Thursday, May 5, 2022

CDC Bought Phone Location Data

Joseph Cox (Hacker News):

The Centers for Disease Control and Prevention (CDC) bought access to location data harvested from tens of millions of phones in the United States to perform analysis of compliance with curfews, track patterns of people visiting K-12 schools, and specifically monitor the effectiveness of policy in the Navajo Nation, according to CDC documents obtained by Motherboard. The documents also show that although the CDC used COVID-19 as a reason to buy access to the data more quickly, it intended to use it for more-general CDC purposes.


SafeGraph is part of the ballooning location industry, and SafeGraph has previously shared datasets containing 18 million cellphones from the United States. The documents say this acquisition is for data that is geographically representative, “i.e., derived from at least 20 million active cellphone users per day across the United States.”


Researchers at the EFF separately obtained documents concerning the CDC’s purchase of similar location data products from a company called Cubeiq as well as the SafeGraph documents.


Google banned SafeGraph from its Google Play Store in June. This meant that any app developers using SafeGraph’s code had to remove it from their apps, or face having their app removed from the store.

Nick Heer:

In a context vacuum, it would be better if health agencies were able to collect physical locations in a regulated and safe way for all kinds of diseases. But there have been at least stories about wild overreach during this pandemic alone: this one, in which the CDC wanted location data for all sorts of uses beyond contact tracing, and Singapore’s acknowledgement that data from its TraceTogether app — not based on the Apple–Google framework — was made available to police. These episodes do not engender confidence.

Also — and I could write these words for any of the number of posts I have published about the data broker economy — it is super weird how this data can be purchased by just about anyone. Any number of apps on our phones report our location to hundreds of these companies we have never heard of, and then a government agency or a media organization or some dude can just buy it in ostensibly anonymized form. This is the totally legal but horrific present.


Comments RSS · Twitter

Leave a Comment