A recently declassified report addressed to the Director of National Intelligence, Avril Haines, has raised alarming concerns about the intrusive surveillance practices of U.S. intelligence agencies, including the FBI, DHS, and NSA. According to privacy advocates, these agencies have exploited legal loopholes to amass extensive “sensitive and intimate” data on U.S. citizens, ostensibly flouting the law.
The report illustrates how intelligence agencies have managed to bypass the necessity for a warrant to track citizens’ phone locations. The agencies exploit a legal loophole allowing them to purchase large data troves, thereby considering it as “publicly available” information. “Intelligence agencies are flouting the law and buying information about Americans that Congress and the Supreme Court have made clear the government should not have,” said Sean Vitka, a policy attorney at the nonprofit Demand Progress, in a statement to Wired.com.
According to the advisers who composed the report, the conflation of information available for sale with publicly available information due to outdated policies poses a considerable threat. They argue that the massive data sets currently available for purchase are “more revealing, available on more people, less possible to avoid, and less well understood” than ever before. Moreover, such data can be procured by private companies, creating potential avenues for exploitation.
The report also contests the purported anonymity of the purchased datasets. While the data is often claimed to have been “anonymized”, the report to the Office of the Director of National Intelligence shows how it can be relatively easy “to de-anonymize and identify individuals”, especially when multiple data points are cross-referenced. This could potentially expose a group of individuals attending a specific event or protest based on their smartphone location or ad-tracking records.
The report’s findings do not come as a complete surprise. In March, FBI Director Christopher Wray confirmed that his agency had purchased cellphone geolocation data. However, he asserted that the bureau’s practices had since changed and that a “court-authorized process” was now required to access such data.
Data brokers, including companies like Safegraph and Gravy Analytics, often sell large volumes of data, much of it sourced from commonplace cellphone apps such as navigation, weather, gaming, and social media apps. Unbeknownst to most users, the terms and conditions for using these apps often include consent to sell their data, including location data.
The absence of a federal privacy law in the U.S., unlike most countries in Europe and other developed nations, exacerbates the situation, leaving most citizens oblivious of what data they’re relinquishing and to whom. As noted by Electronic Frontier Foundation Senior Staff Attorney Adam Schwartz, this data is extremely sensitive and can reveal intimate details about individuals’ lives, including their movements, associations, places of worship, protests, and medical visits.
In a sobering warning, the report underlines the potential misuse of this data if it falls into the wrong hands, enabling acts such as blackmail, stalking, harassment, and public shaming.
