08/17/2020 / By Ralph Flores
Hundreds of millions of mobile phones are at risk of being tracked using hidden software from a federal contractor. The Wall Street Journal reported last week that Anomaly Six – a Virginia-based company with ties to the U.S. defense and intelligence communities – has put government tracking software in over 500 mobile applications.
Anomaly Six said that it’s able to collect anonymized data from mobile phones, which it aggregates and sells to the U.S. government. It’s able to do this through its own software development kit, or SDK, which it uses to embed its own code directly in some of the apps. This allows it to draw location data once users allow an app with the software to access the phone’s GPS coordinates.
Most developers allow third-party companies to insert custom code into their apps using SDKs, often for a fee. This allows whoever inserted the code to collect and sell consumer data that it gets through the app, wherein the publisher gets a portion of the revenue. People using the app, however, have no way of knowing if there is custom code embedded in their apps, as most privacy policies don’t provide that information. Aside from embedding its own code, Anomaly Six says that it also collects location data from other partners.
The data that companies like Anomaly Six collect is an effective tool for understanding the behavior of people who uses the app. Despite the data being “anonymous,” data brokers can still use it to profile a person. For instance, location data they collect at night – when the phone will likely be idle – can indicate a person’s home. It’s not that hard to figure out the rest, using the other data points they have, such as where a person works, how they commute, and even where they eat.
While Anomaly Six is a federal contractor, it maintains that it restricts the sale of mobile phone data to nongovernmental and private-sector clients. It’s worth noting at this point, that even if the company feeds mobile data to the U.S. government, it’s – surprisingly – legal. In fact, law enforcement and intelligence agencies regularly use cell phone location data, often collected through a third-party, in their line of work. For a federal contractor with close ties to national security agencies to engage in this kind of practice, however, is unusual.
The practice has caught the eye of Sen. Ron Wyden, who is currently conducting a probe into the sale of Americans’ location data. In response, Anomaly Six says that it’s using commercially available, detailed location data that it obtained lawfully. (Related: Contact tracing app surveillance raising serious privacy concerns.)
“Anomaly Six is a veteran-owned small business that processes and visualizes location data sourced from mobile devices for analytics and insights,” the company told the Wall Street Journal. “We leverage detailed location data from numerous first-party sources to provide insights into groups, behaviors, and patterns.”
Anomaly Six also said that it would support regulation, especially on data collection and use, but it declined to comment when pressed on which apps contain their code. A look at their website also showed that it doesn’t have a privacy policy on its website; likewise, mobile apps that use its code do not disclose the fact that a customer’s data could be sold to the U.S. government. Partnerships with data brokers and app makers are considered trade secrets.
“You could argue that the government has the right, just like any commercial entity, to buy the data, if the data is available from a commercial supplier,” Asif Khan, the founder of Location Based Marketing Association, a trade group dealing with location data, told the Wall Street Journal. “But you also need to be able to clearly say ‘this data could be used by government.’”
People looking to opt-out of tracking don’t have a choice. Simply put, their smartphone habits are tracked and sold to the government – and there’s nothing they can do about it.
Sources include:
Tagged Under: badtech, Big Brother, cell phones, government, mobile phone data, Orwellian, privacy, privacy concerns, spying, surveillance
COPYRIGHT © 2017 COMPUTING NEWS