Who Are the World’s Largest Data Collectors, and What Do They Do?
People today understand their online data gets collected, but it’s not exactly clear who is on the other side doing the collecting. Even the word “collecting” sounds passive, as if the information is simply being stored somewhere.
Cynics may worry that marketers purchase this information to micro-target customers more precisely. Sometimes marketers do, in fact, purchase such information, but they’re not alone: so do government agencies and law enforcement groups, which should raise eyebrows about how data is collected and used.
Having an encrypted messaging app with military-grade encryption is the only way to stay entirely above the fray. You probably underestimate the sheer bulk of data the government collects.
A few examples should convince everyone that the security of third-party applications is far from trustworthy, even if they seem innocuous.
ICE and US Law Enforcement Agencies
If you heard that Immigration and Customs Enforcement (ICE) tracked people’s location data on their smartphones, wouldn’t that raise red flags about privacy breaches and state surveillance? ICE and other law enforcement agencies may not be spying on people directly, but they effectively have access to the same type of private information as if they were.
In March of 2020, Vice News reported that a “highly complex supply chain of advertising firms, data resellers, and ultimately innocuous looking apps” provides location data to law enforcement agencies. Location data can determine much about a person, including their associations, habits, and even beliefs.
A government contractor named Venntel sells the location data of smartphones to agencies like ICE, which they, in turn, get from third-party apps people use unsuspectingly. For example, ICE used the data gathered from apps intended for mapping, navigating and learning about the weather to arrest immigrants at the US-Mexico border.
Venntel’s data is said to be “global,” and it’s unclear if these middlemen companies even understand what ultimately happens with the data they share. It’s plausible that they are telling the truth, but that makes this murky process all the scarier and is anything but reassuring!
When information gets relayed from one company to another, it may be impossible to ultimately determine the specific route it took to reach law enforcement. Imagine a chain where, with each additional link, the shape and nature of the whole chain get increasingly obscure, so it’s genuinely challenging to trace back an exact sequence of links.
Without mapping out each phase of the data relay, it’s enough to know that seemingly innocent third-party applications are the originating source for data used by law enforcement agencies to turn people’s lives upside down. In addition to ICE and law enforcement agencies, Venntel sold data to the Drug Enforcement Agency, the FBI, Homeland Security, the IRS, and the Defense Department.
When people consider data privacy and app permissions when downloading tools to help them travel in a city or get weather information, they surely don’t suspect that their data will be collected or gathered by these powerful government institutions.
Is it Even Legal?
People would be right to question the legality of such practices and wonder if there’s a legal remedy to stop it.
Government agencies are creatively interpreting the law and looking for subtle loopholes to exploit. Carpenter v. United States determined that the government needs a warrant to compel companies to overturn sensitive data to the government. However, no law prevented them from getting this information from middlemen brokers, who bought the sensitive data from the companies, effectively laundering private information.
A new legal proposal supported by both Democrats and Republicans in the US looks to ban law enforcement agencies from buying data from facial-recognition companies like Clearview AI. The law also seeks to force agencies to get a warrant before buying location data from third-party brokers.
Known as the “Fourth Amendment is Not For Sale Act”, the goal is to classify the information data brokers scavenge with the same level of protection as that gathered by your phone company or email provider. If governments can’t legally pay phone companies for private information about citizens, why should they be allowed to buy it from a new type of data gatherer only made possible by modern technology?
That sponsors and supporters of the bill come from across the political spectrum society begs an uncomfortable question: if everyone supports closing such loopholes, how did they get opened in the first place?
Edward Snowden revealed the extent of the NSA’s surveillance system years ago. Parts of the government clearly have an overarching need to spy; digital privacy should be thought of as an ongoing battle between one side that takes extreme measures to access your private data and another side, constantly reacting to the first, devoted to protecting it.
Crackdown on Religious Freedoms
The US government is intruding on some people’s privacy rights more than others in ways that infringe on religious freedom. In November 2020, it emerged that the US military purchased location data harvested from apps aimed at Muslim users, from dating apps to a prayer app with as many as 98 million downloads.
Groups like the American Civil Liberties Union (ACLU) are working to uncover the full extent of the government’s spying and close any other loopholes which may still exist. For example, the Washington Post reports about another type of loophole exploitation.
The protections granted from the Carpenter case were supposed to protect against governments forcing telecom companies to turn over private information. But government agencies have creative interpretations which hinge on the word “forcing,” suggesting there’s no legal reason a government can’t incentivize (i.e., pay a lot of money) a company for this information, which they then voluntarily agree to.
While non-partisan efforts to protect private information are encouraging, the atmosphere behind the scenes, not to mention recent history involving the NSA, portrays a different picture altogether.
It’s hard to anticipate how your data will be collected, packaged, and used against you because it’s a cat-and-mouse game against very powerful institutions that always have the first move. To steer clear of these risks altogether, you need smartphone security solutions built on military-grade encryption, back-end server protections, and a range of secondary security features to fill any potential vulnerabilities.
Whatever the world’s largest data collectors get up to, neither they nor the middlemen brokers will have your data.