Google Starts Tracking Retail Store Visits On Android and iOS

recoiledsnake writes with news of Google tracking a bit more of your life. From the article: "Google is beta-testing a program that uses smartphone location data to determine when consumers visit stores, according to agency executives briefed on the program by Google employees. Google then connects these store visits to Google searches conducted on smartphones. If someone conducts a Google mobile search for 'screwdrivers,' for instance, a local hardware store could bid to have its store listing served to that user. By pairing that person's location data with its database of store listings, Google can see if the person who saw that ad subsequently visited the store.It is easiest for Google to conduct this passive location tracking on Android users, since Google has embedded location tracking into the software. Once Android users opt in to location services, Google starts collecting their location data as continuously as technologically possible."

surprised, yet not surprised.

[noh8rz10]

and the noose tightens a little bit more...

Re:surprised, yet not surprised.

[srmalloy]

Yet another reason not to opt-in to data collection...

Re:surprised, yet not surprised.

[noh8rz10]

it's not that simple. it's tied to location services on a phone. like, you want phone navigation? that requires location services. you want it to show your location on a map? that requires location services. oh btdubs they also make records of your every location.

for iOS this is pretty easy, just don't use the core google apps (maps, google search, gmail, chrome). for android, you're kinda screwed, because it's baked into the OS. Another reason to stick with iOS. I can't say anything about windows phone OS.

Re:surprised, yet not surprised.

[Jane+Q.+Public]

"for android, you're kinda screwed, because it's baked into the OS."

No, it isn't. I'm getting pretty sick of these falsities being repeated.

It's baked into some APPS in the OS. You aren't obligated to use them. You can disable them and use 3rd-party tools like Waze or any of the many others.

My location tracking is off most of the time. When it is on, I use 3rd-party software. Network analysis shows that my Android phone isn't "phoning home" to Google with my location.

I sometimes use Google Maps to find things. But then I am not at the location I am trying to find.

Re:surprised, yet not surprised.

[Holi]

> i prefer to use a phone os from a company that doesn't sell my recorded locations to others.

And please, which company would that be?

Re:surprised, yet not surprised.

[noh8rz10]

> i prefer to use a phone os from a company that doesn't sell my recorded locations to others.

And please, which company would that be?

casting a wide net, there are four major mobile phone OS's. Here's a link to news about one OS capturing and selling location information:

Google Starts Tracking Retail Store Visits On Android and iOS

do you have any links for iOS, blackberry, or windows phone?

Re:surprised, yet not surprised.

[MacDork]

like, you want phone navigation? that requires location services.

You can enable the GPS without using Google's location services. I used Google maps today. Location services off.

Re:surprised, yet not surprised.

[93+Escort+Wagon]

You can disable them and use 3rd-party tools like Waze or any of the many others.

FYI Google bought Waze several months ago, and the two services are being integrated already. I'm seeing Google ads on Waze at times, and Waze alerts show up on Google Maps.

Re:surprised, yet not surprised.

and the noose tightens a little bit more...

It should be mentioned that Google's admob transfers your location data using a constant encryption key. According to the Snowden leaks, the NSA decided using cell tower data to track everyone's location was too inefficient and ultimately gave it up. Now I think I see why. I'm sure no one at the NSA has ever decompiled Google's code and snarfed their constant encryption keys.

These invasive practices should be outlawed. The people working at Google should be ashamed of themselves. They are exactly what facilitates the NSA and their ilk in stalking every phone carrying person on the planet.

Re:surprised, yet not surprised.

[TubeSteak]

I question Google's ability to accurately track your store habits.
More often than not, Google Maps puts stores in the wrong place, if not the wrong side of the street.

It's a problem that I find curious, since my Garmin GPS (which I use a lot more) gives me that problem much less often.

Re:surprised, yet not surprised.

[noh8rz10]

but if a store's wifi ids re registered with google, then they'll know your location based on this beacon. obv works best in a home depot, not so much in a mall.

Re:surprised, yet not surprised.

[noh8rz10]

then what is the ostensible legitimate purpose of location services?????

Re:surprised, yet not surprised.

[realityimpaired]

That would have been the update to Google Navigate a few months ago that showed traffic congestion, wouldn't it? It didn't used to do that... I've found it quite useful for the most part, on the occasion that I've actually needed to use navigate.

Re:surprised, yet not surprised.

[Jane+Q.+Public]

well it's hella convenient for location services to be on for core phone functions, like search and maps. you use these things in so many ways that it becomes very fluid. which is why i prefer to use a phone os from a company that doesn't sell my recorded locations to others.

Apparently you completely missed my point.

Location services on Android phones do NOT "call home" to Google. Google APPS do.

Don't use the Google apps, and it's not an issue. And by the way, this is is true for BOTH Android and iOS. Google apps will report your location the same amount and the same way, whichever phone you are using.

The only difference is that Google bundles their apps with Android. Apple doesn't bundle them with iOS.

Re:surprised, yet not surprised.

[Jane+Q.+Public]

"FYI Google bought Waze several months ago, and the two services are being integrated already. I'm seeing Google ads on Waze at times, and Waze alerts show up on Google Maps."

Google search has been added to Waze, and Waze alerts are now showing on Google Maps. That's it.

If Waze ever starts "calling home" to Google, I'll stop using it. It's that simple.

Re:surprised, yet not surprised.

