Specifically, these big companies revenue share with app companies who in turn increase monetization via selling your private information, esp via free apps. In exchange for Apple etc super high app store rake percentage fees, they claim to run security vetting programs and ToS that vet who they do business with and tell users & courts that things are safe, even when they know they're not.
It's not rocket science for phone OS's to figure out who these companies are and, as iOS / android os users already get tracked by apple/google/etc, triangulate to which apps are participating
> consumer apps embed ad SDKs → those SDKs feed location signals into RTB ad exchanges → surveillance-oriented firms sit in the RTB pipeline and harvest bid request data even without winning auctions
Would you ban ad supported apps? Assuming the comment you're responding to is realistic, I'm not sure how the OS is to blame.
Just as importantly, apps aren't allowed to remove functionality if the user says no.
You need additional permissions to do things like access location data or scan local networks for device fingerprinting.
Or for location, the cellular providers?
Fine, we'll force companies to allow a small little box to be added to their data center. Don't worry about what it does, but you cannot disconnect network/power to it once it is installed. Once it is operational, you'll no longer need to think about it ever again, and we recommend that you don't. You should also not talk about this box to users/customers/clients. In fact, you'd be better off if you didn't talk to your employees about it either.
That's the thing they don't just sit around, they all have run at start up and for Android I blame Google for not giving users the ability to block run at start up.
General Motors sold driving data to data brokers including LexisNexus. Anyone, private or government can buy data from LexisNexus.
That stupid game you installed a year ago, that's what gets you.
If you have a smartphone keep a very sharp eye on your location services, and whether they're in the state you expect them to be in. Also a great way to save your battery.
I'd be perfectly fine with going after companies that sell data to the government, but I don't think it would be fair to go after companies who were forced to hand data over unwillingly, even if they didn't inform the public it was going on out of fear of reproductions.
Everyone who has it is selling that info, and nearly everyone who collects it is selling it. Until there are laws that actually protect us, we should stop giving companies our location data every chance we get and push for laws that prevent it from being unnecessarily collected in the first place.
I don't see how we overcome that massive hurdle. It's not like those who ostensibly make the laws don't know and approve, and probably intentionally implemented that.
We now have full scale mass tracking and surveillance of the kind no one pre-9/11 would believe would have been allowed to exist in the form of the Flock cameras (of course it was an enemy Brit implementing surveillance in the USA) making anonymity quite literally as challenging as Winston Smith trying to move around without being detected to meet his love interest.
How are we going to get the de facto tyrants in the government to pass laws that materially disempower them by being unable to mass surveil everyone at any given time if they don't like what you are saying or thinking?
The problem with all the naysayers for all those decades is that once you have given up control over your own life and you have given away your rights protected by the Constitution, your enemies in the government are unlikely to simply give them back because you ask nicely. In fact, they will most likely aggressively move against anyone that even suggests that you nicely ask for your rights back.
Even the "reasonable person" standard for court would probably conclude that most people would never read it.
For example you can have a truthful statement: “all of the apps that you have are constantly spying on you”
And the rejoinder is “ any given app is not specifically selling my data to specifically the FBI and so therefore it is not spying”
To which the response would be: “that is correct however the aggregate data is bundled and sold off to specifically the FBI or intelligence agencies and so there cannot be a logical differentiation between apps.”
By that point the person has downloaded another rewards app and added their drivers license to it.
Its like saying murder is illegal but hiring a hitman perfectly legal. Its bullshit and everyone involved in these decisions should be in jail. There is no way anybody working for the FBI can claim ignorance to the constitution.
And consent needs to be granted explicitly for each party that might get access to my location, you can't just get blanket consent to sell my location to anyone, especially not with real-time identifiable location data.
In one-party states the consenting party has to be the one who makes the recording. In all-party-consent states, the verbal declaration that a recording is happening has to be part of the recording. It has to be verbal, so there is no "fine print loophole" -- you have to waste 2-3 seconds of everybody's time saying it out loud.
I like your idea, but the wiretap laws work so smoothly because they bootstrap off of things like "conversation participant" and "verbally granted in the recording itself" that don't carry over to location data.
Don't deliberately write a loophole. No need for this part.
[1] https://www.supremecourt.gov/opinions/17pdf/16-402_h315.pdf
This is very different from buying your data from a company especially when the user consented to their location being tracked.
Too many people in these threads jumping to anti-Trump when the real issue is how quick we are to give up our our privacy to use technology and then quickly turn to shock in anger when it’s used against us.
No, it's not 'very different'. When you sign a cellular contract you consent to all sorts of tracking and data collection, but it still requires a warrant for government to obtain.
