Google Stops Collecting Location Data from Maps
Google Maps now stores location data locally on your device, meaning that Google no longer has that data to turn over to the police.
Comments
Clive Robinson • December 26, 2023 9:36 AM
@ Bruce, ALL,
You don’t need “location data” when you have time and shadows.
Anyone who has done basic astronavigation by “sun sight” or basic astronomy to locate planataey objects should have the knowledge to do this.
Back in the 1980’s a big chunk of learning to be a surveyor was learning how to very accurately fix your position using sun, planets and stars. By accurate I mean better than what started as very expensive GPS could give you a decade later[1].
The reason for the GPS inacuracy was the SA Code used to quasi-randomly purturbe the location accuracy. It did not take long for engineers to come up with systems that would strip off the effects of the SA-Code by providing an “inverse error signal”. Shortly before the start of the first gulf war the SA-Code was turned off because there was a very great shortage of MIL Spec GPS equipment due to crypto concerns (that still exist today). So troops were issued with civilian GPS receivers that also had the advantage of being inexpensive, small, light weight, and very robust, the result being the SA-Code remained turned off and the accuracy was around about ten times what it was[2].
[1] The story of civilian GPS began officially with an announcement made by then US President Ronald Reagan in 1983. Shortly after Korean Air flight 007 wandered off course and into Soviet airspace over the Kamchatka Peninsula where the Boeing 747 airliner was shot down by a Soviet Sukhoi Su-15 interceptor. It is assumed killing all 269 passengers and crew on board before the aircraft crashed into the sea. One of the passangers was, United States representative Larry McDonald, making it a high priority “National Security” issue. The Soviet Union authorities went into first denial then accusation mode and two weeks later found the aircraft wreckage under the sea, it’s assumed by the “black box” locators. Having found and retreived the flight recorders the Soviet Union authorities kept this information secret.
Due to Soviet Union authorities behaviour and threats President Reagan decided to make available to all civilian aircraft the in develipment GPS system once it was completed “for the common good”. Hopefully to improve air navigation and air safety, and prevent giving Soviet Union Authorities an excuse to start a war or other actions.
[2] One upside to the SA-Code being off is spoofing becomes a lot harder as I’ve explained in the past.
Clive Robinson • December 26, 2023 10:00 AM
I forgot to mention why Larry Patton McDonald was such a National Security concern, and why some thought he was the sole reason the Soviet Union shot down the plane, to in effect assasinate him.
Few remember him now, but he is an object lesson in “oddity”, some say that even though he was a doctor and a Democrat he was more extream right than any other US Representative of the time or since.
How much you do or do not believe, the story with pushing of dangerous drugs, gun running and private intelligence organisations, it makes quite interesting reading,
https://www.politico.com/magazine/story/2018/12/02/larry-mcdonald-communists-deep-state-222726/
TimH • December 26, 2023 10:55 AM
“Location history data in Google Maps will soon be stored directly on user devices.”
“Google itself will no longer have access to the data.”
“This also means law enforcement won’t be able to request it from Google anymore.”
This is meant to sound conforting, but there are massive gaps in the statements… a bit like charities saying that they don’t sell your data, when actually they swap donor info with other charities instead.
I want a statement that location data never leaves the phone, so it can be the only residence.
My expectation is that all location data gets passed straight on to NSA, regardless of any settings, which saves Google the expense and unwanted publicity of LEO processing. This will have to be kept a secret for natsec reasons, but LEO are well used to reconstruction to re-acquire info legally that was obtained first through other means.
The only clue we’ll get is when cases are dropped when judges insist on show ‘n’ tell of evidence trails leading to particularised suspicion, and that would make it obvious that the location DB exists.
yet another bruce • December 26, 2023 11:14 AM
How is Google going to collect traffic congestion data if phones do not share their location and speed? Could there be some legalistic needle threading going on? For example, perhaps Google doesn’t store historical location tracks but instead pipes them out to law enforcement organizations in real-time and it is the responsibility of LEO to log the tracks and index them.
