Laws, sausages and browser geolocation

Compass InlayI was emailed a question about the browser geolocation test I wrote a while back, and I thought I’d respond to it here. If you haven’t seen it, go check it out, and come back.

If you’re not prepared for it, it’s a creepy little feature. How on earth is browser-based geolocation so accurate? Desktops and laptops mostly don’t contain GPS devices, and IP addresses shouldn’t be enough to pin your location down quite so well.

The answer is also more than a little bit unsettling. There are two main companies who provide software-only location services: Skyhook and Google. Here’s an excerpt from Skyhook’s “how it works” page:

To quickly and reliably arrive at accurate location results, the Core Engine collect raw data from Wi-Fi access points, GPS satellites and cell towers with advanced hybrid positioning algorithms. By leveraging the strengths of more than one underlying position technology, Skyhook’s Core Engine provides the best possible location available in any environment.

In other words, they check your GPS equipment, where that exists, and fall back to checking your environment against a complicated database of wireless access points correlated to location.

These databases are hugely strategically important on the application web. You may remember that Google was forced to stop collecting this information with their Street View vans in Germany. At the time, they claimed it was an accident, but Google is actively preventing Android handset manufacturers for incorporating Skyhook technology for data collection reasons. Check out this detail from the lawsuit between Skyhook and Google:

At 10:46 Google’s Mike Chu had replied, saying ” I think we need to understand how much better Skyhook actually is.”

At 2:36 Google’s Zhengrong Ji replied and said “It’s sad to see first Apple, now Motorola moving away from us, which means less collection” for Google’s location database.

In other words, it’s reasonable to infer that Android handsets are quietly still collecting wireless access point information correlated to location. This information is strategically important, and the company with the most accurate information will win.

It’s a simple feature. But behind the scenes, there’s a battle going on. It turns out that browser geolocation is like laws and sausages: it’s better not to see them being made.

Photo: Compass Inlay by Steve Snodgrass, released under a Creative Commons license.

7 responses to “Laws, sausages and browser geolocation”

  1. Well, the “raw data” is a bit of a misnomer. As far as I can see it’s just a mac address of the wifi devices, and MCC+MNC+LAC+CELLID of mobile devices matched up/refined with GPS-sourced location, as opposed to the Google dataslurp from unprotected networks.

    The association of IP address to physical location is quite interesting, though. How to associate IP addresses which can be both fixed and dynamic with physical addressing of Wifi equipment which is most often fixed? On a browser there is an authorisation step to go through before you allow your browser to share your Layer 2 network-based (ie. nearby MAC/Cell ID) information, but your Layer 3 IP address is by definition part of the data supplied to a website. On the other hand, mobile devices can provide a constant dribble of both L2/L3 data, and occasionally supply GPS coordinates to enhance this data. I’m fairly confident Google Maps Mobile is doing this every time you turn it on.

    Personally L2 address to physical location doesn’t bother me. L3 address to physical location gives me the willies.

  2. I’m fine with Google mapping Wifi SSID/MAC to a location. It’s when they accidentally picked up (and stored) data from within those networks that there was a problem.

    It’s a very neat solution to the problem.

  3. Well, in my case it got the city (Calgary) right, but seems to think I’m in City Hall – about 6.8 kilometres from my actual location.

  4. In my case it got the country right and nothing else. Wrong city, wrong county, nothing right at all. Yes I’m on wireless and yes I can “see” several access points, so the database of access points is not at extensive as it claims to be nor is it up to date. All it seems to have used is my IP address and tied it to the headquarters of my ISP. Not very clever at all then.

Leave a Reply

Your email address will not be published. Required fields are marked *