New York Times analyzes a leaked set of location data from a private broker, sounds the alarm

In 2017, a string of reports revealed that data-brokers were acquiring and linking titanic sets of location data from apps and mobile carriers and mining that data (and sometimes selling it outright). The carriers promised they'd end the practice, but they were lying. A year later, fresh reports surfaced of both app- and carrier-derived location data being sold, often by companies whose lack of elementary security meant that the data was effectively available to anyone. Then we learned that carriers were supplying fine-grained, realtime location data that was ending up in the hands of bounty hunters, skip tracers, and crooks and stalkers (naturally Ajit Pai's FCC had helped them get away with it0.

Now, the New York Times has obtained a file of app-derived location data of the sort amassed by brokers, composed of 50b location "pings" from 50m Americans' devices.

In an extraordinary piece of journalism, the Times shows just how easy it is to positively identify people in the data-set and then follow them: whether that's senior political officials, celebrities, protesters, cops, or the families and friends of all of the above. The writers describe how they were able to identify overnight visitors to the Playboy mansion, follow journalists as they talked with sources, and watch who came and went from massage parlors, methadone clinics, the White House, and more. They followed a tech exec as he left his employer's campus and interviewed for a job at its major rival, and tracked the children of police officers as they went to school and to friends' houses. Read the rest