Wannabe Tech guy • December 26, 2023 11:23 AM
“I want a statement that location data never leaves the phone, so it can be the only residence.”
Even if you get that statement, would you believe it? Would you trust Google,NSA, etc. How would you know?
fib • December 26, 2023 12:37 PM
From the article: “42 Democrats from the US House and Senate signed a letter last May addressed to Google CEO Sundar Pichai urging the company to stop collecting and retaining user location information.”
Still a concession, a unilateral act of mercy from a corporate giant. Why couldn’t it be simply regulated?
Too good to be true, as law enforcement is now addicted to such sources. NOt sure about the US, but in other jurisdictions LEAs could just request the entire raw stream of data and correlate using other sources – eg the cell phone infrastructure.
Anonymous • December 26, 2023 12:41 PM
@WTg “Would you trust Google,NSA, etc. How would you know?”
That is the crux of the biscuit.
I often contemplate what it would take for, say, Apple, to secretly be in bed with The Government, but maintain a sham image as a privacy proponent.
Could a company as powerful as Apple keep it secret? What would that take? What would it take to expose them?
If you’re a writer, there’s a story there.
Anonymous • December 26, 2023 1:01 PM
Google’s days are numbered by the multitude of AIs available.
Ismar • December 26, 2023 3:53 PM
Is it possible that they have realised keep storing of such huge quantities of data is impossible even for them?
rgill • December 26, 2023 10:58 PM
Google no longer has that data to turn over
Those looking for loopholes seem to be overlooking the obvious one: “that data” refers to the data collected by Google Maps. The statement doesn’t say that Google isn’t collecting and storing (remotely) location data from other sources: other apps, the operating system itself, the firmware of Pixel phones, etc. Are they?
I’m kind of surprised at the idea, implicit in these stories, that Google Maps data is the only source of data. With these geofence warrants, have police only been getting the location data of people who had Google Maps running when they were in the locations? News reporting about these warrants made them seem much broader, like they’d produce a list of every Android user who was there.
JonKnowsNothing • December 27, 2023 1:32 AM
@rgill, All
re: geofence warrants
Marcy Wheeler does analysis of complex legal issues. She tracks and connects dots about many of the Dec37 group and how things are presented to the courts vs what MSM says is presented (which is mostly incorrect).
Recently she reviewed geofence warrants for some of the prominent cases based on the evidence filing.
LEAs get the information from more than one source, Google is just one of them. Mobile Service Providers can provide similar information.
- Physical location == Mobile Service Provider
- Data exchanges == Google + Apps
- Device activation == OS Mfg
As lots of people keep many apps active and installed any of those can be targeted too.
= = =
ht tps://www . emptywheel . net/
- Marcy Wheeler is an independent journalist writing about national security and civil liberties.
Andrew P • December 27, 2023 9:45 AM
@JonKnowsNothing while I understand Google and NSA are working on this kind of geolocating tech, and it wouldn’t surprise me if they have it, if somebody takes a photo with a literal mountain range in the background, you really don’t need bleeding-edge capabilities to geolocate them :).
JonKnowsNothing • December 27, 2023 11:39 AM
@Andrew P, All
re: photo with a literal mountain range in the background, you really don’t need bleeding-edge capabilities to geolocate them
I dunno, never tried it myself.
Anecdote tl;dr
A famous US photographer was known for iconic pictures of famous landscapes in the USA. A story goes that to recreate the same picture later they had to camp out at the original site during the correct season, wait for the correct time of day then look at the sky for cloud formations.
If it wasn’t exactly like the first image, they had to wait another day or season to try again.
lurker • December 27, 2023 12:46 PM
@TimH
“I want a statement that location data never leaves the phone, so it can be the only residence.”
Nobody will give you such a statement, as long as you continue to connect your phone to the internet.[1] The telco already has fully tracked location dats on where your phone is/was from the cell towers. This isn’t as accurate as GPS but may be good enough on the day for a LEA.
