In what could turn out to be just the tip of the iceberg, a freely available memo explains how a US military intelligence outfit, Defense Intelligence Agency (DIA), buys user data collected by commercial data harvesting companies, without the need to first produce a warrant.
The purchases in question concern location data collected by apps installed on people’s phones, and then sold to data brokers, that Senator Ron Wyden – to whom the memo was addressed – describes as “sleazy and unregulated” companies that are “simply above the law.”
“The Fourth Amendment is not for sale,” he said, referring to legal protections from unreasonable searches by the government.
But as things stand, DIA is not breaking any law, at least not the letter of any law: A 2018 decision by the Supreme Court says that under the US Constitution, government agencies must have a warrant in order to force phone operators to had them location data collected from customers.
But there is nothing stopping them from buying that data contained in commercial databases. Or as the DIA memo explained to Wyden, “DIA does not construe the Carpenter (Supreme Court) decision to require a judicial warrant endorsing purchase or use of commercially available data for intelligence purposes.”
True to that, the agency also freely admitted to going down this route in five investigations over the past two and a half years.
Wyden, a Democrat, appeared livid about the whole situation when he addressed Senate earlier this week and announced he would introduce legal changes to amend the current practice, that the New York Times referred to as “a loophole.”
And it’s potentially a pretty big loophole. The focus of the report is only on location data, and on individual apps who collect and sell it – and makes a point of Google and Apple vowing to remove apps that use their own tracking software to harvest and sell data.
But what about the biggest harvester and seller of data to brokers of them all, Google itself? In Europe, the company has already come under scrutiny for collecting and selling far more than just location data: Google’s deals with these third-party, “sleazy, above the law” companies allegedly include such sensitive data as people’s health status, religious beliefs, and sexual orientation.
As for Wyden’s legislative initiative, the NYT speculates it will be incorporated into a debate at whose center is a push to revive “several provisions of the Patriot Act that expired, and whether to put new safeguards on them.”
If you're tired of censorship and dystopian threats against civil liberties, subscribe to Reclaim The Net.
