The threat is growing as more data are collected and automatically shared with apps using tracking technology. Data mining is becoming mor...
 |
| The threat is growing as more data are collected and automatically shared with apps using tracking technology. Data mining is becoming more sophisticated at collecting geolocation data, adding signals from Wi-Fi networks and Bluetooth beacons. |
The Times Privacy Project obtained a dataset with more than 50 billion location pings from the phones of more than 12 million people in this country. It was a random sample from 2016 and 2017, but it took only minutes — with assistance from publicly available information — for us to deanonymize location data and track the whereabouts of the person carrying a phone. The device owner: Was easy to trace, revealing the outline of the person’s work and life. The same phone pinged a dozen times at the nearby Secret Service field office and events with elected officials.
From computer screens more than 1,000 miles away, we could watch the person travel from exclusive areas at Palm Beach International Airport to Mar-a-Lago. [Related: Where Even the Children Are Being Tracked — We followed every move of people in one city. Then we went to tell them.] The meticulous movements — down to a few feet — of the president’s entourage were recorded by a smartphone we believe belonged to a Secret Service agent, whose home was also clearly identifiable in the data.
 |
| An Investigation Into The Smartphone Tracking Industry And Data Trading With Secret Services. photo: Time Privacy. |
For the nation’s security agencies, however, privacy is critical to the safety of military, defense and security operations across the country and abroad. If threats to that privacy have seemed abstract in the past, the trove of location data we have analyzed has brought them into sharp relief. Military and intelligence officials have long been concerned about how their movements could be exposed; now every move is. As a senior Defense Department official told Times Opinion, even the Pentagon has told employees to expect that their privacy is compromised: “We want our people to understand: They should make no assumptions about anonymity.
You are not anonymous on this planet at this point in our existence. Everyone is trackable, traceable, discoverable to some degree.” We were able to track smartphones in nearly every major government building and facility in Washington. We could follow them back to homes and, ultimately, their owners’ true identities. Even a prominent senator’s national security adviser — someone for whom privacy and security are core to their every working day — was identified and tracked in the data.
The law of many countries prevent mobile telecommunication companies from sharing location data with the government without a warrant or court order like in the US there are no federal protections limiting how they use or share it privately. No such protections are currently being debated before Congress — even though we found that we could track people through Congress’s own halls as easily as any place else. When we reached out to some lawmakers to show what we found, the outrage proved bipartisan. “This is terrifying,” said Senator Josh Hawley, Republican of Missouri, who has called for the federal government take a tougher stance with tech companies.
“It is terrifying not just because of the major national security implications, what Beijing could get ahold of. But it also raises personal privacy concerns for individuals and families. These companies are tracking our kids.” “Tech companies are profiting by spying on Americans — trampling on the right to privacy and risking our national security,” Senator Elizabeth Warren, a Democrat running for president, told us. “They are throwing around their power to undermine our democracy with zero consequences. This report is another alarming case for why we need to break up big tech, adopt serious privacy regulations and hold top executives of these companies personally responsible.”
 |
| Satellite imagery: Greenish dots, the geolocation of mobile users at the Pentagon. |
Packaged with millions of other data points, location information is turned into marketing analysis and sold to financial institutions, real estate investors, advertising companies and others. Companies say they vet partners carefully and tend to work with larger players that have a clear business case for receiving the data. Like all data, the vast location files are vulnerable to hacks, leaks or sale at any point along that process. The data we reviewed was provided to Times Opinion by sources who asked to remain anonymous because they were not authorized to share it and could face severe penalties for doing so. Multiple experts with ties to the United States’ national security agencies warned in interviews that foreign actors like Russia, North Korea, China and other adversaries may be working to steal, buy or otherwise obtain this kind of data.
Only months ago, hackers working for the Chinese government allegedly targeted location data for people moving throughout Asia by breaking into telecom networks, according to a report by Reuters. “People literally go to work every day, sit down at a desk, check the sports, send an email or two to their girlfriend and then start looking for databases they can steal,” said James Dempsey, the executive director of the Berkeley Center for Law and Technology. “They just do that 9 to 5, every day.” The American government may conduct similar intelligence operations against its adversaries, experts said, though under stricter legal frameworks.
Using the data, we identified people in positions of power by following smartphone pings as they moved around the White House, Capitol Hill, the Supreme Court and other government facilities. In many cases, the data trails led back to the smartphone users’ homes. In this series, we did not name any of the identified people without their permission. And the data below has been obscured to protect device owners.
Connecting a Ping to a person
This method is very easy as combining home and work locations with public information. A seemingly random set of movements turned into a clear individual pattern after we added just one other piece of information. Plenty of corroborating information is already floating around dark corners of the web, given the frequent high-profile data breaches of the past decade. Consider what China already knows: In 2015, a federal database containing the personal information of more than four million people with security clearances was stolen by Chinese hackers presumed to be state actors. “From those very detailed documents, they may gather a good deal of information about a person,” said David S. Kris, a co-founder of the consulting firm Culper Partners and former assistant attorney general for the national security division of the Department of Justice. Mr. Kris said he was also included in the data that was hacked. “The more you can combine location-based data into a mosaic with other information, the more likely you are to gain real insight into an adversary.”
After Ms. Spaulding raised the danger of tracking judges, we checked the data file for courthouse employees. In minutes, we found dozens of potential targets by watching smartphones sharing their precise locations inside Washington courthouses. One person whose movements we traced has a role in the technology division, which controls servers containing data for the Supreme Court. For people with political power, knowing those locations could put their safety — and our national security — at risk. Experts told Times Opinion that foreign governments could use the data to monitor sensitive sites and identify people with access to them, and their associates. “Not everybody in the department has a national security position, not everybody has access to classified or higher-level stuff,” the senior Defense official said. “But everyone in the department is of some interest or value to a lot of adversaries just by virtue of being a member of the Defense Department, just by working at the Pentagon.”
