A simple software fix could limit location data sharing

Location data sharing from wireless carriers has been a major privacy issue in recent years. Marketers, salespeople, and even bounty hunters were able to pay shadowy third-party companies to track where people have been, using information that carriers gathered from interactions between your phone and nearby cell towers. Even after promising to stop selling the data, the major carriers—AT&T, T-Mobile, and Verizon—reportedly continued the practice in the US until the Federal Communications Commission proposed nearly $200 million in combined fines. Carriers remain perennially hungry to know as much about you as they can. Now, researchers are proposing a simple plan to limit how much bulk location data they can get from cell towers.

Much of the third-party location data industry is fueled by apps that gain permission to access your GPS information, but the location data that carriers can collect from cell towers has often provided an alternative pipeline. For years, it's seemed like little could be done about this leakage because cutting off access to this data would likely require the sort of systemic upgrades that carriers are loath to make.

At the Usenix security conference on Thursday, though, network security researchers Paul Schmitt of Princeton University and Barath Raghavan of the University of Southern California are presenting a scheme called Pretty Good Phone Privacy that can mask wireless users' locations from carriers with a simple software upgrade that any carrier can adopt—no tectonic infrastructure shifts required.