It costs only $1,000 for someone to track your every move

gangis khan/Shutterstock

Research from the University of Washington shows how anyone can track what apps you use and where you’ve been — for just $1,000.

A team of computer science engineers at UW learned that obtaining your smartphone’s mobile advertising identification, known as a MAID, would open the door to all the information advertisers use to serve you promotional materials.

This includes your personal interests, dating habits, religion, health conditions, political status, the apps you use and, possibly, even more.

It’s also unsettlingly easy for hackers to learn your MAID. They can simply gain access to your Wi-Fi router or eavesdrop on an unsecure Wi-Fi network.

Once the MAID is obtained, a hacker would offer you ads based on your location. This lets advertising companies and others with your MAID track your movements.

Knowing a user’s MAID can provide access to their location.
Knowing a user’s MAID can provide access to their location. University of Washington/EurekAlert

Apps use your location to sell ads

Using 10 Android phones, the group at University of Washington created a banner ad and purchased specific criteria to sell it against, such as in what apps the ads appear.

This kind of advertising is often how free apps make a profit. Some services urge users to provide location data they can then sell to advertisers. Snapchat’s privacy policy, for example, says your location is used for “ad targeting and measurement, including through the use of your precise location data.”

What you can do to stay private

If you’re a smartphone owner, you can take steps to protect yourself. Will Strafach, founder of security app verify.ly, told Mic, “The best way to prevent [this] is do not grant location access to apps unless 100% necessary.”

While most apps honor your choice, Strafach points to examples like AccuWeather, which was caught tracking whereabouts even without permission.

“There’s no way of knowing how secure the databases of app tracking companies and advertisers are,” Strafach said. “Security may not be a primary concern to them, as they are not legally required to care, even though the information is very personal.”

Another way to keep your data safe is by browsing on protected Wi-Fi networks to limit the amount of personal data you release. Advertisers can do their part in protecting your data by only collecting MAIDs over-encrypted networks.

The University of Washington will present its findings in Dallas on Oct. 30 at Association for Computing Machinery’s Workshop on Privacy in the Electronic Society.