Millions of smartphone users globally got an unpleasant surprise this holiday season. ToTok, one of those “free, fast and secure” messaging apps they used to chat with family and friends, was a spying tool designed by the government of the United Arab Emirates. Americans ought to be alarmed by the news, but they also ought to be alarmed by something else: Our private data isn’t actually private, either.

The New York Times obtained a cache of location information from 12 million phones that combine together for 50 billion geographic pings. Each phone user is captured by thousands of dots on a map that, when connected, reveal the most intimate details of his or her day-to-day life. Seemingly innocent apps, from jewel-swapping games to weather services, soak up our movements and sell them to brokers who in turn sell them to advertisers. The entire enterprise is completely legal.

That a massive market for location data exists isn’t a revelation, but viewing so vast a collection of information in so concentrated a place still is revelatory. The Times was able to track Inauguration Day protesters, follow scientists at the NASA Jet Propulsion Laboratory, trace a Post journalist through Arlington, Virginia, and even travel in President Trump’s digital footprints as he lounged at Mar-a-Lago and golfed at his club in Jupiter, Florida.

The data was safe in the Times’ hands, but what about the hands of an enemy state seeking to blackmail an intelligence operative, or an abusive husband trying to find his fleeing wife? And what about the idea of ambient privacy – our ability to move through the world without the knowledge that someone, somewhere, is always watching?

Many have used the Times report to call for the regulation of location data, which, as the paper’s analysis makes manifest, can never be truly anonymized. They’re right to ask for that, but they should ask for more along with it: a comprehensive privacy framework that looks beyond a single category to restrict how companies collect, keep, process and share our personal information.

That framework should put an emphasis on what data companies reasonably need to gather (much less sell) to provide a service, rather than what data they’d like to collect to fill their coffers.

The Times’s project and those that have come before it reveal that it doesn’t take a plot by a repressive regime to get people to surrender to surveillance. It takes only pages on pages of opaque terms of service and a legal landscape free of restraints. Perhaps if members of Congress could see their own thousands of dots moving across a map, they would finish the work they started more than a year ago and produce the robust law the country deserves.

filed under: