Most of us take it for granted that wherever we are, we will have a Wi-Fi connection close-by. So it's natural to leave your phone's Wi-Fi turned on, especially if you want to save your cellular data.

As with a lot of technology though, we can give away more information than we mean to, and that's no less true for Wi-Fi. The most concerning thing is that you don't even need to be connected to a Wi-Fi network to start leaking information.

How Does a Wi-Fi Connection Work?

Wi-Fi uses radio waves to provide a network connection between two devices. Typically this will be between a access point (AP) or router, and a your device. The router will broadcast radio waves at frequencies of either 2.4 GHz or 5 GHz.

When you turn Wi-Fi on for your device, it will search for a AP to connect to in "active scanning" mode. In order to do that it will show your MAC address to nearby APs. This is a physical address associated with your specific device.

Once connected to the hotspot you are granted an IP address that will allow you to connect to the internet. So there are two identification methods; your MAC address between you and the AP, and your IP address between you and the internet.

What a Load of Rubbish

Back in 2013 a company called Renew London managed to make headlines because of its internet connected trash cans. During the London 2012 Olympics, the company had rolled out a trial of these trash cans, which would display adverts to passers-by, as well as dedicating 5 percent of their display time to public service announcements.

Although most people aren't thrilled by more opportunities to see adverts, there wasn't much cause for concern. That was until it was revealed in 2013 that an expansion of the trial in the City of London added capabilities to track the MAC address of everyone that walked by.

Trash Can Advertising
An example of trash can-based advertisting. Jason Batterham via Shutterstock

The company had added Wi-Fi access points to the trash cans, and the AP would capture the MAC address of every device that had Wi-Fi turned on. According to Quartz, Renew said that during the trial they identified over a million unique devices, and on July 6 2013 managed to identify 106,629 people, and located them 946,016 times throughout the day.

The CEO of Renew also gave an example of how the system could be used. A bar could install five trackers -- one at the entrance, one on the roof, one near the cash register, and one in each bathroom. The bar would then be able to identify your gender from the bathroom, how long you stayed at the bar, and whether you were there for a meal or drink. The bar could then give you targeted advertising as you made your way around the city.

As there was a large outcry from privacy advocates when this behavior was uncovered, the City of London ended the trial and removed the trash cans.

And That's Not All, Folks

Renew London was part of a project called Presence Orb, whose goal is to "level the data insight available to physical retail with that enjoyed by their web based counterparts".

Or in other words, to bring cookies to the real world. The example given in their promotional video is of Jack. Jack wants to buy a new car and tests drives it at two locations. One of the retailers is using Presence Orb. It logs his MAC address, and knows that he was looking to purchase a new car. When his MAC address pops up at another location, they can present him with adverts for the car.

This can all happen without you even connecting to a Wi-Fi network. If you do happen to connect to a Presence Orb network, they will then associate all your browsing habits with your MAC address. This allows them to follow you on and offline.

Ads, Ads, and More Ads

But Presence Orb is only the tip of the iceberg. It is actually part of a larger initiative called Smart Places, which is a global project for rolling out this real world cookie. Their website states that some of the reasons for using their technology are:

  • To learn how long customers typically wait in line at certain times of day.
  • To see which products and locations in a store are most popular.
  • To understand which marketing displays are most effective.

Through a well-hidden website you can actually opt-out of MAC address tracking. Your MAC address will still be listed on their database, but only for opt-out purposes, in a similar way to Do Not Track requests online.

Interestingly, the group behind this is called The Future of Privacy Forum. It would seem logical to think that this organisation would be committed to protecting your privacy. However, the list of companies involved includes:

  • Foursquare, Facebook, Netflix, Apple, Microsoft.
  • Cisco, Lockheed Martin.
  • Facebook, Citigroup, Bank of America, Citigroup, American Express.
  • Ford Motor Company, Netflix, Apple, Starbucks, Nike, Macy's, Amazon, Toyota, Wal-Mart.
  • Ernst & Young, AOL, LinkedIn.
  • Comcast, AT&T, T-Mobile, Verizon.
  • MasterCard, Visa.

This list may make you feel less reassured that the Future of Privacy Forum, which has had a hand in introducing cookies into the real world, has your best interests at heart.

And Then There's the Spying

Although ads can be a controversial subject, governments and law enforcement can track you using devices called Stingrays. A Stingray is a "fake cell tower" that can intercept cellphone communication. They then link this to you by using your SIM card's International Mobile Subscriber Number (IMSI). This was only possible using cellular network connections and not Wi-Fi.

However, at BlackHat Europe 2016, two researchers from the University of Oxford showed how a public Wi-Fi access point could be turned into a Stingray. Most smartphones are able to auto-connect to certain Wi-Fi networks. This could either be a regular Wi-Fi network like your home Wi-Fi or a public hotspot when you are out and about.

SIM Card Spying
igorstevanovic via Shutterstock

This process is done without your input by using your IMSI to authorize the connection. Anyone wanting to be able to track your movements could set up a "rogue access point" which pretends to be a known Wi-Fi network. When your phone attempts to auto-connect, your IMSI will be passed over to the AP.

Your IMSI is linked to your cell number and SIM card, not your device. This means that whenever you connect to a cellular or Wi-Fi network, even if you have moved the SIM to a different device, your movements can be identified and monitored.

Don't Forget to Turn Off Your Wi-Fi

While this may all sound incredibly invasive (and it is), there is one solution that stops all this tracking. Turning off your Wi-Fi. All of these tracking methods rely on you leaving your Wi-Fi connection on, and then using that to start tracking you.

If you want to make sure that Smart Places isn't tracking your MAC address, then make sure you use their opt-out. To prevent the use of the Wi-Fi Stingrays, you can head into your device's Wi-Fi settings and disable Auto-Connect. However, this does only work if you are in range of the network.

If like me, you find yourself forgetting to turn your connection off when leaving the house you can find ways to automate it. On Android you can use an app like Tasker to turn off your Wi-Fi outside of specified locations. You could even add widgets that make it easier to toggle your connection on and off. Personally, I use an NFC tag by my front door that is setup to toggle Wi-Fi.

Would you mind being tracked for targeted ads? What are your thoughts on targeted ads? Do you know any other ways you can be tracked using Wi-Fi? Let us know in the comments below!