Privacy SOS

Google’s bluetooth beacons in MassDOT tunnels and your privacy

If you’ve ever driven in Boston, you know how notorious the roads are, and how confusing it can be even with GPS navigation. One of the most frustrating parts of driving in Boston is navigating the tunnels under the city. Locals and commuters alike know what happens when you enter the belly of the metropolis: you lose your cell service, and with it, your GPS directions.

To address this problem, Google’s Waze has offered the Massachusetts Department of Transportation 850 Bluetooth iBEEK beacons that will ping drivers’ devices as they use navigational services while driving through tunnels. The technology behind these beacons was unveiled at the 2015 Consumer Electronics Show through a partnership with Texas Instruments.

Beacons are small sensors that communicate exclusively to nearby devices using Bluetooth technology, the same way your new wireless headphones connect to your phone. Beacons constantly transmit information, and when someone with a Bluetooth-enabled device approaches, that information is received and interpreted by the device.

Bluetooth beacons usher in a new wave of non-satellite positioning systems that have wide applications not limited to the inside of tunnels. They’re useful in places where precise location information is necessary but difficult to acquire via satellite. For that reason, they’ve been field tested in museums such as New York’s Metropolitan Museum of Art and airports like London Gatwick. At Gatwick, beacons deliver turn-by-turn directions to users’ phones to help them navigate the airport terminals, with “dining and shopping opportunities pointed along the way,” according to The Wall Street Journal.

The ability to locate someone indoors is not a new concept and is one that Google has employed in their Maps app, where the company allows organizations to upload their floor plans for navigation. However, the beacon tracking mechanism is new, and quite a bit more accurate than satellite positioning.

Here’s how the beacons work: As you pass by, your device doesn’t try to pair with the beacon—all the necessary information is picked up in the broadcast, which the phone then interprets through a relevant app (in this case Google Maps or Waze). It’s kind of like a Marco Polo game, but with a twist: the beacon shouts “Marco” and instead of calling “Polo” back, the phone merely tries to locate itself in relation to the beacon—quietly, without replying out loud. In response to the signal from the beacon, the phone will try to determine proximity to it and thereby locate itself in physical space. On Apple’s Developer website, their use of “iBeacons” categorizes proximity into “Immediate”, “Near” and “Far.”

Apple’s developer website visually explaining how many beacons may interact with a single device at a given time.

In practice, this can be very useful for people trying to find their way inside a building. For example, the MET spent some time in 2015 exploring the use of iBeacons in the museum. Each beacon contained some data attributes that were transmitted to a smart device when it came in range, enabling the MET to send information to app users about the art they were standing next to or in front of.

Apple’s developer website states that each iBeacon must be programmed “with an appropriate proximity UUID, Major Value, and Minor Value.” The ‘UUID,’ or universally unique identifier, is a 128-bit value that all of the beacons identify with. Each beacon does not have a unique UUID. The Major and Minor values are the components that uniquely identify the beacon. The MET uses the example of the major value identifying large categories of artwork such as Greek and Roman Art, with the minor value identifying a specific object, such as a statue. With this technique, the museum can allow for targeted content to be delivered to a user who is at a particular exhibit, standing in front of a particular piece of art.

Software used to program the iBeacons used by The MET in 2015

But what about privacy concerns? And does your phone communicate back to the beacons? According to Apple, Bluetooth beacons are designed to be “transmit-only”, meaning they are 1-way devices that do not collect data. Furthermore, in order to facilitate use of the data that was transmitted to the phone or tablet, the smart device needs to have a relevant application installed first, as well as have an active network connection in order to interpret the UUID received. In other words, if you don’t use the app in question, or turn your Bluetooth off, the beacons won’t communicate with your device at all.

So when it comes to privacy, it’s not the beacon that you have to worry about; it’s the app. If you’re using Waze or Google Maps to get around, Google is collecting information about where you’re going, and when. The beacons simply make the location tracking inside the app more accurate.

It’s not clear where exactly these beacons are being used. Since the devices are tiny and can be easily hidden, we can’t really give our consent to them because we oftentimes don’t know they exist. While we know they’re being installed in Massachusetts tunnels and can choose to turn our Bluetooth off as we enter, we may not know if a certain shop we walk into has beacons that could trigger a mobile marketing event, as they did a McDonald’s in Columbus, Georgia.

In regards to Google’s Eddystone, a beacon technology similar to Apple’s iBeacon, the core difference is that it is an open-source technology that anyone can audit.

We’re at a crossroads with Bluetooth beacons. The technology is now around five years old, and while we have not had widespread adoption yet, it’s likely that we’ll soon see beacons used in more and more public and semi-public places—especially in transportation areas, where GPS navigation via satellite is difficult or impossible. Airports such as Boston’s Logan Airport would likely benefit from the installation of such devices; it’s currently very easy for any navigation application to get confused about which terminal level you’re driving on, in vertical space.

MassDOT is using Google’s beacons to help us better navigate the tunnels. Right now, we have no reason to believe people who will benefit from the more accurate location data will be tracked by the beacons as a result. The real issue is the in app tracking, and the beacons just make that more accurate.

If you don’t want Google tracking your movements, you can take some steps to protect your privacy. Or you can simply delete its apps from your devices, or turn your location and Bluetooth services off. We will keep an eye on the issue to make sure motorists aren’t subjecting themselves to corporate data tracking simply by driving on public roads.

This blog post was written by ACLU of Massachusetts Technology Fellow Nasser Eledroos. You can contact the author at neledroos@aclum.org.

© 2017 ACLU of Massachusetts.