At this point, your device is not giving anyone your location without explicit permission. So it really just comes down to your IP Address, which services do need.
At this point, your device is not giving anyone your location without explicit permission. So it really just comes down to your IP Address, which services do need.
I think your is statement is inaccurate to the point of being intentionally misleading:
Many devices, when running, and in some cases even if turned off but connected to their battery, will ping cell towers (maybe even BLE/Wifi) and get triangulated by the network infrastructure (such as cell towers) without actively broadcasting the GPS location.
That's why I don't quite understand why the gubernment needs to have finer grained data (esp around the US/Mexican border). Precision location info would only be needed if you need to track people in densely populated areas.
Cell-site location information (CSLI) is not available to apps or adware and is protected by the Fourth Amendment.
It was freely sold up until a handful of years ago
Yes, but it is available to the gubernment ? Especially this gubernment?
That location information is not available to apps or ad networks without user consent. The government can access it from the carrier with a warrant, but that's not what we're discussing here.
Carriers have also sold customer location data, no search warrant required. Though we can rest assured that the FCC has slapped the carriers' wrists with the utmost seriousness.
And sold it to not just the government but anybody _claiming_ to be a bounty hunter (and some other professions).
I think that's very much what is discussed in this whole thread.
Couldn't you just maintain a list of cell tower IPs and figure it out with traceroute?
If you use Google Location Services, which is stock install on basically all Android devices, it absolutely is uploading "anonymized" GPS data all the time.
IP Address is all you need to get fairly accurate (town or neighborhood) location for most of North America.
But it is necessary to send it somewhere, otherwise the internet wouldn't work.
Unfortunately it seems to have become accepted for our devices to communicate constantly and often with services we never explicitly started communication with (like Ad networks used in Apps).
Permission systems on devices should care about Network connections just as much as Location. Ideally when installing an app you'd get the list of domains it requests to communicate with, and you could toggle them. Bonus points if the app store made it a requirement to identify which Domains are third parties and the category like an Ad service.
I think the issue here is one of informed consent. You might say, "OK, this makes sense" when agreeing to location data for a weather app. In the context of whether it's going to hail soon, location is reasonable. What you only see in those GDPR-type banners is that the data is being re-sold off to 1001 "partners", none of whom are important for my hail-to-head concerns. Never mind all the cases where it's re-sold on to all the governments and personal-level creeps through aggregators.
IPv6 addresses, particularly hardlines, are often accurate down to the block.
Then you are obligated to obscure that with a trusted no-log VPN too.