Of all the accusations routinely hurled Googleâs way, thereâs one that especially alarms users: the company can track the location of all Android â and to some extent, Apple â phones. Past experience suggests that Google indeed does this â not only using this data to display ads, but also storing it in Location History and even providing it to law enforcement agencies. Now Google promises to only store Location History on the device. Should we believe it?
Whatâs wrong with Location History?
Location History lets you easily view the places a user visited and when they did so. You can use it for all kinds of things: remembering the name of that beach or restaurant you went to while on vacation two years ago, finding the address of a place your better half often goes to after work, getting new bar suggestions based on the ones youâve been to, locating the florist that delivered the surprise bouquet for a party, and many more. The different ways this feature both benefits and harms Google account holders are commonly reported. Little wonder then that many â even those with a clean consciences â often want to turn it off completely.
Regrettably, Google has often been caught abusing its Location History setting. Even if explicitly disabled, Location History was still collected under âWeb & App Activityâ. This led to a series of lawsuits, which Google lost. In 2023, the company was ordered to pay $93 million under one suit, and a year earlier $392 million under another. These fines were but a pinprick to a corporation with hundreds of billions of dollars in revenue, but at least the court had Google revise its location tracking practices.
The combined legal and public pressure apparently led to the company announcing at the end of 2023 a drastic change: now, according to Google, Location History will be collected and stored on usersâ devices only. But does that make the feature any more secure?
How does Location History (supposedly) work in 2024?
First of all, check that the feature has been updated on your device. As is wont with Google, updates for the billions of Android devices roll out in waves, and to relatively recent OS versions only. So, unless you see an alert that looks like the one below, itâs likely your device hasnât received the update, and enabling Location History will save the data on Googleâs servers.
If your Location History is now stored locally, however, Google Maps will offer options for centralized management of your âplacesâ. By selecting a point on the map, such as a coffee shop, and opening its description, youâll see all the times you visited the place in the past, all searches for the place on the map, and other things like that. One tap on the location card can delete all of your activity associated with the place.
Google says it will store the history for each place for three months by default and then delete it. To change this setting or disable history, simply tap the blue dot on the map that shows your current location and turn off Location History in the window that pops up.
An obvious downside to offline Location History is that it wonât be accessible to the user on their other devices. As a workaround, Google suggests storing an encrypted backup on its servers.
Keep in mind that what weâre discussing here is the new implementation of Location History as described by Google. Detailed analysis of how this new pattern actually works may reveal pitfalls and caveats that no one except Googleâs developers knows about at this point.
What threats does this update eliminate?
Although the new storage method improves the privacy of location data, it canât be considered a one-size-fits-all solution to all existing issues. So how does it affect various hypothetical threat scenarios?
- Tracking you to customize ads. This is unlikely to be affected in any way: Google can continue to collect data on places you visit in an anonymized, generalized form. Youâll keep seeing ads linked to your current or past locations unless you disable either that or all targeted ads entirely. Remember that Google isnât the only one out there tracking your location. Other apps and services have been found guilty of abusing this data as well; here are a few examples: one, two, and three.
- Evil hackers and cyberspies. These malicious groups typically use commercial spyware (stalkerware) or malicious implants, so the changes to Googleâs Location History will hardly affect them.
- Jealous partner or prying relative. Itâll be harder to use a computer on which youâre signed in to your Google account to track your location. Someone could still quietly snoop on your phone while itâs unlocked, as well as secretly install commercial spyware such as stalkerware, which we mentioned above. Therefore, itâs general steps to protect smartphones from mobile spyware, not the updates to Google Maps, that are crucial to addressing this.
- Law enforcement. This isnât likely to change much, as, in addition to asking Google, the police can request your location data from the mobile carrier or deduce it from surveillance camera footage, which is both easier and faster.
So, the update doesnât help user privacy all that much, does it? Weâre afraid not.
How do I effectively protect my location data?
Youâre limited to fairly drastic options these days if you want to prevent location tracking. We list these here in ascending order of extremity.
- Use comprehensive security on all your devices, including phones and tablets. This will reduce the likelihood of being exposed to malware, including stalkerware.
- Disable Google Location History and Web & App Activity, avoid giving location permissions to any apps except navigation apps, turn off personalized ads, and use a DNS service that filters ads.
- Turn off all geo-tracking features (GPS, Google location services, and others) on your smartphone.
- When on an especially important trip, activate flight mode for an hour or two, or just turn off your smartphone.
- Ditch smartphones in favor of the most basic dumbphones.
- Ultimately, stop carrying around any kind of phone at all.
- Live 100% off-grid; e.g., in a cave.
Source: kaspersky.com