San Francisco — Members of a consumer-privacy group are criticizing Google Inc.’s recently launched mapping application feature that allows users to share the locations of their friends, family and employees an “unnecessary danger” to users’ security and privacy, the group says it envisions five scenarios in which the Google Maps add-on could be abused. Google’s Latitude location-sharing service “could be a big present to stalkers, prying employers, jealous partners, and obsessive friends,” Privacy International warned Thursday.
Latitude is developed on the fundamentals of Google’s My Location feature that has been in place since last year.
The criticism comes just a day after Google Inc. introduced Google Latitude, an upgrade to its Google Maps feature that enables users to track the exact location of friends or family either through their mobile devices or Google Gears-equipped computer. Google Latitude not only shows the location of friends, but it can also be used to contact them via SMS, Google Talk or Gmail.
The service has raised a number of security concerns, as most users are not even aware that it is enabled. Today, Privacy International is raising a red flag about the technology.
“Many people will see Latitude as a cool product, but the fact is that Google has yet again failed to deliver strong privacy and security,” said Simon Davies, director of London-based Privacy International, in a statement. “The company has a long way to go before it can acquire the trust of phone users. As it stands right now, Latitude could be a big gift to stalkers, prying employers, jealous partners and obsessive friends. The dangers to a user’s privacy and security are as limitless as the imagination of those who would abuse this technology.”
The new application and social networking components makes Latitude similar to a number of websites such as Loopt and Brightkite that make use of the location data of a network of friends.
Google, responding to Computerworld queries in an e-mail, said their engineers and designers took privacy and security concerns into account when they created Google Latitude.
To shoo off anticipated privacy concerns, Vic Gundotra, VP of engineering on Google’s mobile team, tried to pacify potential Latitude users that Google designed the service so that users are in control. “Fun aside, we understand the sensitivity of location data, so we have built fine-grained privacy controls right into the application,” he said. “Everything about Latitude is “opt-in”. You not only control exactly who gets to see your location, but you also decide the location that they see.”
“Concerns have been echoed about the possibility of the product being installed onto someone’s mobile phone covertly,” said a Google spokeswoman. “While many of the assumptions that have been described are unlikely, we take this issue seriously and always listen to feedback from our users. We already have a safety feature working on certain mobile devices that actively alerts users that Latitude is running, and we are in the process of extending this notification to other mobile platforms supporting Google Latitude, which will be ready within a week.”
Google asserts that it has designed the service from the ground-up with security and privacy issues in mind; besides the service only shows the last known location of a given user.
However, privacy watchdog Privacy International, in an online posting, expressing anxiety over Google Latitude, argues that there are possibility for abuse of the system for those who may not know that their phone is broadcasting its location, and lacks sufficient safeguards to keep someone from surreptitiously opting into the tracking feature on someone else’s device. The problem arises when someone can gain physical access to another person’s cell phone.
Google’s spokeswoman admits that the message that pops up on BlackBerry devices is engaged when Latitude has been installed but not been used for a while.
“We have added a feature on the BlackBerry version of the software that shows several notifications (i.e. pop-up messages) to a device which informs the user that his or her phone’s location is being shared,” said a Google spokesperson.
“We expect to continue this to other versions of the software soon,” the spokesperson added, noting that all platforms should be supported within a week’s time.
In an interview on Tuesday, Dan Olds, an analyst at Gabriel Consulting Group Inc., said the Google tool is interesting even if there are obvious potential privacy issues when people know your every move.
Olds summed-up that people need to think through who can access such personal information. “Users need to realize how to do it and why they probably do not want to constantly broadcast their locations to the world at large,” he said.
Nevertheless, Google is very well aware that it has a privacy problem, exemplified by its wild-eyed campaign last summer to avoid adding a link on its home page to its privacy policy. It uses sensitive data to make its products better and to figure out how to personalize and generate more revenues from its ads and search. Too much privacy threatens Google’s business model. Its competitors too are aware of this, which is why Microsoft and Yahoo have been engaged in a game of data-retention one-upmanship.