[BasilBrush]

Network analysis shows that my Android phone isn't "phoning home" to Google with my location.

Yet. TFS says it's a beta test. If you're not part of the beta test, then your checking is irrelevant.

You insist that this only only happens in apps. Yet since Google builds the stack of software, they can collect data, and phone home from anywhere. For things like this, it works better for Google if it's always collecting data. So who's to say they won't?

Re:surprised, yet not surprised.

[BasilBrush]

Don't use the Google apps, and it's not an issue. And by the way, this is is true for BOTH Android and iOS. Google apps will report your location the same amount and the same way, whichever phone you are using.

I'm afraid you're missing the fact that when Google, does apps for iOS, they need to stay within the app review guidelines, including on privacy issues. Which excludes lots of bad behaviour. On Android, Google are free to do whatever they want, within the law.

You claim there is no difference, but that's a big one.

Re:surprised, yet not surprised.

[noh8rz10]

ok, here's the deal. On android phones, the default browser and maps apps phone home all ur info. On iOS phones, the default browser and maps app do not phone home all ur info. This is the difference between android and iOS. agreed? now, which one sounds better to you?

Re:surprised, yet not surprised.

[BasilBrush]

bv works best in a home depot, not so much in a mall.

That's the reason why they're starting to use low power bluetooth for exactly this functionality.

http://en.wikipedia.org/wiki/IBeacon

Gives you a specific store within a mall.

Re:surprised, yet not surprised.

[93+Escort+Wagon]

It sure looks like Google is in charge of Waze's ads...

http://www.linkedin.com/jobs2/view/7257746?_mSplash=1

Re:surprised, yet not surprised.

[gnasher719]

casting a wide net, there are four major mobile phone OS's. Here's a link to news about one OS capturing and selling location information:

Google Starts Tracking Retail Store Visits On Android and iOS

do you have any links for iOS, blackberry, or windows phone?

Microsoft is doing adverts now in the UK asking potential customers if they want an email service that doesn't read their emails. They don't mention Google by name yet.

Re: surprised, yet not surprised.

[ThatsMyNick]

That is bs. Google maps does need to use Google Location services, it can use GPS just fine. On android.

Re: surprised, yet not surprised.

[MacDork]

Nope. Location On, Location services Off I'm using Google maps without signing into a google account too.

Re:surprised, yet not surprised.

[alostpacket]

Navigation has had the traffic layer for years.

Re:surprised, yet not surprised.

[n3r0.m4dski11z]

Just took a look at my wifes phone, and the only android setting which said it would phone home was settings -> location access -> wifi and mobile network location

Which I have now turned off. The other services which are GPS location and access my location do not say anything about sending anything to google. The first option, wifi and mobile network detection, does.

Probably this person article submitter does not realize that there is a setting. That its set by default is worrying however. But im sure most people like it.

Re:surprised, yet not surprised.

[Jane+Q.+Public]

I'm afraid you're missing the fact that when Google, does apps for iOS, they need to stay within the app review guidelines,
...
You claim there is no difference, but that's a big one.

I didn't miss anything, and no there isn't.

Apple guidelines do not require apps to NOT phone home... in fact there was a big flap about that just recently... iOS apps tracking people in ways that they did not approve.

Android app guidelines are actually stricter than Apple's. You have to explicitly consent to EVERY phone service that is accessed by an app: not just location but accelerometers, compass, notifications, wifi, phone data, etc.

IN BOTH CASES you have to explicitly approve of Google Maps using your location data in order to use Google Maps. There is no practical difference.

Re:surprised, yet not surprised.

[Nerdfest]

Traffic tracking, Google now integration, etc. I get a Google now notification when my spouse (or other friends sharing their data) leave work. I get notifications if I have to leave early for something to make it on time because of traffic, etc. That sort of thing.

Re:surprised, yet not surprised.

Mozilla?

Re:surprised, yet not surprised.

[Jane+Q.+Public]

Frankly, Android.

Because lots of Apple apps, guidelines or no, have been caught "phoning home" info that people certainly did not want known.

On Android, (A) you have to explicitly approve all such services that an app can access on your phone, in advance, and (B) unlike iOS, there are no "no competition" rules for Android apps. If you can find a better (or better for YOU) app than stock Android apps, just use it and stop using the stock Android app. Try that on Apple. You can't.

Granted, Apple asks for some permissions too but after some of the recent scandals it is obvious that isn't enough.

Re:surprised, yet not surprised.

>Network analysis shows that my Android phone isn't "phoning home" to Google with my location.
How dumb are you? They get the data from your third party apps access their location api. Seriously. Are you retarded?

Re:surprised, yet not surprised.

[BasilBrush]

Apple guidelines do not require apps to NOT phone home... in fact there was a big flap about that just recently... iOS apps tracking people in ways that they did not approve.

Wrong.

"4.1 Apps that do not notify and obtain user consent before collecting, transmitting, or using location data will be rejected"

Android app guidelines are actually stricter than Apple's. You have to explicitly consent to EVERY phone service that is accessed by an app: not just location but accelerometers, compass, notifications, wifi, phone data, etc.

a) It's a poorer system. It's pre-approval, on mass, which means the user doesn't know why an app needs access to resources before approving them. iOS seeks approval at the time of requiring the resource, enabling the user to know what the resource is needed for.

b) There is no such limitation on Google on Android, because Google don't have to do it from within an app, and therefore not within a sandbox.

