Researchers have demonstrated it’s possible to track an Android user’s location without apps ever requesting location or Wi-Fi access
Android apps can track a user’s location and glean potentially private, personal information – such as where you work or live – just by monitoring the internal sensors. More importantly, they can do this without ever needing access to a device’s GPS or Wi-Fi permissions.
Researchers from the College of Computer and Information Science at Northeastern University say that the findings are particularly significant as tracking user routes and locations doesn’t require any active permissions as the apps are installed, meaning users would never know this was possible.
To test their theory, the researchers built an Android app that would collect data and map it to world’s roads using OpenStreetMap.
To then test the accuracy of this theory, they applied the algorithm to real trips made in the US, as well as simulated journeys made in other locations around the world. The algorithm uses this to generate the most likely ten routes it thinks you may have taken.
According to the paper, the algorithm’s accuracy is somewhere around 50 per cent, meaning that one of the 10 suggestions was the actual route travelled in at least half the tests.
Obviously, it’s not exactly news that you smartphone users’ device location and movements are being tracked, but most people wouldn’t expect that to be possible to such an accurate degree without using any sort of location data.
“Inferring a driving pattern from an Android app can lead to much greater invasions of privacy, such as where the user lives and works,” Professor Guevara Noubir said. Combine that with something like city databases for property tax records and there’s a good chance people can be individually identified and tracked.
“Adversaries can recover lots of details through these side channels,” Noubir added.
Unless you’re about to give up on apps altogether, you’re always going to be somewhat at the mercy of app developers and their privacy policies but the researchers say that you should take basic measures to protect yourself by doing things like uninstalling apps you no longer use and not installing ones from companies or developers that you don’t know.