OMG. FUCK THESE PEOPLE.
posted by fluffy battle kitten at 8:19 AM on May 31, 2016 [49 favorites]

This story has been bugging me since I read it last week. I mean, beyond the obvious part where John Flynn is happy to entwine his own retrograde beliefs with his spam company. I mean, more like I can't figure out how the technology could possibly work in the way it's being described. Yes, your phone can report its latitude and longitude... to an accuracy of maybe 25 feet, unless you want to run its battery down in two hours. So you're potentially picking up anyone walking down Commonwealth Avenue near the Planned Parenthood, unless the software is constantly reporting geo-location (see previous point re: battery life). Meanwhile, GPS data is a separate permission, which means that whatever app wants to gather it has to explicitly ask the user for permission. It wouldn't work via browser ads, unless you specifically opt in to sharing your location with a particular site; if boston.com serves you an ad from scummyadnetwork.com, scummyadnetwork.com has to ask your permission for it too, unless boston.com is up to some seriously shitty and technologically complicated voodoo. Which means he's either bundling this software with something else that sounds innocuous (in which case let's figure out what scumbags are bundling malware with their app, and get our pitchforks), or he's relying on a security exploit to get around the permission problem (in which case we'll skip the pitchforks and skip straight to burning down the Copley Advertising building).

Unless this is just fancy window dressing on "we're being more clever than usual to allow advertisers who are amoral sociopaths to target users we suspect are women, and geobox their ad content to very tiny areas," I'm skeptical. I don't doubt that he wants very badly to harass women; I just don't think he's as clever as he thinks he is.
posted by Mayor West at 8:22 AM on May 31, 2016 [9 favorites]

Can we use the same technology to target churches with prochoice messaging?
posted by nathan_teske at 8:25 AM on May 31, 2016 [7 favorites]

Maybe but we shouldn't because that's also gross.
posted by wreckingball at 8:28 AM on May 31, 2016 [32 favorites]

This shows why the "give an app permission to use a resource once and forever" model is bad. Yeah, maybe sometimes I want to share my location in a Facebook message, but not with every message. This goes double for mobile games that ask for everything.

But I guess app makers couldn't get spyware money if users granted permissions on an ephemeral basis.
posted by mccarty.tim at 8:33 AM on May 31, 2016 [14 favorites]

1. Every device has several fingerprints taken by various ad companies.
2. Those fingerprints are used to cross-market to you (what you search on Google shows up on Amazon for instance)
3. Safari on an iPhone shared your location if you let the web page do it.
4. CNN does business with that shithead advertiser.
5. CNN.com is allowed to use your location in you iPhone safari browser.
6. CNN send location data to shitty ad company.
7. Ad company targets you in the abortion clinic and tries to shame you.

It's possible, and not difficult at all to do.
posted by Annika Cicada at 8:35 AM on May 31, 2016 [14 favorites]

And they wonder why people install adblockers
posted by Damienmce at 8:41 AM on May 31, 2016 [15 favorites]

unless boston.com is up to some seriously shitty and technologically complicated voodoo

Wouldn't surprise me. They're now nothing but scuzzy clickbait.
posted by Melismata at 8:48 AM on May 31, 2016

Ach, this story is like a huge shitty Katamari of terrible things about the twenty-first century.

A "Scatamari", if you will.
posted by Proofs and Refutations at 9:17 AM on May 31, 2016 [41 favorites]

Considering how web articles that could probably be 100 kilobytes, images included, come with megabytes of offsite javascript, it's more a question of what mobile websites aren't doing.
posted by mccarty.tim at 9:20 AM on May 31, 2016 [11 favorites]

I don't think people should be allowed to send unsolicited snail mail, email, phone calls or texts, nor should companies be allowed to track movement between websites or sell my info to affiliated companies. This giant hammer would make the linked behavior stand out like a sore thumb for prosecution. As it stands it is just part of the noise. We've said we are ok with this in the aggregate. Which is a mistake in my mind.
posted by freecellwizard at 9:21 AM on May 31, 2016 [6 favorites]

Can we use the same technology to target churches with prochoice messaging?

Maybe but we shouldn't because that's also gross.

In fairness, people really shouldn't be looking at their phones during church anyway, so maybe they deserve it?
posted by Faint of Butt at 9:29 AM on May 31, 2016 [2 favorites]

Wasn't this the pinnacle of dystopic sci fi hell just 20 years ago?
posted by corb at 9:36 AM on May 31, 2016 [11 favorites]

but but this is...this is different because we like it right?
posted by Annika Cicada at 9:48 AM on May 31, 2016 [2 favorites]

But remember, they don't hate women who have sex, oh no. Never say that or you're a bad person. They're **TOTALLY** doing this because they just luves the babeeez!

