“When you use Google services, we may collect and process information about your actual location. We use various technologies to determine location, including IP address, GPS, and other sensors that may, for example, provide Google with information on nearby devices, Wi-Fi access points and cell towers.” – Google Privacy Policy

Google says it collects location data when you use Google services, according to its privacy policy.  It also gathers information you give them, or give them permission to use.  So what happens when you aren’t using Google services, don’t give them permission, and turn off location services on your phone?

Google is still collecting your location data if you’re running Android software, reports Quartz, even if you don’t a SIM card installed on your phone.

Companies that gather data will often tell you that they aggregate it, meaning they can show patterns but not personally identifiable information.  That’s not what’s happening here, says reporter Keith Collins.  Since the beginning of 2017, Collins writes, Android phones have been noting nearby cell towers and sending the data, giving Google access to your locations and movements.

Quartz observed the data collection occur and contacted Google, which confirmed the practice.”

Google says the data is encrypted.

It’s not the first time Google’s been in the news for gathering data about individuals.  Did you know that if you use Gmail, they used to target ads based on what you wrote?

They were.  Now, Google says they won’t do it anymore.  Well, kind of.  They’ll still scan and use the info, but just not serve ads.

Consumer Gmail content will not be used or scanned for any ads personalization after this change. This decision brings Gmail ads in line with how we personalize ads for other Google products. Ads shown are based on users’ settings. – Google Blog Post

You can opt out of targeted ads altogether on Gmail and change your preferences by going to https://myaccount.google.com/

Matera v. Google

This pronouncement comes on the heels of a case I’ve been watching (Matera V. Google) for some time now. At issue is the practice of scanning emails sent on Gmail accounts and using the information to send targeted ads to Gmail users. The case alleged that Google violated the Wiretap Act by intercepting the messages. The two sides came to an agreement on settling the case, but the judge ripped apart the agreement in court.

Google agreed to settle the case and to stop scanning emails when they are sent for the purpose of advertising. California judge Lucy Koh called it vague and disappointing and stop just short of calling it a money grab by the attorneys, accusing the plaintiff’s legal counsel of being deceptive about the settlement.

According to CNS, Google will instead scan the messages when they are stored in the users’ inbox before and use that info for targeted ads. Sounds like splitting hairs to me. Whether they do it when you send it or when it arrives, they’re still looking at your personal info and targeting ads.

“I don’t see how this complies with the Wiretap Act,” Judge Koh said about the proposed settlement (via Tech 2), which has Google still able to track content of personal email for advertising. Koh called it ironic that the plaintiff’s lawyers argue the significance of disclosures, but in crafting the settlement, there are none of be found.

“You got no disclosures on your shoppers. They don’t exist on this case, they didn’t exist earlier and they will not exist.” –  Judge Koh via CNS

It’s not just Gmail users.

The suit points out that “Because non-Gmail users exchange emails with Gmail users, the Gmail plaintiffs alleged that non-Gmail users’ communications were subject to the same interception, scanning, and analysis as Gmail users.” That’s a critical issue since the lead plaintiff claims not to be a Gmail user and therefore didn’t consent to the tracking.

Read more about the Proposed Settlement.