LIMIT LOCATION TRACKING?
The quickest and easiest way to reduce tracking is to delete unnecessary apps. Both Android and Apple allow you to check which apps have access to your location and whether they track it only while in use or all the time. If you don’t use an app often, consider removing it.
Your location can be tracked through your phone, logged-in accounts, internet connection, and location services. To limit oversharing, take these steps:
- Only allow location access for apps that truly need it.
- Set location permissions to “While Using the App” instead of “Always.”
- Only share “Find My Phone” with trusted friends and family.
- Review third-party apps in location settings—you might be sharing more than you realize.
Despite these precautions, location tracking can’t be completely eliminated. It’s important to support companies that provide clear and transparent privacy policies.
%20(1).png)
Protect your digital life by detecting risks before they escalate
Richter Guardian gives you enterprise-level cybersecurity tailored for individuals, families, and executives.
Related posts
Protecting Our Clients with Richter Guardian
The Challenge
In our modern digital landscape, cybersecurity threats are an equal-opportunity challenge that can impact anyone, anywhere. As our world becomes more interconnected through technology, it’s crucial to recognize that cybersecurity isn’t just a concern for tech experts; it’s a shared responsibility that affects us all.
In one such case, a client found herself facing a daunting cybersecurity challenge. While browsing the internet, she received a pop-up message claiming that her computer was compromised by a virus. The message instructed her to call a specific number, which were impersonating Apple Support. Unfortunately, she fell victim to this scam, leading to a compromise of her computer.
The root cause analysis suggests that her computer might have been compromised during the installation of browser filters to block ads, where cybercriminals took possession of her computer system for 45 minutes. The client was distressed upon receiving a fraudulent invoice, wondering how this happened to her. This case study highlights the importance of cybersecurity and how Richter Guardian can offer a solution.
The Solution
Richter Guardian, a comprehensive cybersecurity service offered by Richter, was instrumental in addressing this client’s situation. When the client reached out to Richter, our team quickly assessed the situation and took immediate action.
First, we onboarded the client to the Richter Guardian service, which includes social media protection, endpoint protection for devices (laptops, desktops, and mobile devices), and monitoring for compromised credentials on the dark web. This multi-layered approach ensured comprehensive protection for the client.
In addition to onboarding the client to Richter Guardian, we conducted a thorough analysis of her compromised computer. We also extended the protection to her mobile devices, ensuring her entire digital presence was safeguarded.
Furthermore, we educated the client on cybersecurity best practices, including the importance of strong, unique passwords and the use of two-factor authentication. We worked closely with her to ensure that her online accounts and data remained secure.
The Result
The results of our intervention were significant. The client experienced several benefits from our Richter Guardian service:
Peace of Mind: The client no longer felt vulnerable to cyber threats. She gained confidence in her ability to navigate the digital landscape safely.
Device and Data Protection: All her devices, including her compromised computer, were fortified against potential threats. Her sensitive data was secure, and she no longer worried about cyberattacks.
Reputation Protection: Richter Guardian helped protect her online reputation by proactively monitoring for impersonation attempts and taking swift action to remove any fraudulent accounts.
Educational Insights: The client received valuable insights and recommendations to enhance her cybersecurity awareness. She learned how to recognize potential threats and avoid falling victim to scams in the future.
Is Richter Guardian right for you?
Toyota Confirms Ransomware Attack, Data Breach
Introduction
Toyota Finance Services (TFS), a subsidiary of the well-known automaker, has confirmed that they were hit with a ransomware attack. TFS detected unauthorized access to some of its systems in Africa and Europe after cybercriminals claimed an attack on the company. The cybercriminals, also known as the Medusa ransomware gang, claims responsibility for the attack.
Summary Of the Incident
The Medusa ransomware gang had listed ‘Toyota Financial Services’ to its data leak site on the dark web and demanded a ransom payment of $8,000,000 to delete allegedly stolen data. The cybercriminals published sample data that included financial documents, hashed account passwords, passport scans, etc. to prove the intrusion. As of right now, the incident is limited to Toyota Financial Services Africa & Europe. A spokesperson announced that the process of bringing their systems back online is already underway.
How to Stay Safe
- Reset All Passwords – If you are reusing passwords across different websites, reset those passwords and employ hard-to-guess, complex passwords on those websites.
- Password Manager – To keep track of your complicated passwords, think about investing in a password manager. Password managers, like 1Password, place a secret key on your password manager to add a unique extra layer of security.
How Richter Guardian can help you
Richter Guardian can help you determine if some of your user accounts were involved in a previous breach:
- Our platform can determine compromised credentials through comprehensive dark web monitoring.
- Call us or send us an email at: +1 844-908-3950 and support@www.richterguardian.com if you are unsure about a situation.
Using AI Tools Securely: ChatGPT, Gemini, and More
INTRODUCTION
AI-powered tools are now integrated into various platforms, from office software and operating systems to image editors and chat applications. But how can you use ChatGPT, Gemini, DeepSeek, and other AI-powered tools without compromising your digital security?
AVOID SHARING SENSITIVE INFORMATION WITH AI CHATBOTS
OpenAI’s privacy policy indicates that user data may be utilized to enhance AI performance. When using services like ChatGPT, Sora, or Operator, your interactions could be used to train AI models.
According to a study done by Harmonic Security, 8.5% of prompts contained sensitive information.
Never input sensitive personal information such as passwords, passport or banking details, addresses, phone numbers, names, or any confidential business data. If necessary, replace sensitive details with placeholders like asterisks or “REDACTED.”
For professionals, especially software engineers leveraging AI for code review, it’s crucial to strip out any information that could reveal company secrets and/or application structure.
Everything shared with an AI chatbot has the potential to be stored and analyzed.
FREE AI SERVICES COME WITH HIGHER RISKS
Many free-tier AI tools explicitly state that they train on user data. Organizations using AI should consider investing in paid AI services like ChatGPT Enterprise, which ensures that user inputs and outputs are not utilized for training purposes.
Experts recommend paid plans as a more secure option for businesses looking to mitigate risks.
BEST PRACTICES FOR SAFE AI USE IN THE WORKPLACE
For businesses looking to integrate generative AI tools while minimizing security risks, Harmonic Security suggests shifting away from outright bans and instead implementing effective AI governance strategies. These include:
- Establishing clear AI usage policies and enforcing workflows.
- Monitoring AI tool usage in real time to track inputs and ensure compliance.
- Restricting the use of free AI tools that train on input.
- Classifying sensitive data to prevent exposure.
- Educating employees on responsible AI use and associated risks.
HOW CAN RICHTER GUARDIAN HELP YOU?
Richter Guardian can provide solutions to enhance your cyber hygiene, reducing the risk of data breaches and security threats when using AI tools. By following our recommended practices, individuals and organizations can leverage AI safely while protecting their sensitive data.