In the analog world, there is only one of each of us. We are physically located wherever we actually are at any given moment. Historically it has been easy to keep our location private. Generally speaking, unless we tell someone where we are, or we are physically visible to someone, our location is unknown.

In the online, digital age we began to create what I call “proxy selves.”

Most of us have created avatars and online profiles on numerous platforms. Simple logins become a proxy for ourselves. When someone selects a movie to watch on Netflix, under your account, Netflix assumes that is you. This is inexact – after all, it could have been your spouse or child who actually selected the program (nobody shares accounts, right?  🙂). The point is that the Netflix login becomes a proxy for you.

As recently as a decade ago, we still had relative anonymity of our physical location, even with dozens of digital proxies of ourselves. But companies desperately want to know where we really are. Our exact location at any time has massive value in many contexts.

NOTE: I personally don’t think the recent crack-down on account sharing by several streaming services is so much about the financial hit on the industry.  That is a component for sure, and an easy one to publicize. (Anyone else frustrated listening to some of the richest companies in the world whine about how much money they are losing on streaming?) I think the financial argument is mostly a smokescreen for what companies really want, which is to accurately know who is who as we engage those platforms. That is a data privacy story companies don’t want on the front page.

In the taxi age, if you wanted a ride, you called a dispatch center who then radioed drivers to figure out who might be physically closest to you. Everything was analog and based on humans “opting in” every time we wanted our location to be known. Today, every smartphone has GPS positioning. The early ridesharing pioneers realized it is a fantastic proxy for both riders and drivers. Rather than single-point, opt-in location sharing at the start of a hired taxi ride, our phones now allow continuous, real-time proxy-based positioning.

It is not obvious, but critically important to understand that Uber and Lyft make a huge assumption about our proxy-selves. They assume that when a driver turns on their app, this means the driver co-located with their car.  And they assume (somewhat obviously) that when a rider requests a ride, they are “at their phone.” The entire rideshare industry that gets people from point A to point B efficiently has no direct knowledge of where any cars or people are. It is a “proxy-self” and “proxy-car” based industry.

NOTE: The traditional automotive industry could topple Uber/Lyft by restricting autonomous vehicle location from those platforms. Without driver locations as a proxy for vehicle location, current ridesharing falls apart. It remains to be seen if automakers will shift into Uber-like transportation services or remain stuck in a mindset of product manufacturing. Uber probably should acquire a major automotive manufacturer while it has the market capital to do so. If your software service requires source data to create value, it is good to own the hardware that creates the source data.

The bigger problem is that everything is getting connected to the internet, and there are insufficient consumer protections for our proxy-selves. The FCC is currently investigating how the automotive industry shares vehicle location now that each car has wireless positioning, just like our phones. Driving the effort is the problem that people are using vehicle location as a proxy for human location, leading to increases in domestic violence, stalking, human trafficking and other offenses.

In 2021, the FCC implemented the Safe Communications Act, which enables victims of domestic violence, for example, to separate their mobile phone account from a partner’s as a means to achieve independence and protection from tracking. More recently, legislation is being proposed in several states to build similar and stronger protections for digital positioning.

In Ohio, for example, it is not illegal to use a position-tracking device like an Apple Air Tag for just about any purpose. There are documented cases of people putting these inconspicuous devices into a purse or luggage or to attach them to a bike or car and then track where those tags move. The tags are a pretty good proxy for the person carrying the purse or luggage, for example. Last October, the Stop Electronic Stalking Act bill was proposed in Ohio to make this illegal. The motivation was mostly to protect potential victims of domestic violence or sexual assault, keeping would-be attackers from tracking their location.

Much more cleverly (and surreptitiously), big tech companies are enabling position-enabled devices to talk to each other, even when their GPS is turned off. Your smartphone is probably logging each time it wirelessly contacts a smart TV, a connected doorbell or a wifi router.  Even if you turn off position tracking in your app permissions, a company may be able to legally determine your location because your phone came into contact with something with a known fixed location. The legal argument is that “your” personal location hasn’t been tracked. Your device is a proxy for you, but doesn’t have the same legal protections. (Your device doesn’t sign an end-user license agreement).

Let’s look at a common example. You can’t attend a hockey game without going to the arena, and big arenas don’t move around. Even turning off your GPS won’t prevent your phone from discovering the wifi network at the arena and recording that connection. And those wifi routers also don’t move around. Meanwhile, every morning and evening, your phone has electronically “discovered” the same smart TV, making it a safe assumption that the TV must be yours and also is unlikely to be moving around.

It is no coincidence that when you get home from the game and turn on the news for highlights, the first commercial delivered to you is to buy a jersey for the team you just watched play. Your phone (or your smartwatch) was an excellent proxy for your location by nature of its electronic relationships with all the fixed-location gear it wirelessly shook hands with during the day. Even though none of the devices involved may have had GPS or other positioning technology enabled, they still enabled excellent position proxy for the human you.

There is insufficient education about how technology companies are using our proxy-selves for both hardware and software-based proxies. At a minimum, we should require stronger warnings and regular reminders about data capture and data use. Very few people have the technical or legal expertise to understand the click-through license agreements that we must sign in order to download applications or turn on devices. And even if we did understand them, consumers have no option but to “accept.” After all, we all need phones and cars and there are no new non-connected options to choose instead.

It is great that we are starting to see regulation in areas of critical need like domestic violence, sexual assault and human trafficking. It is time to expand beyond the politically easy use cases and into many more aspects of our daily lives. Give everyone the opportunity to be location-anonymous until we actively opt-in to be seen.