How many apps do you have on your phone? Did you carefully vet all their permissions on installation? And again after each update? Even an innocent sounding permission like “Storage” for an app that only reads files, could mean it reads another app’s files, then sends it away when it gets a chance.
[1] The internet is the common culprit because everybody wants always on web browsers, email, &c. Android apps are supposed to run in separate sandboxes, but there are too many rogue apps that slip thru the AppStore or are side-loaded, that will read other app’s data or make sneaky network connection. And modern “messaging” apps push so much junk over the SMS protocol that they must also be suspect.
lurker • December 27, 2023 1:04 PM
So you get a new phone, and Location is on by default, so you go to Settings > Location > Keep Location History, and turn it OFF. Now turn Location OFF. Voila!
Or is it? Are those buttons telling the whole truth? Can you trust G? Is your location data worth the effort for G to spin faster to show how they got it when you thought they couldn’t?
Sheesh, Location History is for people who can’t remember where they’ve been. Or for those who can remember but don’t know how to tell others.
JonKnowsNothing • December 27, 2023 3:06 PM
@lurker
re: for people who can’t remember where they’ve been
I know of people who use Google Map (or similar) to drive 2 blocks to the market. They have been driving to that market for years but now cannot seem to navigate the 2 blocks without the voice telling them “You have arrived”.
iirc(badly) The comic Robin Williams did a routine about having to use a GPS Map to cross the Golden Gate Bridge in San Francisco to a “Vista Point” on the other end of the bridge. He said that the perfect voice for a GPS is one with a Scottish accent.
- Ther-ars yer Fuuuu ken vu!
JonKnowsNothing • December 27, 2023 3:23 PM
@All
To Be noted about GPS Maps: there are some people who do need them and for whom they improve their daily lives.
- Cannot read the native language (think traveling)
- Cannot read (or write) literacy issues (any language)
- Never learned how to use a compass or how maps work or how they are oriented (cartography symbols, map coordinates)
- Never learned cardinal directions or how they themselves are oriented in space (they may know the Sun rises Over There or the Sun rises in the East but cannot tell you which direction East is from where they are standing)
- Folks with different challenges or abilities.
In the USA we no longer teach “cursive” writing. How much map reading skills get taught is questionable.
I recently saw an documentary, were in several scenes the narrator was shown writing in a diary in Block Letters. It was a bit stunning as the person is well educated and very knowledgeable on the topic presented. I only hope that it was an affectation rather than a limitation.
Historically, some countries considered all maps to be military intelligence and people were deliberately kept ignorant. Harder to run away when you don’t know which way North is, so by necessity you learned to “Follow the Drinking Gourd”.
Clive Robinson • December 27, 2023 4:31 PM
@ lurker, ALL,
Re : Mobile as Land Line.
“So you get a new phone…”
That as they say,
“Is your first mistake.”
It’s a not unreasonable assumption to think that with each upgrade of software the phone OS and Apps are updated with the most modern of sneaky tricks to get PPI, on top of all those earlier sneaky tricks.
This is not going to change untill the corporate seniors are actually penalised with 20 plus year jail sentances without parole.
As others have noted fines are not a punishment, they are just seen as an everyday,
“Cost of doing business well.”
In fact some investors won’t look at a company that is not fighting against a fine or five. Because no fines means the company is not trying hard enough to make “shareholder value”.
It’s the same argument as leaving “money on the table” or “cash on the floor” or similar. Put simply if every deal a company makes is a success then investors will see it as not taking enough risk thus playing it safe on the “low road”. It’s a case of –has oft been said before– of,
“Go BIG! Or go home…”
Ie do the GWB cowboy walk etc etc.
So you have to assume no matter what you do your “Mobile Phone” will in some way or another,
“Rat you out to a bunch of profit mongers with zero ethics or empathy, and very probable significant criminal inclinations.”
So what do you do?
