CLEVELAND — The same information detected by your phone that gives you driving directions and nearby restaurant suggestions can also be used by stalkers, identity thieves other criminals to track you down.
It was a discovery that infuriated cell phone users and disturbed lawmakers. Companies like Sprint and T Mobile have been selling your phone's location data, which can pinpoint you down to 1500 feet. That's within 5 square blocks.
In an investigation for Vice's tech reporting site Motherboard, reporter John Cox was able to track a cell phone through a bounty hunter for just 300 dollars.
"They sent me a google maps screenshot of the approximate area of where the phone was and it was correct," says Cox. "I'm not a law enforcement official, and I was able to do this."
FCC Commissioner Jessica Rosenworcel says "Your wireless company, your phone company can use information about your location if you give them consent. But what's missing here is consumer consent. I haven't consented to this and I bet you haven't either."
The FCC came down on them and the carriers responded with these letters claiming they've stopped.
But did they?
"The truth is, with a lot of these situations,you never know for sure," says Adam Levin, founder of the data defense firm CyberScout. "Plus the fact that a lot of these organization can be hacked. And hackers can get their hands on this information."
But get this... the apps on your phone are doing the same thing and we're letting them share it with third parties by agreeing to their privacy policies. And no one seems to care about that.
So to see exactly what they're up to, we sent Consumer Investigative Reporter Danielle Serino's iPhone to the Columbus-based cyber security firm Interhack to see what locations her phone was tracking.
"I can see where you spend a lot of time" says Interhack's founder C. Matthew Curtin. "I tend to know what time you get home. I know what time you leave home. I can tell where you work. I can tell where you work out."
And the information they found was even older than the device itself - it goes back as far as 2014!
For instance, the apps showed Serino vacationed in Massachusetts this past summer, and even had location information for a trip to Florida's EPCOT center five years ago!
With some apps, it's part of their user agreement
"Most of the apps will ask for lots and lots of permissions," says Curtin. "And in some cases if you try to disable certain permissions, then the app won't work."
When Serino declined to let her vehicle's CarPlay record her speed and position, the app keep her in a loop that was stuck on the main menu.
Another example is Pandora, which tries to access her Instagram account where photos give GPS locations that can also show where you've been... and with whom. Which means the information some of your apps gather isn't just about you.
"It's not just names of your friends or people you call frequently, but you've got their phone numbers in there, you've got their email addresses in there. They also have the same thing about you," says Curtain.
In many cases you'll have to chose between letting them spy on you or not being able to use the app at all.
The head of the FCC sums it up. "This is a system that's lacking oversight," says Commissioner Rosenworcel. "And it needs it."
Below are some links on how to turn on privacy settings and other tips for protecting the information apps can gather from your phone.