Re:surprised, yet not surprised.

[Jane+Q.+Public]

To put it a different way: Apple's "walled garden" isn't worth much if the "wall" is really just hot air.

I'm not an Apple-hater. I like OS X and I develop on Macs. I just don't like the tradeoff on iOS between "security" and freedom, because like nearly all such trades, it turns out the security is largely illusory.

Re:surprised, yet not surprised.

[BasilBrush]

Because lots of Apple apps, guidelines or no, have been caught "phoning home" info that people certainly did not want known.

On Android, (A) you have to explicitly approve all such services that an app can access on your phone, in advance, and (B) unlike iOS, there are no "no competition" rules for Android apps. If you can find a better (or better for YOU) app than stock Android apps, just use it and stop using the stock Android app. Try that on Apple. You can't.

You're confusoing two different things. App sandbox (on Android) with App Store Approvals (on iOS).

The problem is that iOS also has a sandbox, which you ignore. And you also ignore the fact that Android has no app approvals process.

Again the big picture is that third party developers can do a lot more than users don't want on Android then on iOS. And Google can do ANYTHING on Android, but they can't on iOS.

Re:surprised, yet not surprised.

[maccodemonkey]

Google search has been added to Waze, and Waze alerts are now showing on Google Maps. That's it.

If Waze ever starts "calling home" to Google, I'll stop using it. It's that simple.

The Waze servers already belong to Google. It's already calling home. And the call is coming from inside the house.

Re:surprised, yet not surprised.

[Uberbah]

unlike iOS, there are no "no competition" rules for Android apps. If you can find a better (or better for YOU) app than stock Android apps, just use it and stop using the stock Android app. Try that on Apple. You can't.

Nonsense with no basis in reality. You can find no shortage of apps for browsing, music, videos, camera effects, etc for IOS devices that don't come from Apple.

Re:surprised, yet not surprised.

[noh8rz10]

i'm just trying to include ms and bby so I can point out problems with android in ways that I don't get painted as an apple fanboi, but whatever. Apple doesn't serve targeted ads, and it doesn't have a financial interest in the content of my emails. and every person can get an iCloud.com email address for free with no advertising.

Re:surprised, yet not surprised.

[noh8rz10]

you're being silly. stop being silly! all your args are for 3rd party apps, and we're talking about first party apps.

I think the "no competition" thing was an issue earlier but is no longer an issue. there are plenty of options for browser, maps, address book, camera, calendar, etc. I don't think there are options for the phone parts - phone and sms. so you need to chillax here, welcome to 2013.

Re:surprised, yet not surprised.

Apple does serve targeted ads. It's in the first sentence: http://advertising.apple.com/

Re:surprised, yet not surprised.

> i prefer to use a phone os from a company that doesn't sell my recorded locations to others.

And please, which company would that be?

That would be Playskool.

Re:surprised, yet not surprised.

[BasilBrush]

I'm not an Apple-hater. I like OS X and I develop on Macs. I just don't like the tradeoff on iOS between "security" and freedom, because like nearly all such trades, it turns out the security is largely illusory.

Well that's odd, because your complaints about iOS are based on falsehoods. Either you're an Apple-hater, or your dislike of iOS is based on misapprehensions.

Re:surprised, yet not surprised.

[thegarbz]

Medium range location fixing when there's no access to GPS.

Without location services your phone has two options, get a fix from the carrier based on the tower location (very crappy accuracy that's lucky to get you in the right suburb) or a GPS fix.

With location services the phone will scrap all the WiFi points in the area and based on which it can see it looks up a Google database of location data to determine where you are without a GPS fix. In my house for some reason it assumes I'm 4 houses down the road, but better than without it turned on where it puts me at the shopping centre about 600m away.

With location services enabled when you have a GPS fix it will send the location data to google including what wifi points are in the area, what cells you're connected to, and how fast you're travelling (plus anything else that Google put into their very liberal definition of "anonymous data is collected")

Re:surprised, yet not surprised.

[Jane+Q.+Public]

You're confusoing two different things. App sandbox (on Android) with App Store Approvals (on iOS).

No, I'm not "confusing" or "ignoring" anything.

Listen up: recent scandals have demonstrated that Apple's "sandbox" DOESN'T WORK for things like this, as Chalie Miller and a lot of others found out.

Ultimately, keeping withing Apple's "sandbox" is up to the developer, and if you have a malicious developer, it makes no difference.

That was part of my point. No, app developer CAN'T do a lot more on Android than they do on iOS. Lots of people keep saying that but the distinction is illusory. The ONLY difference is that on iOS, they're slightly more likely to get caught because of the app vetting that Apple does.

Re:surprised, yet not surprised.

[lgw]

OK, here's the deal: if you don't learn how to write, no one will take you seriously. Hey, mash whatever keys you want to, it's a formerly-free country, but if you seek credibility you should make a bit of an effort.

Re:surprised, yet not surprised.

[noh8rz10]

what, no caps and a little bit of l33t-speak? chillax man. words are nothing but containers for ideas. don't judge a book by its cover.

Re:surprised, yet not surprised.

[noh8rz10]

i'm terminating this conversation, because you are being deliberately obtuse.

Re:surprised, yet not surprised.

[Jane+Q.+Public]

It is you who don't know what you're talking about.