As I’ve mentioned before you don’t carry it around with you when it’s on. You put ir on charge in your office desk or in the hall or kitchen etc.
Treat it like a “land line” with a WiFi router.
Further put an EM Radiation “Crystal/diode RF envelope Detector” next to it and “log it’s behaviour”.
But most importantly develop “habits” where you turn the phone off or leave it some place very regularly.
So turn it off when you leave home –it is after all a dangerous distraction whilst traveling– turn it on only when you get inside work, and put it in your desk draw on vibrate and voice mail or divert to your work phone VM. Leave it there at lunch etc. Turn it off when you leave the office, and turn ir back on when back home.
By “turn off” I realy do not mean via the “soft button” I mean pull the power and put it in a working Faraday bag, preferably with one of those micro sized “phone/GPS jammers”[1]. That way the mobile has no signal to receive and log in it’s memory, that might later be read out.
The thing is you have to make “The hard Choice” is your mobile to be a “phone” or some kind of “Personal Assistant” come “Games/entertainment toy”?
If you chose wrong, or don’t take the right precautions then it very definitely by spting on you 24×365.
And remember that Law Enforcment caution of “Anything you say or do may be used against you” well it needs an update with “have said or done” as they can go back months or years looking for some innocent thing to persuade a jury to hang you with[3].
[1] A lot of people will tell you that phone and GPS jammers are “illegal”, actually that is so over simplified and generalised it is effectively not true. Whilst it is unlawfull to “intentionally” “jam or interfere with a service used by others”, provided the signal does not reach “others” equipment it’s not unlawful (because if it was then no “Consumer Electronics”, especially ICT kit would be legal to use). A low power jammer with the antenna replaced by a “dummy load” of long legged resistor, is not a jammer but a “swept signal generator”[2] inside a screaning Faraday box/bag should not radiate outside of the bag above the legal limit / Mask (one of which is -43dbm in US). The fact your phone is in the box/bag and being jammed is irrelevant as you are not an “other” user.
[2] You don’t actually need a “jammer” a micro “Vector Network Analyser”(VNA) or tracking “Spectrum Analyser”(SA) will produce a “sweep signal”. They are both pieces of freely available “Test equipment” for which there are no rules other than taking steps to avoid “intentional” interferance or radiation beyond the test environment. In my “EMC Test Cell” (a Faraday cage with internal radiating transmission line) I use the tracking output of an SA to drive a chain of ultra linear amplifiers to get +50dbm (100W) to test receivers for desense and +60dbm (1kW) for other equipment for susceptibility in high power TX environments (think up the top of a VHF Broadcast tower etc).
[3] If you don’t believe this look at the legislation of the large number of US states that have come out with post roe-v-wade (Dobbs-v-Jackson) nullification legislation that can be used as the first step to find women and drag them into court to be found guilty of the equivalent of murder. Which soon will be applied for using the birth control pill (see the definitions used for start of life –something I warned would happen–)…
JonKnowsNothing • December 27, 2023 4:48 PM
@Clive, All
re first step to find women and drag them into court to be found guilty of the equivalent of murder.
A MSM article was horrifically instructive about this for a person in Poland where things are legal and there was no violation of the law. The authorities didn’t care it was legal.
===
HAIL Warning
ht tp s://www.theguardia n .com/global-development/2023/dec/27/poland-abortion-laws-pani-joanna-activist
Note: The topic contains details that some might find challenging. Nothing illegal was done. The reaction of Law Enforcement in Poland was extreme.
The primary points are:
- Medical Confidentiality v Phone Medicine Privacy (NIL)
- Personal information leaked by government
- Social Media manipulations NUDGE
ResearcherZero • December 28, 2023 3:37 AM
@JonKnowsNothing
Funnily enough the police often don’t care much about the law themselves, and some doctors are all to willing to let police break the law and illegally demand blood samples, strip searches and other invasive, unwarranted procedures or violations of liberty.
