“Never do anything you wouldn’t want to share with everyone on public WiFi,” warns CNN’s Laurie Segall in an eye-opening look at online stalking, geotracking, and the risks of surfing online without a VPN in a wireless hotspot.
As Segall points out in this video, STALKER is a tool created by security firm Immunity Inc. to demonstrate the hazards of connecting to insecure public WiFi networks. As the company itself admitted on its blog, “STALKER is a tool…to reconstruct all captured traffic (wired or wireless alike) and parse out all of the ‘interesting’ information disclosures. It goes beyond just grabbing passwords and emails out of the air as it attempts to build a complete profile of your target(s). You would be amazed at how much data you can collect in 15 minutes.”
Here is a list of some types of data that can be collected with STALKER:
- Email addresses
- Phone numbers
- Billing and home address
- User names and screen names
Unless you’re using a personal VPN like PRIVATE WiFi, STALKER can easily find out highly sensitive personal information that you’re doing online in WiFi hotspots.
FTC Testimony On GeoTracking
There’s no way around it — nearly everyone is being tracked. That’s why the Federal Trade Commission recently testified before Congress about proposed legislation to protect the privacy of geolocation data.
The Location Privacy Protection Act 2014 legislation would give the Department of Justice rule-making authority, in consultation with the FTC, as well as sole enforcement authority. If passed, it would incorporate the following tenets, requiring that companies need to:
- Be more transparent with consumers and disclose that tracking data is being collected.
- Ask for express consent from consumers to track their location data.
Precise geolocation data is sensitive personal information increasingly used in consumer products and services. While it often makes consumers’ lives easier and more efficient, geolocation information can raise concerns because it can reveal movements in real time and provide a detailed record of a consumer’s movements over time.
“Geolocation information can divulge intimately personal details about an individual. Did you visit an AIDS clinic last Tuesday? What place of worship do you attend? Were you at a psychiatrist’s office last week? Did you meet with a prospective business customer?” the FTC asked in its testimony to Congress.
Geolocation information may be sold to companies to help build profiles about consumers without their knowledge or consent, or it could be accessed by cybercriminals, hackers, or through surreptitious means such as those so-called stalking apps referenced earlier.
The testimony also notes the FTC’s ongoing efforts to educate consumers and businesses about protecting the privacy of geolocation information. For instance, the FTC released an updated version of ‘‘Net Cetera: Chatting with Kids About Being Online,” and it has released guidance directed to businesses operating in the mobile arena to help educate them on best practices to handle sensitive information, such as geolocation information.