Apple's rules for app store apps say that an app that is allowed in their store cannot "duplicate the functionality" of one of the major iOS components.

So if you make an app like iTunes, but is better than iTunes, Apple will reject it because it "duplicates functionality".

It's in the Developer Guidelines. Go read them. Oh, wait... you have to pay for a developer's license before they'll let you read it.

Re:surprised, yet not surprised.

[Jane+Q.+Public]

My whole point was about 3rd-party apps. Hell, Apple's stock apps "phone home" to Apple, too! The only difference there is that people trust Apple more than Google. Mistakenly, in my opinion.

Oh, don't misunderstand me. In a "societal good" contest, I'd take Apple over Google any day. But they aren't the Saints that many people seem to expect them to be.

But back to the point: to the best of my knowledge the Developer Guidelines still say an app can be rejected if it "duplicates the functionality" of one of the major iOS components.

Don't blame me if Apple is flaky about enforcing it. The App Store is rather notorious for being flaky about its approvals.

Re:surprised, yet not surprised.

[BasilBrush]

It is you who don't know what you're talking about.

Apple's rules for app store apps say that an app that is allowed in their store cannot "duplicate the functionality" of one of the major iOS components.

So if you make an app like iTunes, but is better than iTunes, Apple will reject it because it "duplicates functionality".

It's in the Developer Guidelines. Go read them.

It's you who's mistaken, not the other poster. The Apps Store Guidelines do not say that. You haven't read them. I have.

There is no such app as "iTunes" on iOS. There's "iTunes Store". Which you are perfectly at liberty to duplicate. However it'd have to be done via the in-app purchase API, which sends 30% of the selling price to Apple. Which makes it quite difficult to compete on that. But you're allowed to try.

They will certainly not reject it because it "duplicates functionality". You are several years out of date on your information.

Re:surprised, yet not surprised.

[lgw]

Like I said, mash away to your heart's content; unless of course your intent is to persuade - then you're hostage to what each reader thinks of the cover of your book.

Re:surprised, yet not surprised.

[Jane+Q.+Public]

I'm not a Mac hater. Hell, I develop on a Mac! By choice.

But given the 2 major phone ecologies, I chose Android mainly because I don't much care for the iOS "walled garden". It's as simple as that.

But... please elaborate on these "falsehoods" to which you refer. What are they, specifically?

Re:surprised, yet not surprised.

[BasilBrush]

Listen up: recent scandals have demonstrated that Apple's "sandbox" DOESN'T WORK for things like this, as Chalie Miller [cnet.com] and a lot of others [informationweek.com] found out.

Recent? You are linking to one that's 18 months ago, and one that's 2 years ago. Both dealt with permanently soon after discovery.

That's a sign of how rare it is for Malware to get through on iOS.

You have to go back so far because there is no current malware on iOS, and hasn't been for some time.

By contrast Malware like this is a constant issue on Android. And there's no way to stop it short of new OS versions. And new OS versions don't tend to get through to Android users.

There's no comparison. iOS is ultra secure compared to Android.

Re:surprised, yet not surprised.

[Jane+Q.+Public]

Do I really need to explain what I meant?

If I learn that Google is using my Waze location data for anything but the app, then it's time to move on to another app.

I admit that it doesn't look good. What I don't get is why Google doesn't understand they can destroy a brand just by acquiring it? They've become evil, and the things they touch have turned evil.

Re:surprised, yet not surprised.

[ArbitraryName]

Apple doesn't serve targeted ads,

Really? What am I opting out of then?

and it doesn't have a financial interest in the content of my emails

No, just a paternalistic one. Who knows what phrases will send your emails silently into the void. I'll pass on an email service that doesn't deliver 100% of email received to the intended recipient (into a spam folder is acceptable).

Re:surprised, yet not surprised.

[Jane+Q.+Public]

No, I was NOT wrong.

"4.1 Apps that do not notify and obtain user consent before collecting, transmitting, or using location data will be rejected"

See, the difference there is the "user consent" bit. Repeat: Apple's guidelines do NOT require apps to not phone home. They DO require consent. Two different things.

My main point, however, is that apps DO phone home, without user consent, and a number of them passed through the app approval process. Hell, it was all over the internet.

a) It's a poorer system. It's pre-approval, on mass, which means the user doesn't know why an app needs access to resources before approving them.

Its the same system. Apple ALSO does not require them to not phone home. It just asks for your consent first. That's exactly what Android does.

iOS seeks approval at the time of requiring the resource, enabling the user to know what the resource is needed for.

Granted... in most cases. Many Android apps do that too. But that wasn't what I was talking about. I repeat: those are Apple's GUIDELINES. A great many apps have been caught doing it DESPITE the guidelines, and they didn't ask for approval. You see, that part is controlled by the developer, and if the developer does not wish to seek permission, they just do it anyway... despite Apple's guidelines. They might get caught during the approval process... but many have not.

Don't confuse rules with what people actually do, or theory for reality.

b) There is no such limitation on Google on Android, because Google don't have to do it from within an app, and therefore not within a sandbox.

This makes no sense. They don't have to do WHAT "within an app"?

Every app that uses a system service has to be programmed to use that service. That's within the app. And that is true of both iOS and Android. Apple "requires" apps to get permission to use a service... but many programmers have proven that it is possible to get around those rules. That is also "within the app". Many Android apps also ask for permission to use a system service. That's "in the app" too.

