This week, Google reportedly announced that it had taken action against a company that was selling the location data of Android users. The firm, named SafeGraph, was providing data sets to other companies, which it gathered by embedding its code in other software developers’ apps.
According to an investigation by Motherboard, the company markets its data sets to governments and a wide range of organizations, though it also sells on the open market—meaning anyone could get hold of the information.
It seems that even the Centers for Disease Control (CDC) and at least one county health department had been using the app to gather data as part of the response effort to COVID-19.
“They are willing to sell extremely fine-grained data and anyone with a credit card can start buying it,” Zach Edwards, a researcher, told the site.
Google said that it sent a seven-day warning in June to all apps working with SafeGraph, as per CNET. These apps have to remove SafeGraph’s code, and failing to do so would result in facing enforcement on the Google Play marketplace.
When Motherboard purchased US$200 worth of location data from SafeGraph last year, the information reportedly included points of interest for the area selected, as well as additional details such as the subsequent destinations visitors headed to.
In Edwards’ own investigation, he found that the app could fetch data from a small doctor’s office, showing how SafeGraph could even target extremely specific locations, which further reduces users’ anonymity.
Currently, it’s unclear if the app has heeded Google’s warning and stopped gathering users’ data from Android smartphones. With the company placing its tracking code in a large number of apps, it’s inevitably more difficult to check if it’s stopped completely.
[via
This content was originally published here.