NYC’s Free Wi-Fi Program Could Track And Share Your Browsing History

The LinkNYC program is a boon to New Yorkers—but is it worth the risk?

(Illustration: R. A. Di Ieso)
Mar 16, 2016 at 6:31 PM ET

New Yorkers might want to hesitate before using those cool new Wi-Fi stations replacing the city’s phone booths: Civil liberties groups warn they can store your Internet browsing history, which could then fall into the NYPD’s hands—or worse.

In an open letter to the mayor’s office, the New York Civil Liberties Union has warned that the new LinkNYC program gives itself the option to legally track and store the activity of those who use it.

In its privacy policy for the program, the company behind LinkNYC, CityBridge, says it can collect a trove of information from people who use the free Wi-Fi, including their email address and their real names for login purposes, as well as their browsing history to use for advertising purposes. The company retains the right to allow third-party advertisers to target ads to users based on this information, though it will not sell or share personally identifiable information to third parties. CityBridge, however, can even track users’ locations: “We know where we provide Wi-Fi services, so when you use the Services we can determine your general location,” the company says.

In a conversation with Vocativ, a CityBridge representative was quick to point out that LinkNYC does not currently store anyone’s LinkNYC browsing history, even though its policy does allow it. But there’s no promise that will remain the case, since the program is in its infancy. Rollout only began at the end of 2015, and it’s expected to take 12 years before CityBridge has installed all its LinkNYC stations across New York City’s five boroughs.

The NYCLU has warned that if left unchecked, CityBridge-collected browsing history could be stored indefinitely. “The company says it will make reasonable efforts to not retain [personal information] longer than 12 months after your last login, which could be indefinite,” NYCLU lawyer Mariko Hirose, who coauthored the letter to the Mayor’s office, told Vocativ.

Like any institution, LinkNYC data is not only inherently a potential target for hackers, it’s subject to police subpoenas. A worst-case scenario, the NYCLU wrote on its website, is that LinkNYC is effectively “building a massive database that carries a risk of security breaches and unwarranted NYPD surveillance.”

CityBridge promised in a statement that it “would require a subpoena or similar lawful request before sharing any data with the NYPD.”

One other thing to watch out for is the cameras. Though they’re not yet active, every LinkNYC station comes equipped with a video camera. While CityBridge says those will not be used for advertising purposes, that means each station will still be an extra set of eyes. They “appear to be shareable with the police and the city without any further limitation,” Hirose said.