Recently I've had the opportunity to meet Marco Stronati, one of the developers of LocationGuard. In case if this is the first time you hear about this plugin, LocationGuard offers remedy for location privacy in browsers. By default, you have two choices when a website asks your position: either you allow and provide your exact location, or deny (also likely to render the given service useless). This plugin allows you to provide answers in between, only revealing your location roughly, and what makes it even more interesting is that this is not just another home-brew PET, but they have some nice work behind the tool. Finally, it comes with nice default configuration, but setting it otherwise is quite simple and probably easy to use even for non-tech users.
You can also set it to report a fixed location – which is also the feature that motivated the current post. This could be quite useful, and as I know it from Marco, there are some people who use it with a custom place of their own choice (*). However, there is an interesting caveat using a fixed location for more privacy. Basically, the problem is that the world is huge, thus it is very likely that most users will set their fixed location differently. This also means that websites who can access this information can also easily track these users, e.g., just by storing the hash of location coordinates in a tracking cookie.
We call this phenomena the anonymity paradox. This unfortunately happens quite often, when someone is trying to use a privacy-enhancing solution in a unique setting. While this person might have anonymity in theory, but the uniqueness also allows linkability of her actions. This is why TOR developers highly discourage altering their browser, and also why some privacy-conscious users were more trackable in the Panopticlick experiment than others. To simply put, this is like visiting a bank office in a dark suit and wearing a ski mask. You will be anonymous for sure, but also easily trackable, as you'll likely find it out.
Bottom line: you should use the default fixed location, or consider using a custom fixed position until there is a fixed variaty of choices in LocationGuard. For example, as IP addresses reveal the country and city, I think country-level choices of fixed positions would be enough for most users. If you feel that is still too much, then you should use TOR Browser (when it gets fixed), and no LocationGuard. (As far as I know TOR Browser disables location requests by default.)
I am thankful to Luca Melis reviewing a draft version of this post.
This post originally appeared in the professional blog of Gábor Gulyás.
(*) Note: as they don't collect data, they don't have statistics on this. This is just from other forms of feedback.