Apple's sandbox DOES NOT do much to protect against apps that want to break the rules. The only enforcement they have is their pre-approval process, which is notoriously arbitrary and flaky, and which has approved a lot of applications that DID phone home without users' knowledge, and which weren't caught doing it until much later.

Re:surprised, yet not surprised.

[recoiledsnake]

Citation needed.
Microsoft doesn't use the text of the email, they use the subject.

Re:surprised, yet not surprised.

[Jane+Q.+Public]

"Recent? You are linking to one that's 18 months ago, and one that's 2 years ago. Both dealt with permanently soon after discovery."

Of course they were. Any company worth its salt deals with malware right away. That's no guarantee that there isn't more of the same still out there. Odds are overwhelming that there is.

To assert that "there is no malware" in iOS is just ridiculous. There isn't a sane security researcher on the planet who would agree with that. Yet AGAIN, just recently, somebody got a trojan through the app approval process. Big deal, you say? Well, it is in a way because it is the same same basic technique used by one of those guys you were talking about from two years ago.

I repeat: I like Apple products. But one thing I am not is a fanboi. I am realistic about capabilities of the products. And I do my research. Yes, iOS has some safeguards that Android does not. BUT... whether those minor differences really equal "security" is a matter for debate.

iOS is nice if you like handholding and don't want to bother to deal with security yourself. But I don't like handholding, I am a tinkerer, and I don't have any qualms about taking care of my own security.

Re:surprised, yet not surprised.

[Trax3001BBS]

it's not that simple. it's tied to location services on a phone. like, you want phone navigation? that requires location services. you want it to show your location on a map? that requires location services. oh btdubs they also make records of your every location.

for iOS this is pretty easy, just don't use the core google apps (maps, google search, gmail, chrome). for android, you're kinda screwed, because it's baked into the OS. Another reason to stick with iOS. I can't say anything about windows phone OS.

It's very simple...

When you turn on GPS, you are asked if you will allow this; not the subject in particular,
just covered by the board meaning of the question: "will you allow tracking".

It's an opt in, nobodies to blame but oneself if this is a problem to them.
Many other added features coming with any phone/tablet may require an account and some even a monthly payment.

The Android also has triangulation using wireless networks (location service) , this requires no opt-in.
It's just not as precise, ball parks good enough for me.

My Cell phone and table are Android, the tablets even sold under Googles name (Motorola Xoom) I use Opera for a browser,
and don't use either for Email, I use Forté's Agent (PC) for text only email no matter it's format.

Simple.

Re:surprised, yet not surprised.

[Jane+Q.+Public]

It's you who's mistaken, not the other poster. The Apps Store Guidelines do not say that. You haven't read them. I have.

REALLY??? Well you sure haven't read them very well!

2.11 Apps that duplicate apps already in the App Store may be rejected, particularly if there are many of them.

Apple has been notorious for rejecting apps that "duplicate functionality", especially when it is their own apps that are being emulated. They have been quite selective in their enforcement. Ask any developer who ever got a rejection for violating rule 2.11.

Re:surprised, yet not surprised.

[Jane+Q.+Public]

And by the way: that copy was from last year. But if they've updated it since, I sure as hell haven't heard about it. Others were complaining about it online this last August.

Re:surprised, yet not surprised.

[vlueboy]

a) It's a poorer system. It's pre-approval, on mass, which means the user doesn't know why an app needs access to resources before approving them. iOS seeks approval at the time of requiring the resource, enabling the user to know what the resource is needed for.

This.
I don't have IOS myself, but heard that its non-stock apps (rather, the OS API) require user approval before sending out tweets such as an embarrassing #softwarepirateconfession resulting from your misunderstanding what the app really wanted to do. We all know how much dialogs do in the hands of Joe Bloggs, but to us here it is fair enough warning.

I would expect that OS protection from Android alone, and NOT Apple. The added burden [and power] placed on the user is uncharacteristic of Apple anyway. Yet, Android's "best effort" in this area is as follows:
1) Google or mobile carriers install Facebook and other sneaky tracking apps by default.
2) User opens app BUT isn't given any permission manifest warnings
3) PROFIT!! User has already given up their rights without being asked, because stick Android prefs are an all-or-nothing gamble.

Alternate timeline steps [which /.ers on Android bitterly face as rite of passage]
4) Suppose the user uninstalls the app.*
(i) Some weeks later said user tries to get it again from the Market.
(ii) They are forced to notice that said app required Fine-grained Network Location services, SMS, full internet access, user identity, address book, and five other categories.
(iii) The app could be Facebook, but more commonly it's some game (grrrr) or Samsung utility.
5) User has heart attack... at the implications of what the app did all along with months worth of information secretly gathered without express consent.

* Likely uninstalled to counter the cryptic internal RAM space problems that only we understand. Probably only after rooting to gain the ability to cut unwanted shovelware ;)

Re:surprised, yet not surprised.

[ceoyoyo]

So what you're saying is that on Android if I pop open the default maps app and ask it where I am, it pops up a dialog asking if it can use the GPS. I say yes, it tells me where I am, and then it tracks me.

Alternately, on iOS I open the default maps app and ask it where I am, it pops up a dialog asking if it can use the GPS (yes it does). I say yes, it tells me where I am, and then it doesn't track me.

For third party apps, if one DOES track me on Android no problem. If one tracks me on iOS and gets caught, scandal.