Yeah right.
posted by sotonohito at 10:10 AM on May 31, 2016 [1 favorite]

Yeah, they 'luves the babeeez' so much that they want to force other people into continuing high-risk pregnancies and ending up with all-to-often unwanted children. They 'luves the babeeez' so much that they sure ain't gonna spend one penny supporting that child, oh no, just dump all that on other folks who can barely support themselves, let alone another mouth to feed. The only time they'll get financially involved with anything other than forcing women to continue an unwanted pregnancy is when they get hold of that baby to sell for adoption and their own profit.
posted by easily confused at 10:21 AM on May 31, 2016 [8 favorites]

App developers often include ad code in free apps in order to make some revenue.

They generally have no idea what that ad code is doing; it appears in the form of a library/SDK which you include and then call out to when you want to serve an ad. You looked at an ad; the developer gets a penny.

Meanwhile, that ad code could be doing anything in the world, including really egregious privacy violating shit, and the app developer has no idea he has done that to you because all he did was include a library, and you have no idea that the app developer is doing that to you.

Just echoing the idea that exactly which services know about your location (and other things about you) is very difficult to determine these days. Even the guys who write your apps could be inadvertently selling you out.
posted by edheil at 10:29 AM on May 31, 2016 [9 favorites]

Wasn't this the pinnacle of dystopic sci fi hell just 20 years ago?

I don't even remember one where people were talked into paying for it themselves, and not an insignificant amount, and they did even though many couldn't afford it. I would have thought the premise ridiculous.
posted by bongo_x at 10:42 AM on May 31, 2016 [2 favorites]

I've had some interesting thoughts about how to hit back against these folks where they live.

They have an image from one such ad that they send to these women; it's for one of those "pregnancy options" centers, where they bait-and-switch you into thinking it's a general clinic but then you get pressured into "anything but abortion OMG". The ad looks like it's a secular health clinic, but the center's mission statement has a flat-out Christian message.

So. The thing I want to call them on is: why are they trying to hide their Christian connection? Are they somehow ashamed of being Christians? Or are they deliberately trying to deceive people, which itself is also against one of the commandments, I think?

Would be curious to hear how they would respond to such a challenge.
posted by EmpressCallipygos at 11:05 AM on May 31, 2016 [12 favorites]

speaking as a Bostonian who's traded barbs with folks waving placards outside Family Planning, let me add to the chorus of "fuck these people."
posted by es_de_bah at 11:16 AM on May 31, 2016 [3 favorites]

Waving placards outside a PP location that doesn't actually provide abortion services, no less.
posted by tobascodagama at 11:24 AM on May 31, 2016 [2 favorites]

Can we use the same technology to target churches with prochoice messaging?

Maybe but we shouldn't because that's also gross.

This!
posted by es_de_bah at 11:31 AM on May 31, 2016

5. CNN.com is allowed to use your location in you iPhone safari browser.

This requires explicit permission for each website, and even then the permission only lasts until the end of the day, unless the user goes into Preferences and explicitly allows Safari to only at least once per website.
posted by sideshow at 11:39 AM on May 31, 2016 [1 favorite]

This shows why the "give an app permission to use a resource once and forever" model is bad. Yeah, maybe sometimes I want to share my location in a Facebook message, but not with every message. This goes double for mobile games that ask for everything.

I'd much rather insert some manner of regulatory agency that would take care of most of that for me.

I shouldn't have to be an expert on how apps work every time I install something. I shouldn't have to customize each and every permission on each and every app. I don't understand it and I don't have the time to learn and/or screw around with it and it's unfair that the burden falls on the consumer.

I think that is part of the appeal of Apple's walled-garden approach but I don't really trust Apple or Google to full-fill that function. They need to be beholden to the public rather than stock-holders.
posted by VTX at 11:50 AM on May 31, 2016 [11 favorites]

I like how we have this bullshit to deal with now and yet 911 still largely does not have the ability to find you when you call for help.
posted by bleep at 1:00 PM on May 31, 2016 [5 favorites]

I don't think the regulatory agencies have a particularly good track record. I still rely on Gmail to filter out the 99% of my mail that is spam (CAN-SPAM act, anyone?) and I never answer the phone because it's lousy with robocalls (Do Not Call registry, anyone?) Right now the FTC is focusing their enforcement on COPPA which does jack-all except shake down some small app developers and ensure that a child's first experience with the internet is putting a fake birthday into an age gate.
posted by RobotVoodooPower at 1:02 PM on May 31, 2016 [4 favorites]

I have a lot of trouble believing that these ads would get seen by many people. Maybe ad serving and CTRs have changed in the last couple of years since I left the business of mobile ad display networks, but even impression numbers on this would have to be in the tiny tiny single digits. Not sure whether the fact that the miraculous campaign this jerk is selling activists on is a total scam is better or worse.
posted by Potomac Avenue at 2:17 PM on May 31, 2016

Huh, I thought this sort of mobile geotargeting was still one of those things in the perpetually near future. I've been hard pressed to find anyone doing specifically this.
posted by Ogre Lawless at 3:04 PM on May 31, 2016

Faint of Butt: "In fairness, people really shouldn't be looking at their phones during church anyway, so maybe they deserve it?"