Blackmail
Once stolen, details on sexual interests and extramarital affairs can provide opportunities for extortion. Targets could be coerced in ways large and small, compelled to make decisions or take actions for a foreign government. Or the locations themselves could provide valuable intelligence about security practices, contacts, schedules and the identities of people in prominent and sensitive posts, with access to state secrets or critical infrastructure. With no training and far more limited technical tools than those of a state intelligence service, we were able to use the location data — date, time and length of stay — to make basic inferences. By determining whether two people were in the same place at the same time, it was easy to zero in on spouses, co-workers or friends. Cataloging their movements revealed even more associations, creating the map of a robust social network that would be nearly impossible to determine through traditional surveillance.
In cases where it was difficult to identify an individual, associations offered more clues about workplaces and interests. In one case, it proved difficult to confirm the identity of a man listed in public records who had a common name. Examining his associations revealed that he met multiple times with someone carrying another phone that was being tracked. That person was, we soon learned, his brother. That piece of information doubled the pool of digital breadcrumbs to follow, ultimately helping confirm both of their identities.
Now consider elections. Bad actors could monitor candidates and elected leaders for intelligence that could be leaked or used to blackmail them. There are also no regulations limiting how long location data can be stored. Data swept up today may prove valuable in the future, as everyday citizens rise to positions of authority and influence only to have their precise movements from years gone by reviewed for damaging insights. Defense contractors and employees at secure locations like power plants are all at risk.
We found smartphone pings at all of these sorts of sites. In one case, someone who spent their weekdays at the Pentagon visited a mental health and substance abuse facility multiple times. Even just commuting to work can be risky for people in prominent positions. “The easiest way to figure out how to get to you is know you always have the same routine,” said Mr. Rasser, the former Central Intelligence Agency officer. He said he mixes up his own routine, partly because the C.I.A. emphasized such methods when he joined. The threats will only grow as more data is collected and shared. More apps will enter the marketplace using tracking technology. And companies are becoming more sophisticated at collecting location data, adding signals from Wi-Fi networks and Bluetooth beacons.
 |
| Trump's secret service agent driving paths around, Pentagon, Capitol Hill, Supreme Court, and Whitehouse |
Similarly, there were no blackout areas in many sensitive government buildings. We observed thousands of pings inside the Pentagon, on military bases, in F.B.I. headquarters and in Secret Service facilities across the country. (Intelligence facilities also have secure areas where certain electronic devices aren’t permitted.) The risks posed by location-tracking remain largely unaddressed by the government. Beginning last year, the Department of Defense prohibited geolocation features and functionality from being used by its workers on devices in “operational areas” like foreign military bases. For all other locations, the department said it would consider the risks and issue-specific recommendations to personnel. For now, the department does not issue guidance to employees about downloading specific apps, including those that might share location data with third parties.
“Instead, we focused on certain core characteristics of the geolocation functionality and identified what risks those characteristics posed,” a department spokesman, Lt. Col. Uriah L. Orland, said in an email. Agencies with a need for heightened security are left in a vulnerable position. Phones are ubiquitous, and so long as granular location tracking remains legal, even the Defense Department must play along. “We cannot stop our workforce of 3.6 million people from living their everyday lives,” a senior department official told us. We haven’t identified any serving elected representatives in our data, but we found a former House representative and dozens of prominent public officials, including chiefs of staff, security officials and subcommittee staff members. Given their proximity to public figures with public schedules and their presence at training sites and field offices, Secret Service agents were particularly easy to identify. With little difficulty, we were able to track a Secret Service agent who spent most of his daytime hours in the West Wing of the White House. He also joined President Trump at the National Cathedral the day after the inauguration.
Data Trade
Every day similar information is being collected each second and often resold to third parties, meaning anyone with current access to such data could feasibly, in near real time, track people within arm’s reach of the president or other powerful figures. “If you want to take action against someone, you have to find them first,” said Mr. Kris, the former Department of Justice official. “I’m wary of breathless, pearl-clutching, speculative, sensationalistic counterintelligence concerns. This doesn’t strike me as falling into that category. I think there is a legitimate concern here.” Leaked location data may open the door to other cyber vulnerabilities. Foreign actors could learn movement details and infer meeting locations, which could be used to conduct a type of scam where targets receive fake emails — posing as a friend you just met with or a business you just visited — including a phony link meant to steal your password or install malware.
“Location tracking data of individuals can be used to facilitate reconnaissance, recruitment, social engineering, extortion and in worst-case scenarios, things like kidnapping and assassination,” warned Kelli Vanderlee, manager of intelligence analysis at the cybersecurity company FireEye. Those are not theoretical threats. The phone of the Washington Post journalist Jamal Khashoggi, who was assassinated in 2018, was allegedly compromised, possibly allowing his location data to be used to follow him. Last year, Strava, a company that makes a fitness app, released a global map showing 700 million activities that clearly revealed American military bases abroad.
The Department of Defense issued its recent guidance after discovering the problem. The data reviewed by Times Opinion revealed several points on domestic military bases as well, showing how some of the nation’s most secure armed sites can be exposed. “An adversary can still glean a lot from your whereabouts on the base itself,” said Mr. Rasser, the former C.I.A. officer. “If you’re always at a certain part of the base, at a certain time, you can start piecing together what the function of that corner of the base could be based on the person’s job duties.” Using base locations as a guide, Times Opinion accurately surmised the job title of a commander in the U.S. Air Force Reserve. He regularly traveled to the Pentagon and visited Joint Base Andrews, perhaps best known as the home of the president’s airliner, Air Force One.