I would love for investigative groups to target the auto industry’s data collection practices and have meaningful legislation created and implemented as a result.
If the SCOTUS case merely said "needs a warrant to access historical data"... it didn't say "only if acquired via specific means" (like a subpoena), right?
Both things are very real problems.
And then it turns out the video took place in Dallas.
We like to think there are all these barriers to bad things happening where we live. "I'm sure someone (not me) would stop that." But it turns out there isn't as much bulwark as we think. Or we're the bulwark, so if it isn't us, then there is nobody else.
I think in years past people would have objected to sale of personal location data. But that was before people had videos of groups of lawbreakers overwhelming laws through organized efforts.
Law enforcement should only be accessing location data if they have probable cause to believe a crime is happening. This invalidates the third party doctrine loophole and becomes an unreasonable search (and seizure of your privacy) under the 4th amendment.
Location data specifically should be treated as the most private data about a person. It should have the highest scrutiny for any access. It is more important than your financial records and medical records.
Yet they can't write a law to make this basic practice illegal.
Why do I feel like I'm not being represented _at all_?
And by doing this they stop a terror attack?
One more thought - if they buy just data for specific people related to an investigation, the seller of the data is tipped off. If they just buy all the data, then there is no potential tip-off to the target.
The FBI is violating the spirit and original intent of the 4A by creating an entire industry out of the “3rd party doctrine” bypass to the 4A. That doctrine was whole cloth created by SCOTUS and Congress has been too happy to avoid credit or blame for it to not enshrine it in statute.
No:
https://www.nytimes.com/roomfordebate/2015/04/16/what-are-co...
Because it makes them money and that's literally the only thing they care about. They'd do anything for money and the only reason they ever don't do something is because it either wouldn't make them money at all, or it would cost them more money than they'd make.
Many retail sites have a "find a nearby" store function. They often outsource this to a third party...for something as silly as geolocation and geographical lookups. This third party is the one that offers its services for a discount but also siphons up your location data to sell.
Now the FBI shows up to free lunch and blows up the spot. Now _everyone_ knows the ads in “free” apps are tracking you.
If you're lucky, it's pseudo-anonymous. Of course it's actually not - aggregated location data is inherently not anonymous.
They were stunned to see lemonde's app appeared as sources inside that excel file because of SDKs in their app.
Might be cheaper than round the clock SWAT teams https://www.nytimes.com/2025/11/23/us/politics/kash-patel-gi...
That kind of pattern can be used to determine that two or more different app-identities are the same person, and anybody buying that data has a strong incentive to try it.
Have Instagram installed on your phone? Great, now every Meta-owned app _or advertiser running on their platform_ has a pretty good shot at identifying you based on IP, location, app usage, etc.
There is a ton of signal about identity available just by virtue of running alongside other apps. Screen size, OS version, and IP are pretty good proxies for unique identity, especially if all you care about is _probable_ matches.
And no, I don't have any Meta published apps on my phone for exactly the reason you outline. I'm very aware of how IDFV and IDFA work.
The government is supposed to follow the law, be accountable, transparent, and must operate within a constrained, circumscribed zone of activity which is debated and discussed. That's at least how it's supposed to work.
Private companies are understood as amoral sharks who have no obligation to do anything other than operate in their narrowest self-interest, and the law is used as a club to beat them back from what they so clearly want to do, and will do if at all possible. They are unaccountable to anything other than the legal system and their share price. Suggesting that they might have any further obligation is tantamount to questioning whether capitalism should exist. It happens all the time on HN.
So of course the FBI would like to keep their hands mostly clean by having one of those accepted-to-be-horrible companies gather this data and then buy the resulting trove.
See: the US healthcare system.
Unless you're saying Apple is selling the location information they may have directly?
They could also better enable network traffic inspection on device, so we could tell where data is going. LittleSnitch on iOS would be great.
> Wyden said buying information on Americans without obtaining a warrant was an “outrageous end-run around the Fourth Amendment,”
America needs privacy laws for this reason (or an amendment, but good luck). Vote when November rolls around; the other piece is finding Democrats that will take an actual stance on privacy closer to Wyden's.
https://www.wired.com/story/jeffrey-epstein-island-visitors-...
Also, isn't this breaking the constitution? It bypasses needing a warrant respectively having a objective suspicion.
Nope.
Your personal information, when given to others, is now trash on the curb (in a literal sense, see: https://en.wikipedia.org/wiki/California_v._Greenwood )
Buying it just clears up the chain of custody as opposed to the NSA stealing it and reverse engineering your warrant -- OR -- using the good ole stingray.
I don't think that's been of much concern as of late.