Hm... tough choice that.

Re:surprised, yet not surprised.

[Jane+Q.+Public]

My link to an example of what I was saying was modded down?

Fanboi modders, that's pretty low even for you.

Re:surprised, yet not surprised.

What's this then? http://advertising.microsoft.com/en-us/display-ad-targeting

Who cares if the targeting data comes from an email or what you type into google or bing or what news stories you click on? It's all being tracked. Stop fucking kidding yourself and shilling for MS.

Re:surprised, yet not surprised.

[tlhIngan]

"for android, you're kinda screwed, because it's baked into the OS."

No, it isn't. I'm getting pretty sick of these falsities being repeated.

It's baked into some APPS in the OS. You aren't obligated to use them. You can disable them and use 3rd-party tools like Waze or any of the many others.

My location tracking is off most of the time. When it is on, I use 3rd-party software. Network analysis shows that my Android phone isn't "phoning home" to Google with my location.

I sometimes use Google Maps to find things. But then I am not at the location I am trying to find.

Actually, Google is encouraging developers use the massive root-level all-permissions blob known as the "Google Services Framework" which provides access to the Google APIs for stuff like mapping, location services and other stuff.

The purpose is to make developer's lives simpler, though the real reason is Google fears the Kindle and other AOSP based Android devices - so tying apps into GSF makes those apps dependent on Google and not AOSP.

Hell, half the stuff on an Android phone are NOT in AOSP anymore - AOSP contains basic apps and that's it - Google replaces them with their own.

AOSP will always be open-source, but it's rapidly becoming outdated as features are not being brought to it as they're becoming part of Google's standard set of closed-source apps.

And apps not reporting home? Well, considering most apps are ad-based, they SHOULD be reporting home. Perhaps they're doing it over the 3G link?

Of course, one thing iOS has over Android is that you can deny location services to specific apps. So you can have location services enabled globally and yet deny certain apps from getting location data.

Re:surprised, yet not surprised.

[Richard+Elmore]

Google to NSA: F*ck these guys!!

Google to everyone else: What, you have a problem with this? Trust us guys!!

I can almost taste the irony.

Re:surprised, yet not surprised.

[erikkemperman]

I don't have any illusions to the effect that Apple are valiantly defending my privacy... But one major difference, it seems to me, is that you get to disallow *parts* of the permissions an app requests. And you get to do it dynamically, yourself.

So for example I use Google maps because last time I checked Apple's still suck. But I only allow Google maps app access to my location when I actually am navigating, and otherwise I don't allow the app this access. There may be ways around that for the savvy dev, of course. But if so that'll be considered a bug and hopefully be fixed at some point.

On Android, you give blanket permission to everything the app requested in its manifest, or you can't install it. And after that there is no way for me to deny subsets of those permissions temporarily. Sure some apps may present you with some configuration to not use feature X, and maybe they respect that setting. But the app, at the level of its interfacing with the device, does have the permission and there's little I can do about that other than uninstalling.

Re:surprised, yet not surprised.

[gnasher719]

The problem is that Microsoft apparently reads users emails for the same reason Google does, for targeted ads. It's a nice question that makes people suspicious, but Microsoft email is not a solution for those that answer 'yes'.

You should then write to the British advertising watchdog at www.asa.org.uk and tell them that Microsoft is lying in their adverts. Otherwise, it would seem that you are just bullshitting.

Re:surprised, yet not surprised.

[gnasher719]

Listen up: recent scandals have demonstrated that Apple's "sandbox" DOESN'T WORK for things like this, as Chalie Miller [cnet.com] and a lot of others [informationweek.com] found out.

They "don't work" in the way that seat belts and airbags "don't work" by not preventing all traffic deaths. Charlie Miller was thrown out of the developer program, so apparently that bit worked anyway.

And developers who unlike marketers often sympathise with the customer, have remarked that Apple's store review has one gigantic advantage: When your marketing departments demands functionality that is hurting the customer, the developers can just point to Apple's review guidelines and tell the marketer that this functionality will keep the app out of the app store.

Re:surprised, yet not surprised.

[TheRaven64]

I like OSMAnd for mapping on Android. It uses OSM data and lets me download entire country (or, in the US, state) map sets. Most of the time when I want a map, I'm in another country, where data roaming charges are insane, and so being able to stick the maps for an entire country on the SD card before I leave is great. Most are only a couple of hundred MBs, so downloading over WiFi is very fast. Near where I live, the OSM data is a lot better than either Google or Apple Maps (it has cycle paths in the correct places, for example, and doesn't have pubs by the names that they haven't had for 20 years).

Re:surprised, yet not surprised.

[MysteriousPreacher]

I just don't like the tradeoff on iOS between "security" and freedom, because like nearly all such trades, it turns out the security is largely illusory.

Any thoughts on why iOS malware is pretty rare in comparison to attacks on the Android platform? If the restrictions on iOS aren't somewhat related, then what is the cause of this difference? I can't see market share being the main distinguishing factor - iOS has significant market share and a solid share of online use. Given that most of the security is illusory, would you have some specific examples where freedom of use has been curtailed on the promise of increased security?

Re: surprised, yet not surprised.

[jseale]

Windows RT, Windows 8 and Windows Phone 8 don't have much in the way of Google apps currently (except for Chrome and that God-awful search app), so in terms of shielding yourself from Google's nastiness, you're good to go.