“Many worthy § 1983 claims go unfiled, and those that are filed must navigate a thicket of immunity doctrines that shield government wrongdoing, thus turning valid claims into vanquished ones.”
That means they are not personally responsible for settlement payments or jury-awarded damages arising from allegations of police abuse.
‘https://reason.com/2023/12/22/trumps-promise-to-indemnify-cops-against-any-and-all-liability-is-absurd-for-2-reasons/
(fill in the **)
‘https://media.ccc.de/v/37c3-12326-you_ve_just_been_f**ked_by_psyops
ResearcherZero • December 28, 2023 3:42 AM
This is also relevant, if you want to access government services such as health care.
European Digital Identity Wallet, Digital Identity Systems and the implications for privacy and personal liberty.
‘https://media.ccc.de/v/37c3-12004-please_identify_yourself
–
Privacy vs Access
‘https://www.wired.com/story/sotu-privacy-congress-biden/
The push has been endlessly bogged down amid disputes over whether a national law should override state measures and whether it should give consumers a right to sue companies over privacy breaches.
https://www.washingtonpost.com/politics/2021/09/24/congress-is-reviving-data-privacy-debate-dont-hold-your-breath-law/
Lacks key support to move further…
‘https://www.morganlewis.com/pubs/2023/07/us-data-privacy-legislation-could-a-federal-law-be-on-the-horizon
“We’ve been talking for what, two years about a privacy bill? Haven’t seen one, don’t know if we’ll ever see one.”
https://www.politico.com/story/2019/07/12/congress-consumer-privacy-bill-1582540
A Senate Judiciary Committee hearing focused on children’s online safety that is expected to feature major tech CEOs has been pushed back to next year following scheduling conflicts.
‘https://www.washingtonpost.com/politics/2023/11/28/ftc-notches-legal-win-privacy-fight-with-meta/
“We made a mistake with it, and to this day, Congress really hasn’t been able to address and correct that.”
https://www.washingtonpost.com/politics/2023/11/30/retiring-silicon-valley-rep-anna-eshoo-her-biggest-tech-regrets/
JonKnowsNothing • December 28, 2023 12:15 PM
@All
A MSM Report about Google Location and Tracking Data
It seems that Google has been tracking users even when the enable “incognito mode” which is supposed to “stop the tracking”. Google cleverly sided stepped the “do not track” aspect and kept right on tracking.
Not only tracking it but deanonymizing it and adding to the “user’s profile”.
- Google and the plaintiffs have agreed to terms that will result in the litigation being dismissed. The agreement will be presented to the court by the end of January [2024], with the court giving final approval by the end of February [2024].
There is no indication of what, if any, alterations Google will make to tracking incognito sessions.
- It does illustrate that just because the button says OFF does not mean it is OFF
===
ht tps://arstechnica . c om/tech-policy/2023/12/google-agrees-to-settle-in-chrome-incognito-mode-class-action-lawsuit/
- Google agrees to settle Chrome incognito mode class action lawsuit
- 2020 lawsuit accused Google of tracking incognito activity, tying it to users’ profiles.
Subscribe to comments on this entry
Leave a comment
← Friday Squid Blogging: Squid Parts into Fertilizer New iPhone Security Features to Protect Stolen Devices →
Sidebar photo of Bruce Schneier by Joe MacInnis.
JonKnowsNothing • December 26, 2023 8:14 AM
@All
re: Google Stops Collecting Location Data from Maps
The small print: Google no longer needs to collect and store the data from maps on their servers because they have been working with the NSA for a few years now on “how to ID any location on the planet without a geolocation reference attached to the image”.
Google has scraped every public image off the internet (as have others) and developed an program to catalog every detail in each image. They first select images that have a geolocation information, overlay them and build up a composite version with every detail identified in them. Next they use a images with the geolocation image stripped and “match it” up.
This is quite successful technique.
So, Google doesn’t need to keep the information on their servers, and having it on the device is easier for LEAs.
What’s on the device, stays on the device.