Security Technology Explained

How Wi-Fi Can Track You Around the World

James Frew 30-11-2016

Most of us take it for granted that wherever we are, we will have a Wi-Fi connection close-by How to Get Free Wi-Fi Almost Anywhere Public wireless networks are becoming more and more popular as a means of attracting people to a particular business or service, and this is just one of the many ways in which free (or almost... Read More . So it’s natural to leave your phone’s Wi-Fi turned on, especially if you want to save your cellular data 8 Useful Tips to Reduce Mobile Data Usage and Save Money Want to get the most out of your mobile data plan? These apps and tricks can help you squeeze out every last megabyte. Read More .


As with a lot of technology though, we can give away more information than we mean to How DNS Leaks Can Destroy Anonymity When Using a VPN, And How to Stop Them When you're trying to stay anonymous online, a VPN is the simplest solution, by masking your IP address, service provider, and location. But a DNS leak can totally undermine the purpose of a VPN... Read More , and that’s no less true for Wi-Fi. The most concerning thing is that you don’t even need to be connected to a Wi-Fi network to start leaking information.

How Does a Wi-Fi Connection Work?

Wi-Fi uses radio waves to provide a network connection between two devices. Typically this will be between a access point (AP) or router, and a your device. The router will broadcast radio waves at frequencies of either 2.4 GHz or 5 GHz How Dual-Band Routers Can Solve Your Wireless Woes Using a router that supports the dual-band standard can significantly boost your Wi-Fi speeds in many circumstances. Read More .

When you turn Wi-Fi on for your device, it will search for a AP to connect to in “active scanning” mode. In order to do that it will show your MAC address IP and MAC Address: What Are They Good For? The internet isn't so different from the regular postal service. Instead of a home address, we have IP addresses. Instead of names, we have MAC addresses. Together, they get the data to your door. Here's... Read More to nearby APs. This is a physical address associated with your specific device.

Once connected to the hotspot you are granted an IP address that will allow you to connect to the internet. So there are two identification methods; your MAC address between you and the AP, and your IP address between you and the internet.

What a Load of Rubbish

Back in 2013 a company called Renew London managed to make headlines because of its internet connected trash cans. During the London 2012 Olympics, the company had rolled out a trial of these trash cans, which would display adverts to passers-by, as well as dedicating 5 percent of their display time to public service announcements.


Although most people aren’t thrilled by more opportunities to see adverts, there wasn’t much cause for concern. That was until it was revealed in 2013 that an expansion of the trial in the City of London added capabilities to track the MAC address of everyone that walked by.

Trash Can Advertising
Image Credit: Jason Batterham via Shutterstock

The company had added Wi-Fi access points to the trash cans, and the AP would capture the MAC address of every device that had Wi-Fi turned on. According to Quartz, Renew said that during the trial they identified over a million unique devices, and on July 6 2013 managed to identify 106,629 people, and located them 946,016 times throughout the day.

The CEO of Renew also gave an example of how the system could be used. A bar could install five trackers — one at the entrance, one on the roof, one near the cash register, and one in each bathroom. The bar would then be able to identify your gender from the bathroom, how long you stayed at the bar, and whether you were there for a meal or drink. The bar could then give you targeted advertising as you made your way around the city.


As there was a large outcry from privacy advocates when this behavior was uncovered, the City of London ended the trial and removed the trash cans.

And That’s Not All, Folks

Renew London was part of a project called Presence Orb, whose goal is to “level the data insight available to physical retail with that enjoyed by their web based counterparts”.

Or in other words, to bring cookies What Is a Website Cookie? How Cookies Affect Your Online Privacy You've heard of internet cookies, but what exactly are they? What do they have to do with your privacy? Here's what you need to know. Read More to the real world. The example given in their promotional video is of Jack. Jack wants to buy a new car and tests drives it at two locations. One of the retailers is using Presence Orb. It logs his MAC address, and knows that he was looking to purchase a new car. When his MAC address pops up at another location, they can present him with adverts for the car.

This can all happen without you even connecting to a Wi-Fi network. If you do happen to connect to a Presence Orb network, they will then associate all your browsing habits with your MAC address. This allows them to follow you on and offline.


Ads, Ads, and More Ads

But Presence Orb is only the tip of the iceberg. It is actually part of a larger initiative called Smart Places, which is a global project for rolling out this real world cookie. Their website states that some of the reasons for using their technology are:

  • To learn how long customers typically wait in line at certain times of day.
  • To see which products and locations in a store are most popular.
  • To understand which marketing displays are most effective.

Through a well-hidden website you can actually opt-out of MAC address tracking. Your MAC address will still be listed on their database, but only for opt-out purposes, in a similar way to Do Not Track What Is "Do Not Track" and Does It Protect Your Privacy? Does enabling "Do Not Track" in your browser really protect your privacy, or does it simply provide a false sense of security? Read More requests online.

Interestingly, the group behind this is called The Future of Privacy Forum. It would seem logical to think that this organisation would be committed to protecting your privacy. However, the list of companies involved includes:

  • Foursquare, Facebook, Netflix, Apple, Microsoft.
  • Cisco, Lockheed Martin.
  • Facebook, Citigroup, Bank of America, Citigroup, American Express.
  • Ford Motor Company, Netflix, Apple, Starbucks, Nike, Macy’s, Amazon, Toyota, Wal-Mart.
  • Ernst & Young, AOL, LinkedIn.
  • Comcast, AT&T, T-Mobile, Verizon.
  • MasterCard, Visa.