Re:surprised, yet not surprised.

[vthome]

like, you want phone navigation? that requires location services.

You can enable the GPS without using Google's location services. I used Google maps today. Location services off.

Don't know which version of Maps or Android you used, but the "latest" on 4.3 explicitly asks you to enable location services if you need your location or navigation. Which is, what you need Maps or Navigation for about 99% of the time.

Side note: Looks like we all are a victim of "bait and switch". Back then when Google needed market share, they were throwing the juicy bits in, and now that they've got it, they're taking them out, one by one. The boiling frog syndrome.

Re:surprised, yet not surprised.

[MacDork]

I'm using the version of maps that comes with a Nexus 5.

Re:surprised, yet not surprised.

[atomicxblue]

The example you gave (map location) benefits me, but collecting where I go to sell my information to advertisers.. what do I get out of it, other than more ads?

Re:surprised, yet not surprised.

[exomondo]

Side note: Looks like we all are a victim of "bait and switch". Back then when Google needed market share, they were throwing the juicy bits in, and now that they've got it, they're taking them out, one by one. The boiling frog syndrome.

All the stock Android apps used to be free too and leverage AOSP features, now most of them have been abandoned and replaced with closed-source versions that use the proprietary Google Play Services features.

Re:surprised, yet not surprised.

[Jane+Q.+Public]

Charlie Miller was thrown out of the developer program, so apparently that bit worked anyway.

No, Charlie Miller was tossed out because he was caught LATER. His app got through the vetting process AND the sandbox. As did the one by the recent researchers, which used a similar technique.

Re:surprised, yet not surprised.

[Jane+Q.+Public]

another app: grab OsmAnd~ from F-Droid

Hey, thanks for that. I'm checking them out.

Duplicate

[jklovanc]

Google Is Testing a Program That Tracks Your Purchases In the Real World

Re:Duplicate

you must be new here... don't be surprised when this shows up tomorrow...

Re:Duplicate

[cold+fjord]

A duplicate? There is a way out.

Thank god it's Google

[clarkkent09]

Since they said they "do no evil" we can all trust them completely. If it was another company I'd be worried.

Re:Thank god it's Google

[93+Escort+Wagon]

I seem to remember that the "Do no evil" thing was coined by Marissa Meyer.

She's also the one who said there'd never, ever be ads on the Google.com main page - which is now happening.

I'm not a huge fan of hers, but it is interesting to note that some of these philosophical changes at Google coincided with her apparently being expelled from the inner circle at the company.

Re:Thank god it's Google

[lgw]

"Don't be evil" is the informal corporate motto (or slogan) of Google.[1] It was first suggested either by Google employee Paul Buchheit[2] at a meeting about corporate values in early 2000[3] or, according to another account, by Google engineer Amit Patel in 1999.[4]

You forgot the comma friend. Google's motto is clearly "Don't, be evil".

Re:Thank god it's Google

[Trax3001BBS]

Since they said they "do no evil" we can all trust them completely. If it was another company I'd be worried.

This is marked funny, actually I could say the same thing and mean it.

Have you ever searched the Internet? If any company I were to put my trust in,
it would be Google (Pls Google, back me up on this one). Their business is the
quest for information so you or another entity can search for and find what you/they
want good or bad. Hell, Facebook I know them and want no part of that. I have
0 (Zero, nada) trust in that area of the Internet. That's backed up by all the blocks
I've setup to keep Facebook out of my comings and goings, doings or not doings.

Just the fact /. has a facebook "Follow us" button they know your here now as does Google+ :}.

Re:Thank god it's Google

[Trax3001BBS]

Since they said they "do no evil" we can all trust them completely. If it was another company I'd be worried.

I search for a torrent, I follow the link I know Google is aware. Now if I were to copy
and paste that address it into a separate window Google wouldn't know.
Woops, wrong, I have to laugh as 8.8.8.8 is my DNS Server due to it's speed.

Google went down for a few seconds awhile ago and just over half the Internet fell silent,
a lot of people have put their trust in Google in one way or the other.

I guess the bottom line is read the EULA, ToS and privacy policy of who you sign on with
or products you use and know what the deal is up front.

Re:Thank god it's Google

[nurb432]

I'm sure that was their intent, and goal, but the realities of business sometimes get in the way of the best intentions.

Being 'good' doesn't count if you cant stay in busiuness.
 

you can turn off tracking

[ozduo]

and google obliges!!

Re:you can turn off tracking

[noh8rz10]

and google obliges!!

why would you think that they may any attention to your privacy settings? have you hired a team of lawyers to review their TOCs? they ignored my safari privacy settings.

And Google says "F*ck the NSA"?

[JoeyRox]

It occurs to me that Google isn't mad on principle that the NSA spies on Americans using Google's data centers but instead that they're mad the NSA is riding on Google's spying coattails. Nobody likes competition I guess.

Re:And Google says "F*ck the NSA"?

[Zontar+The+Mindless]

Nobody likes competition I guess.

I think it's more like, "Gas, grass, or ass--nobody rides for free," myself.

Re:And Google says "F*ck the NSA"?

[game+kid]

It's Eric "maybe you shouldn't be doing it in the first place" Schmidt and Larry "shouting match [with Brin over more datamining]" Page we're talking about...they couldn't properly feign outrage about the NSA if the NSA found their personal sex tapes and demanded them at gunpoint.

