Microsoft has apparently been gathering location information for wireless devices and publishing it through their Live.com API. The API data contains the location of cell towers and Wi-Fi hotspots which can be used in locating a mobile device nearby — similar to how early iPhones operated. However, CNet reports that buried amongst the benign information are the MAC addresses of other wireless-enabled devices, which could include phones, computers, and more.
To build their database, Microsoft has been drawing on information “crowdsourced” from Windows 7 Phones and by special vehicles with Wi-Fi sniffing antennas. Does this sound familiar? It should. Cast your mind back a few months to a time when the world looked scornfully at Apple for “crowdsourcing” the location of Wi-Fi hotspots and cell towers across the country through the iPhone. And just a few short days ago, Google faced similar allegations; that they’re Street View cars were also used to gather wireless access point information and may have posted user’s MAC address online. If you throw the two of those together, you more or less get what Microsoft has been up to.
Responding to CNet’s report, Microsoft says that it only publishes the location information of Wi-Fi devices it knows to be stationary. Presumably, this is done by comparing the data taken over different days. However, it seems that some wireless devices could have slipped through this filter. In their report, CNet points out that other companies that gather such information have taken greater steps to secure it. Google, for instance, has restricted access to its database of access points and allows users to remove their information from the list with a opt-out mechanism. Google also filters out MAC addresses with prefixes known to be used by mobile devices, such as addresses beginning with 02:1A that denote an iPhone or Android device.
As was the case with Google, the information swept up by Microsoft is not likely to be damaging to users. A snapshot of a wireless device on one particular day, or even a few days at random, is not very useful. More than an intrusion, Microsoft’s activities underline just how valuable location data is to companies. As of writing, each one of the big three tech companies — Google, Apple, Microsoft — have admitted to gathering such data. All of them confirm using data culled from the phones most people carry around with them all the time. Perhaps the most amazing aspect of all this isn’t that the information is being gathered, but that since the Apple story broke in April, doing so seems not only common place but competitively necessary.
We’ve come so far so quickly.