The American Civil Liberties Union (ACLU) released a report Monday that reveals how the US Department of Homeland Security (DHS) is ‘sidestepping our Fourth Amendment right’ by accessing ‘vast quantities of people’s cellphone location information.’
The records show DHS collected data on more than 336,000 location data points across North America that was gathered from apps on millions of people’s smartphones.
The data points allow DHS, Customs and Border Protection (CBP), Immigration and Customs Enforcement (ICE), to ‘identify and track specific individuals or everyone in a particular area.’
The report also shows that the data lets ‘local law enforcement entities gain access to this large mass of data in ways that they would not usually be able to,’ the ACLU shared in a statement.
The ACLU notes that tax dollars from millions of people is being used by DHS to purchase access to cell phone location that was sold to the agency ‘by two shadowy data brokers, Venntel and Babel Street.’
The data points allow DHS, Customs and Border Protection (CBP), Immigration and Customs Enforcement (ICE), to ‘identify and track specific individuals or everyone in a particular area’
The issue began in February 2020, when The Wall Street Journal revealed the Trump administration had purchased access to databases that map movements of ‘maps the movements of millions of smartphones in America and is using it for immigration and border enforcement,’ people familiar with the matter told WSJ.
However, the practices were carried over to the Biden administration.
Shortly after the news broke, ACLU submitted a Freedom of Information Act (FOIA) lawsuit to DHS, ICE and CBP, which mandated the federal agencies release documents showing their data collection.
And although it was known these groups paid to access location data, the full extent of how much was being collected was not previously known.
More than 6,000 records show DHS collected data on more than 336,000 location data points across North America that was gathered from apps on millions of people’s smartphones
The documents show that in just three days in 2018, CBP collected data from 113,654 location points in the southwestern US — more than 26 location points per minute.
‘And that data appears to come from just one area in the Southwestern United States, meaning it is just a small subset of the total volume of people’s location information available to the agency,’ the ACLU shared in a statement.
According to the documents, CBP was using the data location for immigration enforcement and investigations in human trafficking and narcotics, POLITICO reports.
Venntel, which is based in Washington DC, describes itself as a government contractor that ‘supports our common interests through technological innovation, data reliability, and proven results.’
However, the firm is in the business of selling location data of smartphones to law enforcement and government agencies.
Venntel first approached DHS, ICE and CBP as early as 2017, with a broker from the company telling ICE in an email that it collected location data from more than 250 million mobile devices and processed more than 15 billion location data points a day.
And the documents released by the ACLU show the agencies knew the data collected were ‘a surveillance boon and privacy concern,’ according to POLITICO.
The records obtained by the ACLU highlight how these agencies knew that the advertising technology industry’s location data collection was both a surveillance boon and a privacy concern.
Venntel had initially shared with CBP in a marketing brochure that ‘all users opt-in to location data collection,’ and that no personal data was ever collected.
However, the in a separate correspondence between the company and ICE, a broke stated that ‘there are derived means by which identifiers and pertinent location can be assembled.’
This means the data can be used to identify the person, even though there is not any personal information tied to the data point.
Nathan Freed Wessler, the ACLU’s Speech, Privacy and Technology Project’s deputy director, told POLITICO: ‘These agencies seem fully aware that they are exploiting a massive privacy disaster in this country.
Because the agencies purchases the location data from a database, it was considered commercially available and did not require a warrant to use (stock photo)
‘These agencies understand that the same data dumps that they are able to buy access to for whatever they want can also be bought by anyone else to try to target their agents.’
In 2019, DHS’ acting privacy officer ordered the agency to ‘stop all projects involving Venntel data’ due to privacy concerns of using people’s location data – but CBP and ICE continued to use Venntel’s database
Because the agencies purchases the location data from a database, it was considered commercially available and did not require a warrant to use.
However, four years ago, in Carpenter v. United States, the Supreme Court ruled that the government needs a warrant to access a person’s cellphone location history from cellular service providers because of the ‘privacies of life’ those records can reveal.
‘That case hinged on a request for one suspect’s historical location information over a several-month period,’ the civil liberties group stated.
‘In the documents we received over the past year, we found Venntel marketing materials sent to DHS explaining how the company collects more than 15 billion location points from over 250 million cell phones and other mobile devices every day.’