Re:And Google says "F*ck the NSA"?

[fermion]

As I said before, Google has the idea that they are the only ones who honest, professional, good enough at generating profits to so they should collect data. Collecting data just to prevent someone from blowing up downtown is just frivolous.

Re:And Google says "F*ck the NSA"?

[Nerdfest]

They do seem to be one of the few that doesn't regularly leak user data. They've got a pretty decent record of keeping your private data private.

Re:And Google says "F*ck the NSA"?

[ceoyoyo]

Of course. It's their most valuable asset. Their entire business is built on gathering data about you and selling products based on it. They're not going to let it get out.

Credit card numbers? Pff. Only credit card companies have any interest in keeping those safe (and they're pretty good at not leaking them, aren't they?).

Re: Give up your cell phones

[j-stroy]

Telegraph is probably cheaper than SMS.. !60 cents per message! Canada to US with Telus.

Re: Give up your cell phones

[n1ywb]

Ham Radio is still here and pretty low cost.

No thanks.

[fahrbot-bot]

I'll stick with my Qualcomm QCP-1900 from 1998 - w/o a GPS chip - that just makes voice calls.

Will they honor

[bobstreo]

The do not track header?

https://en.wikipedia.org/wiki/Do_Not_Track

And Airplane mode is your friend in a store apparently.

Re:Will they honor

[noh8rz10]

what if you want to make a call?

Re:Will they honor

Why?

Seriously, what did fucking people do before cell phones?

Did the human race die out because they couldn't place phone calls any and/or everywhere?
Fucking spoiled little babies and their phones...you deserve what you get for your weakness

Re:Will they honor

[thegarbz]

Seriously, what did fucking people do before cell phones?

Buy incorrect presents, get the date wrong on the card, miss things you could shop for that never made it on the grocery list, not confirm with a friend if the item you have in your hand is the same price?

By the way what did you fucking do before you had a car? What did you do before you had electricity? What did you do before you evolved into human form?

The old way is NOT the better way.

I wonder

[kilodelta]

Does this depend on location data being turned on? Because I turned mine off the day I got my Android phone.

Re:I wonder

[Nerdfest]

Then you're fine. Don't let the FUD bother you.

Short on details, sources

This article is far too vague. It also conflates the anonimized location services with opt-in location sharing. Location sharing, as one would expect, is an opt-in feature to share location data with Google (as used by Google Now).

Back in the stone ages...

[Archfeld]

We went to the MA-Bell/(insert local phone company here) pay phone that was on nearly every block and dropped a dime in the slot, made a call and wandered on about our business. If you were a drug dealer, or so self absorbed that you could not be out of touch you carried an ancient device known as a pager.

Re: Give up your cell phones

[realityimpaired]

Telegraph is probably cheaper than SMS.. !60 cents per message! Canada to US with Telus.

Weird. It's included in the base cost of my plan with Koodo, which is a wholly owned subsidiary of Telus. Unlimited international texting. And I've had months where I sent over 3000 international texts (not just to the US... to friends/family all over Europe, Southeast Asia, and parts of Africa) without seeing it show up on my bill, so I can vouch for it actually being international, and for "unlimited" being at the very least an arbitrarily large number that's beyond what I would consider heavy usage.

You might want to look at this: http://mobility.telus.com/en/ON/mobile_messaging/int_mess.shtml?INTCMP=ILCq4srvesmsg2
$10/mo as an addon gets you unlimited international texting with Telus... considering that all of their current plans currently have unlimited domestic texting already, not a bad deal, I suppose. Perhaps you need to change to a current plan offering? I know a few people who got dinged when Koodo started the unlimited domestic long distance included thing, because they were on a grandfathered plan and didn't change over before they started making LD calls....

Dup... please!

[openfrog]

Not only a dupe, but one of the first remark on the discussion was that, not CREDIT CARD COMPANIES already track your every purchase and visits to specific stores, and have done this for a long time.

This is a forum of well-informed people. We would want to read about Google other things that what the PR firm hired by Microsoft spews out day in or day out.

Either that or I am going to find another IT news forum. I want to read informed opinions, and while we still find interesting discussions here, it is becoming far and between... Anyone else having this feeling?

Re:Dup... please!

[BasilBrush]

Credit card companies only get info when people choose to use their credit cards for payment. There's always cash for those people that don't want to be tracked.

Now if this Google tracking is transparent and opt in, then that's equally no problem. However Google isn't that trustworthy. They have a track record of collecting data without seeking approval first, and making it difficult or impossible to get that data deleted.

Re:Dup... please!

[gnasher719]

Not only a dupe, but one of the first remark on the discussion was that, not CREDIT CARD COMPANIES already track your every purchase and visits to specific stores, and have done this for a long time.

But CREDIT CARD COMPANIES don't put adverts on my phone.

Be that as it may...

...there is more money to be made in tracking people than there is in selling phones to people who don't want to be tracked, so expect all industry players to continue moving in this direction.

oh really

[smash]

*turns location services off unless using maps*. Oh look my battery life improved by about 2-3x as well.

Battery life..

[nurb432]

Thanks Google, for sucking it dry on more things i DON'T want.

consumer power

[robot5x]

Right - so we're all agreed that neither android or ios fully respect our privacy?

Great, so all we need to do is stop using their products and they'll change their ways!

Right?

btw my niece thinks this is totally cool