I know where you’ve been, I can guess what you’ve been doing.

Posted on by James Darwin

Remember when geolocation tags (or geotags) were first added to digital photos? It meant you could always check where a photo was taken or easily find all the photos you took on your overseas holiday just by searching on location. This was and is really useful.

Nowadays, when you are using a digital/computer device, most of them have an in-built GPS function; computers, mobile devices, wearable devices like watches and Fitbits, in-car navigation etc. This also means that data stored by these devices will, most likely, get tagged with a geolocation. For example, photos, videos, Tweets, Instagram posts, Facebook posts, TikTok videos etc.

Online businesses really like location services. It gives them access to a whole new set of data which they didn’t have before. They can use location information, for example, to help target local advertising and understand location-based buying patterns. Sometimes this can be a benefit to the consumer, though personally I mostly find it a little creepy.

So, is this location data something you should be concerned about? Remember, once a piece of data gets out into the Internet, it’s almost impossible to control. It’s there forever. And if that data includes personal information about you, this could be used against you at any time in the future. The geolocation tagging data by itself is probably not that much of an issue, but when combined with other pieces of data, could become a concern.

Take the advancements in facial recognition technology and combine that with pictures of you which contain a geotag. This could potentially be used to track your movements. Now combine this with other pieces of your personal information, which have very likely made it into the public domain (email address, mobile number, data-of-birth) and you are a potential target for Cyber Stalking or even Identity Theft.

I guess the bottom line is, we just don’t know how all of this location data might be used against us in the future, so it’s probably best to use the security principle of least privilege. In this case that would mean, as a rule, do not share geolocation data, and only share it when it’s necessary for that particular situation. Also remember that you can’t always stop the recording of geolocation data, but you can decide with whom to share it.

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

Published by James Darwin

James is a Senior Solutions Engineer at Okta. He is a thought leader in Identity and Access (IAM), Cloud Security, and Cybersecurity Solutions. He is certified as a CISSP and a CCSP (ISC). He also has a keen interest in Personal Cyber Security! Disclaimer: "The postings on this site are my own and don't necessarily represent Okta's positions, strategies, or opinions."