This list may make you feel less reassured that the Future of Privacy Forum, which has had a hand in introducing cookies into the real world, has your best interests at heart.


And Then There’s the Spying

Although ads can be a controversial subject, governments and law enforcement can track you using devices called Stingrays Top 5 Ways You Are Spied On Every Day And Don't Know It The chances are you're oblivious to the ways in which you're being monitored almost daily as you go about your business. Learn how to take precautions to protect yourself against these surveillance threats. Read More . A Stingray is a “fake cell tower” that can intercept cellphone communication. They then link this to you by using your SIM card’s International Mobile Subscriber Number (IMSI). This was only possible using cellular network connections and not Wi-Fi.

However, at BlackHat Europe 2016, two researchers from the University of Oxford showed how a public Wi-Fi access point could be turned into a Stingray. Most smartphones are able to auto-connect to certain Wi-Fi networks. This could either be a regular Wi-Fi network like your home Wi-Fi or a public hotspot when you are out and about.

SIM Card Spying
Image Credit: igorstevanovic via Shutterstock

This process is done without your input by using your IMSI to authorize the connection. Anyone wanting to be able to track your movements could set up a “rogue access point” which pretends to be a known Wi-Fi network. When your phone attempts to auto-connect, your IMSI will be passed over to the AP.

Your IMSI is linked to your cell number and SIM card, not your device. This means that whenever you connect to a cellular or Wi-Fi network, even if you have moved the SIM to a different device, your movements can be identified and monitored.

Don’t Forget to Turn Off Your Wi-Fi

While this may all sound incredibly invasive (and it is), there is one solution that stops all this tracking. Turning off your Wi-Fi. All of these tracking methods rely on you leaving your Wi-Fi connection on, and then using that to start tracking you.

If you want to make sure that Smart Places isn’t tracking your MAC address, then make sure you use their opt-out. To prevent the use of the Wi-Fi Stingrays, you can head into your device’s Wi-Fi settings and disable Auto-Connect. However, this does only work if you are in range of the network.

If like me, you find yourself forgetting to turn your connection off when leaving the house you can find ways to automate it. On Android you can use an app like Tasker to turn off your Wi-Fi outside of specified locations. You could even add widgets that make it easier to toggle your connection Switch On, Switch Off: Top Toggle Widgets For Android Ask any Android enthusiast about why they love the operating system and they’re likely to reply “Widgets!” These homescreen mini-apps can display all sorts of information. They also allow users quick access to core system... Read More on and off. Personally, I use an NFC tag by my front door How to Use NFC: 7 NFC Uses That'll Impress Your Friends If you thought NFC was nothing more than a gimmick, think again. Learn how to use NFC and do a lot of cool stuff with it! Read More that is setup to toggle Wi-Fi.

Would you mind being tracked for targeted ads? What are your thoughts on targeted ads? Do you know any other ways you can be tracked using Wi-Fi? Let us know in the comments below!

Related topics: Online Privacy, Surveillance, Wi-Fi.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Eddie G.
    December 6, 2016 at 6:13 am

    This is no surprise. The way the world is going technologically? It will become the norm...almost a "requirement" to have your wireless on so that you can be tracked! This is one of the reasons why I refuse to use certain technologies. Granted everyone has a cellphone these days, but its nice to know I can still "control" mine by turning off the wireless, and I even go a bit further. Sometimes when I'm home, and I know I'm not going out at all for the day, (except maybe for the daily mailbox run!) I not only turn it off, I remove the battery, and let it sit until the next morning. I also drive a car from the last century so I'm not worried about the car's computer tracking me. As for smart homes? thanks. Don't want voice activated ANYTHING in my home. I'm not paralyzed and there ain't a damn thing wrong with my hands, or feet. I will walk and turn off a light, or get up and open or close the door. No bluetooth entranceway technology. I mean seriously? with all the ways we've seen alleged "totally secure" technologies get hacked and broken, we're going to let BLUETOOTH technology control access to our HOUSES!? Totally stupid, Listen I'm not saying all technology is evil or anything, but we as humans, have to maintain a certain level of control over our lives. Letting cars drive with no human driver? Not a good idea. Allowing a weak technology like Bluetooth control the locks on our FRONT DOORS to our houses? Not smart. Letting some device eavesdrop on everything that goes on in your house? REALLY not smart!

    Listen, I realize no one can halt the forward momentum of technology, but to give it such control as to allow it to make decisions that ONLY HUMANS SHOULD MAKE? a bad move. I for one will continue to use Linux on the oldest hardware I can find, and will lock and open my own doors, and turn the channels on my TV with my remote, and will go look in my refrigerator in order to see what I need from the grocery store.
    Is there a place for this kind of technology? Certainly, what about instead of using it to make us more lazy and dependent on technology, we use it for something else? that can benefit humankind? For instance a voice activated unit in the back of ambulances, where the tending EMT can call out what needs to be ready at the hospital ER/OR long before they get there.....or maybe a small micro-sized chip that can track ALL guns sold within the United States, this way when someone is shot, the weapon can be traced to the owner, and it can then be history-traced from purchase to current location. Instead we want cars to drive us along highways where NO computer can account for EVERY contingency, in which case it might make the WRONG decision and kill a lot more people, all because it's "logic" told it to pitch into oncoming traffic. Does anyone see the disconnect here? the problem? I'm done....I'll stick to Linux and will stay with my "old" tech that won't have such a hold over me.