Deeplinks
On Tuesday, Motherboard reported that data broker SafeGraph was selling location information “related to visits to clinics that provide abortions including Planned Parenthood facilities.” This included where people came from and where they went afterwards.
In response, SafeGraph agreed to stop selling data about Planned Parenthood visitors. But it also defended its behavior, claiming “SafeGraph has always committed to the highest level of privacy practices ensuring individual privacy is NEVER compromised.“ The company, it continued, “only sell[s] data about physical places (not individuals.)”
This framing is misleading. First, SafeGraph for years did sell data about individuals—and then remained closely tied to a business that still did so. Second, the aggregated location data that SafeGraph now sells is based on the same sensitive, individual location traces that are collected and sold without meaningful consent.
SafeGraph’s History of Privacy Violations
Last year, EFF reported public records showing that SafeGraph had sold 2 years of “disaggregated, device-specific” location data about millions of people to the Illinois government, starting in January 2019.
Older materials about SafeGraph indicate that it used to offer a product called “Movement Panel.” A SafeGraph’s Disingenuous Claims About Location Data Mask a Dangerous Industry