US authorities secretly buy your phone data

Most of us already know how U.S. government agencies are searching virtual communication networks allegedly to spy on foreigners, but in the meanwhile, they also spy on Americans. Now we’ll take a look at how these agencies are buying up phone data to carry out a growing form of mass surveillance.

This should come as no surprise to anyone who has followed the history and government misuse of phone data that is collected by large corporations and then given to the government(s) to use as they wish. Now reports are emerging that the US Department of Homeland Security (DHS), Immigration and Customs Enforcement (ICE), and Customs and Border Protection (CBP) are involved in such a scheme.

The US Secret Service is also mentioned in this context – and all are accused of actually breaking the law by using the apps on unsuspecting people’s phones to gain access to their owners’ whereabouts.

What (perhaps) will not surprise anyone who has been following this area for some time is the allegation that in at least one case this data was used by an employee of the said authorities for private purposes – not in connection with an investigation – “merely” as a practical means of spying on a colleague.

Accessing and ultimately misusing commercial telemetry data (CTD) is the official term for what is said to have enabled this breach.

Another unsurprising revelation is that the US government and many agencies under it have managed to gain access to coveted location data from so-called “third parties” – the opaquest of opaque business entities that have long understood how to play the game by buying and selling data and making huge profits while essentially remaining accountable to no one.

Now some accountability seems to be emerging. Not that the laws have changed significantly or that federal authorities are unwilling to exploit all legal loopholes.

This time, internal reports refer to alleged evidence that the “three main buyers” of location data are actually doing this illegally. This means that the oversight that was supposed to be in place during these highly controversial transactions simply did not exist.

There is a copy of the internal reports here.

The legality at issue here has to do with United States law, which, thanks to the Fourth Amendment to the U.S. Constitution, requires anyone acting on behalf of the government to present a valid search warrant.

Accessing a person’s personal digital information – contrary to what is currently considered “legal” in the US – is certainly considered a search.

But where is the search warrant?

Various civil rights groups are approaching this massive problem from their (perhaps) unfortunate “politics and ideology first” perspective, even though the implications of the practice are truly universal—not just for the United States and everyone there.

Nevertheless, the American Civil Liberties Union (ACLU) initially found the courage to condemn the policy from the perspective of the “little citizen” – “The person told employees that he had pinpointed his location using the CTD – the problem became ‘Administratively resolved,’” according to reports that describe the history of this particular complaint.

But then the ACLU came forward with what really worried them – rightly so, because other groups may also be concerned about protecting people’s privacy, no matter who they are.

But the ACLU focused on U.S. Immigration and Customs Enforcement and U.S. Border Protection, which play this particular game — tracking people’s location data that is unknowingly “shared” by “unsuspecting” apps on their phones.

The Electronic Frontier Foundation, EFF, took the trouble to define this:

“The (ACLU) report makes clear that DHS agencies are playing cards close to their chest when it comes to collecting Americans’ location data.”

And further: “Congress needs to expressly prohibit law enforcement agencies and intelligence agencies from purchasing data from private companies that they would otherwise need authorization to acquire.”

But how is something like this possible – regardless of whether they are citizens, legal or illegal immigrants?

According to the EFF, this is because “the (privacy impact assessment) components did not have sufficient internal controls to ensure compliance with DHS privacy policies and the DHS Privacy Office did not follow or enforce its own privacy policies and instructions.”

Another – perhaps more interesting – report focuses on how ICE chose to continue working with an allegedly shady location data broker after the alleged 2021 “data break.”

It seems easy to renew the contract (worth about $800,000 per year) year after year.

Who is the contact person?

One Babel Street.

What is that?

Babel Street is known for collecting publicly and commercially available information (PAI/CAI) to provide threat intelligence. While the premise is to protect and inform, this beacon of technological advancement casts a shadow that sparks debate about civil liberties and fears of surveillance.

Babel Street and its counterparts promise unprecedented situational awareness, separating the digital wheat from the chaff to produce actionable insights. Governments and companies tout these platforms as pioneers of security, essential at a time when threats lurk in the depths of cyberspace. But at what cost to privacy?

The effectiveness of these tools relies on their ability to be constantly vigilant, analyze patterns and predict risks. What is worrying, however, is that such systems can inadvertently transform into a kind of digital panopticon in which those being observed know nothing about the observers, but are nevertheless constantly under observation. This scenario is an atrocity to privacy, a concept that is the foundation of civil liberties.

Proponents argue that platforms like Babel Street operate in the PAI/CAI space by leveraging what already exists in the public space. However, this public information is compiled in an unprecedented breadth and depth, so it may reveal more than people expect. The granularity of the data available can paint a detailed picture of daily life, interests and behavior.

The line between public interest and invasion of privacy becomes blurred when such widespread surveillance becomes normal. It is a dilemma in which the protection of civil liberties can conflict with the supposed benefits of omniscient surveillance systems.

Babel Street prides itself on being a virtual data interpreter, a role that comes with significant power. Interpretation of data can influence decisions in important areas such as law enforcement and national security. But who monitors the performers? Who ensures that the interpretation does not become a subjective narrative that violates civil rights or can be misused for political purposes?

The more sophisticated the surveillance tools become, the louder the call for control becomes. The digital divide is no longer about access to technology, but about transparency and control of surveillance tools. There need to be checks and balances to ensure that these powerful tools do not go too far and there is accountability when misused.

A critical look at the discourse on digital surveillance, in which institutions like Babel Street play a prominent role, reveals a narrative characterized by potential border crossings and interference with personal freedoms. This discourse is not a detached observation, but a strong warning about the far-reaching and often opaque nature of these surveillance mechanisms.

This concern is not unfounded because, in their pursuit of public security, these tools may inadvertently compromise the sanctity of privacy, which is a cornerstone of democratic principles. Their ability to monitor indiscriminately raises profound ethical questions and blurs the lines between surveillance and violation.

This conclusion should therefore be understood as a sharp criticism of the current development of surveillance technologies. The uncontrolled development of such tools risks creating an environment in which privacy is unduly compromised and the specter of a pervasive surveillance apparatus is raised.

 

yogaesoteric
December 4, 2023