Google under scrutiny over pledge to protect abortion location data | Google


Google’s promise to protect the location history of users who visit abortion clinics is coming under scrutiny after researchers found that a user who had brief access to another user’s Android phone – such as a boyfriend logging into his girlfriend’s phone – could then relatively easily monitor the user’s movements.

The finding by Tech Transparency Project, a research arm of the nonprofit Campaign for Accountability, comes weeks after Google announced in a blogpost that it would delete entries to sensitive locations – such as abortion clinics or domestic violence shelters – if its systems identified that someone has visited one of these places. The 1 July blogpost said the change would take effect “in the coming weeks”.

The supreme court’s decision to overturn Roe v Wade, the landmark ruling that ensured women had a federally protected right to get an abortion, has prompted concerns among privacy advocates about data collection policies that could be used to track women by their intimate partners or by law enforcement agencies in the event she was seeking access to an abortion.

In a report published on Thursday, TTP researchers made two findings following an experiment using two new Android phones. First, that if an Android user (described as a “perpetrator”) could get access to another user’s phone (described as a “victim”) and log into their own account using a Google app on the victim’s device, such as Google Play, the location history of the victim would then be visible to the perpetrator, without the victim being given any clear warning that they could be tracked.

Second, the same experiment showed that the victim’s visit to an abortion clinic, a Washington-based Planned Parenthood, was visible to the perpetrator and was not automatically deleted. In this case, the victim’s location history was turned off, but the perpetrator’s was enabled.

The route and time spent in the Planned Parenthood clinic was also viewable to the perpetrator via the Google Maps app on the perpetrator’s phone. A full week later, the clinic location remained in Google’s location history when viewed on the perpetrator’s phone and in a desktop browser.

TTP said: “It is unclear how Google plans to implement these [abortion-related] policies, and how long sensitive locations will remain on users’ location timelines before the tech giant deletes them.

“When TTP took a phone to an abortion clinic, the clinic’s exact location remained in Google’s location history for more than a week, suggesting that either Google has not yet implemented these changes or the company’s system for detecting and removing sensitive locations is faulty.”

TTP’s experiment replicated a similar finding that was published by a respected malware intelligence researcher, Pieter Arntz, on his blog in 2021. In that case, Arntz reported that he had inadvertently been able to “spy” on his wife’s whereabouts after he installed an app on his wife’s Android phone, which ultimately led him to receive updates on her location on his own phone.

Arntz said he submitted an issue report to Google with specific information about how he had obtained the location information, and made suggestions about how the tech giant could take steps to protect users location data from inadvertently being shared. In his case, and TTP’s experiment, the Google timeline was enabled on his phone but not on his wife’s, so he noted that he should not have been able to receive the locations visited by her phone.

Second, he said that his wife should have received an explicit warning that “someone else logged into [a Google app] on your phone”.

Contacted by the Guardian, Arntz said Google never responded to his issue report or to his blogpost, even though the blogpost received a lot of attention from privacy experts at the time it was published.

Katie Paul, director of TTP, said: “Google was told that its own tools could be used for stalking nearly a year ago, and the company did nothing about it. The problem has only grown more urgent since then. We have a duty to warn people about how easy it is for someone to track them without their knowledge or consent.”

Researchers have also pointed out that Reddit forums include posts from users who discuss how they discovered partners were cheating on them because they were logged in to their partner’s mobile phone via Gmail or other apps.

Paul added: “Google says it wants to protect women by removing abortion clinics from their location histories. Our study shows they haven’t done that. Even if they eventually make good on that promise, abusers can still use Google tools to follow their victims everywhere else in the world. It’s up to Google to close this dangerous loophole.”

In a statement to the Guardian, Google called TTP’s experiment an “unlikely scenario” because it would require an unwanted user to access a device, breach someone’s device security, and have the user not realize another account is logged in.

A Google spokesperson said: “We encourage everyone to regularly check the accounts associated with their device and only share their device password with people they trust. We make it easy for you to check and manage the accounts associated with your device from any Google app, including removing any unwanted or unknown account.

“We’re always looking at ways to provide people with more controls and protections in every scenario, however unlikely.”

The spokesperson added: “Location History is a Google Account-level setting that is off by default, and we provide simple tools to help you delete any of your data or set auto-delete controls.

“As we announced earlier this month, if our systems identify that someone who has opted into Location History visits an abortion clinic, among other places, we will delete these entries from Location History soon after they visit. The change is now in effect and will apply to all such visits moving forward.”



Source link

Related articles

Bitfinex Hacker Ilya Lichtenstein, Razzlekhan’s Husband, Will get 5 Years in Jail

However regardless of their complexity, former founder and chief of cybercrime cartel Shadow Crew, Brett Johnson instructed CoinDesk final yr that a few of Lichtenstein’s laundering strategies, akin to utilizing Coinbase accounts instantly...

Asia FX fragile; greenback set for stellar week on charge uncertainty, Trump commerce By Investing.com

Investing.com-- Most Asian currencies moved little on Friday and have been nursing losses for the week, whereas the greenback steadied at a one-year peak and was set for a powerful week as markets...

Kraft Heinz ought to face Mac & Cheese lawsuit, select tips By Reuters

By Jonathan Stempel (Reuters) -A federal select talked about Kraft Heinz (NASDAQ:) ought to face a proposed nationwide class movement alleging that it defrauded clients by claiming its Kraft macaroni and cheese, one among...

Bluesky’s stormy day: How its explosive progress led to inevitable outages

As an lively person of Bluesky, I've witnessed the platform's exceptional progress firsthand. In current weeks, my follower rely has surged alongside the inflow of many new customers becoming a...

Japan preliminary Q3 GDP 0.2% versus 0.2% estimate

Prior month 0.7%GDP QoQ 3Q 0.2% vs 0.2% estimateGDP Annualized 0.9% vs 0.7% estimateAnnualize final quarter 2.9%Capital expenditures -0.2% versus -0.2% anticipated. Earlier quarter +0.8%.Non-public consumption preliminary 0.9% versus 0.2% anticipated. Earlier quarter...
spot_img

Latest articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

WP2Social Auto Publish Powered By : XYZScripts.com