A Pinocchio pupett

REALLY?

REALLY Wireless is a new cell carrier backed by significant venture capital funding. The carrier aggressively touts its focus on privacy. One of the first visuals on REALLY’s homepage makes the pitch:

Trackers, Trackers Everywhere

On that same homepage, I find a bunch of trackers from companies like:

  • Fullstory
  • Google
  • Facebook
  • LinkedIn

Not only is REALLY collecting a bunch of data in the “what they keep” section of its diagram, but it’s also giving the data to third parties.

Spy-Proof?

Not all data collection by cell carriers is nefarious. Information about a device and its location is necessary to make cell service work. Further, laws often compel carriers to share specific information with certain entities. When a 911 call is placed from a cell phone, carriers must help emergency services locate the caller.

In 2022, a company called INVISIV launched PGPP (Pretty Good Phone Privacy). The idea was to prevent tracking of users’ locations via their phones’ IMSI numbers. The product got some press since it was technically and intellectually interesting. It narrowly focused on just one type of data collection. INVISIV didn’t pretend the product was a perfect remedy for even that single type of data collection.

REALLY, however, is happy to make audacious claims. Here’s another visual from the homepage:

Screenshot from REALLY's website with the text 'spied on by no one'

Come on. If REALLY came up with technology that made users immune to spying, security researchers and federal agents would be knocking on REALLY’s door (or perhaps breaking it down).

Be Better

Here’s one last visual from REALLY’s homepage:

Screenshot from REALLY's website with the text 'better for the planet'
I have some advice for REALLY if it’s trying to make the planet a better place.

STOP LYING.

NYT Story On Location Tracking

The New York Times is running a series of articles on cell phone location tracking. The Times received access to a database with location data from about 12 million devices. In the series, reporters explain how easy it is to de-anonymize the allegedly anonymous location data. Here’s an excerpt from the first article:

Dozens of companies — largely unregulated, little scrutinized — are logging the movements of tens of millions of people with mobile phones and storing the information in gigantic data files. The Times Privacy Project obtained one such file, by far the largest and most sensitive ever to be reviewed by journalists. It holds more than 50 billion location pings from the phones of more than 12 million Americans…The data reviewed by Times Opinion didn’t come from a telecom or giant tech company, nor did it come from a governmental surveillance operation. It originated from a location data company, one of dozens quietly collecting precise movements using software slipped onto mobile phone apps. You’ve probably never heard of most of the companies — and yet to anyone who has access to this data, your life is an open book. They can see the places you go every moment of the day, whom you meet with or spend the night with, where you pray, whether you visit a methadone clinic, a psychiatrist’s office or a massage parlor…Yes, the location data contains billions of data points with no identifiable information like names or email addresses. But it’s child’s play to connect real names to the dots that appear on the maps.

I have quibbles with the articles, but I strongly recommend them. It looks like the Times is currently four articles into what will be a seven-article series.