Lots of activity happens in churches besides sermons and weddings.
posted by Mitheral at 3:51 PM on May 31, 2016 [1 favorite]

Can we use the same technology to target churches with prochoice messaging?

Maybe but we shouldn't because that's also gross.

I can't think of anything that would more quickly get the technology outlawed.
posted by oneswellfoop at 4:11 PM on May 31, 2016 [5 favorites]

> accuracy of maybe 25 feet

Maybe with (power hungry, as you pointed out) GPS only, but with wifi assisted location, you can sometimes do a lot better. Especially indoors where the access point's signal is fine for a phone in the waiting room, but weak for passerby on the sidewalk.

The "scatamari" will grow even bigger when the schmucks add iBeacons and passive wifi tracking. The tech that makes an Amazon Dash $5 will make it easy to stick a device on a telephone pole outside a clinic to log visitors or harass inform them through their coupon apps.

If wifi is on on your phone, it's looking for access points it's seen before (probe requests), giving anyone who cares to listen an inventory of your favorite places (map mac address back to location through Skyhook et al) as well as your unique wifi mac. That mac address randomization that's supposed to protect you? Not on in all cases (phone asleep, location services off, wifi on, but not associated) and isn't sufficient anyway.
posted by morganw at 5:35 PM on May 31, 2016 [2 favorites]

I don't think the regulatory agencies have a particularly good track record.

A fair point in some cases but isn't necessarily true for every regulatory agency, they're separate though interconnected problems (like, maybe it's time to create a specific agency to regulate internet communications or significantly increase the power of the FTC, FCC, etc.), and it doesn't necessarily have to be good at it, just better than what have now. And right now, we count on the good graces of Apple and Google (and Microsoft I suppose) to treat it's products (because when it comes to ads and your personal information YOU are the product) fairly and no matter how much pull "don't be evil" might have at Google, they have a fiduciary responsibility to their shareholders.
posted by VTX at 7:50 AM on June 1, 2016 [2 favorites]

I've been working on geo-targeting and location cell phone data for the last few years. At this point the accuracy of phone data is terrible. Making things more complicated good data on the real boundaries of venues like an abortion clinic is really difficult to find.

Unfortunately there are a lot of people working on "fixing" this problem. So in 10 years this will be a problem, but no today. On the other hand we can also buy our own ads to counter program. With the current state of technology it would be a lot easier to target someone who regularly protested outside an abortion clinic than those who are there for a one time procedure.
posted by humanfont at 8:40 AM on June 1, 2016 [2 favorites]

I will give money to anyone who manages to set this kind of thing up to send pro-choice ads to people located wherever these antiabortion protesters gather when they're not trying to terrorize women.
posted by rmd1023 at 10:40 AM on June 1, 2016 [1 favorite]

I linked this from the post on Tor developer Isis Lovecruft needing to leave the U.S.

I'd consider "gross" an insufficient reaction. These advertisements could be bearing malware designed to identify people. And pro-choice groups could even deploy IMSI catchers or similar.

These are adversaries with enough criminality that legislation might not help, and potentially enough sophistication to be dangerous even without the capitalists helping them. I'd say run Tor if you go to abortion clinics. At least run a solid array of ad blockers, HTTPS Everywhere, etc.!
posted by jeffburdges at 3:01 PM on June 1, 2016 [1 favorite]

Appears related : "When we see the poorest countries deploying spyware, it’s clear money is no longer a barrier.”
posted by jeffburdges at 10:30 AM on June 3, 2016 [1 favorite]

Hannah Levintova: Republicans in Congress Just "Made a Mistake" and Released Names of Planned Parenthood Employees

Despite revelations that the videos were deceptively and selectively edited, the felony indictment of the videos' creator, and 4 congressional and 12 state-level investigations that have found no wrongdoing and no evidence of illegal fetal tissue sales by Planned Parenthood, this committee has pressed on, conducting hearings and issuing subpoenas for witnesses, often without first asking them to comply voluntarily.

Last week, committee chair Rep. Marsha Blackburn (R-Tenn.) sent two letters to the Obama administration, asking it to investigate new charges of federal health privacy law violations by two Planned Parenthood affiliates and the biomedical company StemExpress (fetal tissue research represents less than 1 percent of the company's business), based on evidence provided by "confidential informants." The identities of several researchers and clinic staffers were unredacted in the documents that were made public in attachments forwarded to the Obama administration along with Blackburn's letters, and that were also posted on the select panel's website.

The unredacted names included university and hospital researchers and employees of both StemExpress and Planned Parenthood, raising major concern among Democratic members of the House. "The latest leak from Chair Blackburn's runaway investigation is further evidence that this panel should be brought to an end," a spokesperson for the panel's Democratic lawmakers told the reproductive health news site Rewire.

posted by zombieflanders at 11:21 AM on June 8, 2016 [3 favorites]