The National Security Agency (NSA) has issued a guidance to help mobile device users prevent the unintended exposure of location data to malicious actors.
NSA said in the cybersecurity guidance that while mobile devices are designed to store and share geolocation information, users must also consider certain features that covertly share personal data through wireless signals, Bluetooth and GPS.
According to the agency, it is possible to obtain real-time location data and user information without consent through cellular networks. Past location data can also be used to predict future user actions, while websites can utilize “browser fingerprints” to mine data.
NSA noted that users should also be wary of their data being obtained even while cellular services are turned off. In addition, nonmobile platforms such as internet of things devices, vehicular communications technology, “smart home” products, apps and social media websites are also vulnerable to location data breaches, the notice states.
“Mitigations reduce, but do not eliminate, location tracking risks in mobile devices,” NSA said. “Most users rely on features disabled by such mitigations, making such safeguards impractical. Users should be aware of these risks and take action based on their specific situation and risk tolerance.”
NSA's recommended actions include disabling location services in mobile devices and using airplane mode when the device is not in use.