Imagine you lend your smartphone to a friend. They sign in to their Google account on your device. A few weeks later, he or she realizes that through the Google Maps Timeline feature, they can track your every movement — even though they signed out of your device.
A security researcher just discovered this vulnerability after borrowing his wife’s phone. He tried to warn Google about the security flaw. But Google basically told him not to worry about it.
The tech giant said his ability to track his wife’s location history was actually a legitimate feature — not a bug, as he thought. Google is notorious for tracking its users’ movements, but this particular feature has some worrisome cyberstalking potential. Scroll down to turn this feature off.
Here’s the backstory
Last year, we saw more creeps than ever use technology to track unknowing victims. Stalkerware shot up by 565% from January to December 2020, Malwarebytes reported. Spyware app usage increased last year by 1,055%.
It’s so common that multiple people have called The Kim Komando Show asking for help. One stranger stalked a mother and daughter, tormenting them day in and day out.
Another woman named Sasha felt like she couldn’t go anywhere without her husband knowing. She tried everything to protect her privacy, from removing unfamiliar apps to resetting the phone to factory settings. When she asked him to stop tracking her, he just laughed.
Kim told Sasha that Google Maps was the likeliest culprit. Even if you don’t have a Google account associated with it, the app still works. It uses GPS location on your phone to see where you are — and where you’ve been for the past few years. Tap or click here to turn this tracking off.
Google Maps Timeline feature tracks your movements
Most spyware apps require someone to install a creepy app on your phone when you’re not looking. But the Google Maps Timeline requires very little tech knowledge. When security researcher Pieter Arntz logged into his Google account on his wife’s phone, he forgot to log out of Google Play.
“A few days ago I got my update and a place was listed that I had not even been near, but I knew my wife had been,” he wrote on the Malwarebytes blog. “Then, suddenly, it dawned on me: I was actually receiving location updates from my wife’s phone, as well as mine.”
The issue remained even after he logged out of Google Play on his wife’s phone. This was because logging in had added his Google account to his wife’s phone accounts. Even after he logged out, his account still wasn’t removed. Thus, he was inadvertently allowed to track her movements.
Luckily, Arntz was committed to logging out and giving his wife her privacy. But think about how common spyware is and how often spouses use stalkerware to psychologically torment their victims. Tap or click here for some stalkerware apps iOS and Android users need to watch out for.
Here’s how his wife got her privacy back
When logging out of his account on her phone didn’t work, Arntz searched for another solution. Eventually, he found that Android users can follow these steps to stop the tracking issue:
- Head to Settings
- Select Accounts and Backups
- Tap Manage Accounts
- Remove any account that isn’t yours to stop it from potentially tracking you
If you want to find more about the tricky world of tech tracking, check out the articles below.
This creepy map shows everywhere you’ve been (for years) down to the route
FTC just banned a spyware app with 1M downloads – How to know if it’s on your phone