Location tracking has been a hot-button issue this year, starting with concerns about Apple's iOS in April before moving to Google, Microsoft, and now Skype.

Location tracking has been a hot-button issue this year, starting with concerns about before moving to , , and now Skype.

In a recent paper, researchers from the Polytechnic Institute of New York University found that the average Internet user can leverage a service like Skype to track a person's whereabouts. Researchers focused on Skype, but acknowledged that other real-time services might also produce the same result.

"We conclude that any Internet user can leverage Skype, and potentially other real-time communications systems, to observe the mobility and filesharing usage of tens of millions of identified users," according to the paper.

"Specifically, if Alice knows Bob's VoIP ID, she can establish a call with Bob and obtain his current IP address by simply sniﬃng the datagrams arriving to her computer," researchers continued. "She can also use geo-localization services to map Bob's IP address to a location and ISP. If Bob is mobile, she can call him periodically to observe his mobility over, say, a week or month. Furthermore, once she knows Bob's IP address, she can crawl P2P ﬁle-sharing systems to see if that IP address is uploading/downloading any ﬁles. Thus VoIP can potentially be used to collect a targeted user's location. And VoIP can potentially be combined with P2P ﬁle sharing to determine what a user is uploading/downloading. This would clearly be a serious infringement on privacy."

In a statement, Skype said "we value the privacy of our users and are committed to making our products as secure as possible. Just as with typical Internet communications software, Skype users who are connected may be able to determine each other's IP addresses. Through research and development, we will continue to make advances in this area and improvements to our software."

Researchers said they were less concerned about "big-name companies" tracking our mobility but about "smaller, less-trustworthy entities" who might take advantages of such security glitches. A prankster, for example, could use the data to create a public Web site that exposes the location and file-sharing activity of all active Skype users in a particular city or country, the paper said.

Skype was notified of the problem months ago, but as of May 2011, "all the schemes presented in this paper are still valid," researchers said.

What can be done? Among the solutions, the paper suggests the creation of a system that does not reveal someone's IP address until a user accepts the call.