HOW THE FEDERAL GOVERNMENT BUYS OUR CELL PHONE LOCATION DATAPART III
Published: June 14, 2022
SOURCE: ELECTRONIC FRONTIER FOUNDATION
Babel Street first registered Locate X with the U.S. Patent and Trademark Office in 2017. The service allows Babel’s clients to query a database of app-derived location data. Locate X can be used to draw a digital fence around an address or area, pinpoint devices that were in that location, and see where else those devices went in prior months. Records obtained by Motherboard from DHS reveal that, according to a DHS official, “Babel Street basically re-hosts Venntel’s data at a greater cost and with significant constraints on data access.” Babel Street employees have also said Venntel is the ultimate source of most of the location data flowing to the federal government that we are aware of.
Although Babel Street has many public-facing marketing materials, it has attempted to keep details about Locate X a secret. Terms of use provided by Babel Street to its clients ban using Locate X data as evidence, or even mentioning it in legal proceedings. Still, several buyers of Locate X have been reported publicly, including the Air National Guard, the U.S. Special Forces Command (SOCOM), CBP, ICE, and the Secret Service.
Anomaly 6 (or “A6”) also sells app-derived location data to the government. Its existence was first reported by the Wall Street Journal in 2020.
A6 was founded by a pair of ex-Babel Street employees, Brendan Huff and Jeffrey Heinz. At Babel Street, the two men managed relationships with large government clients, including the Defense Department, the Justice Department, and the intelligence community. After striking off on their own, A6 allegedly began developing a product to compete with Babel Street’s Locate X, and catering its services to a very similar clientele. In 2018, Babel Street sued the company and its founders, and the two companies eventually settled out of court.
A6 presents very little information about itself publicly. Its website comprises just a company logo and an email address on an animated background. It is not registered as a data broker in either California or Vermont. Not much is known about A6’s data sources, either. The Wall Street Journal reported that it collects data via SDKs in “more than 500” mobile apps. According to a 2021 report by Motherboard, these SDKs are deployed by “partners” of the company, not A6 itself, creating a buffer between the company and its data sources. A6 claims its contracts with the government are “confidential” and it can’t reveal which agencies it’s working with. Public procurement records reveal at least one relationship: in September 2020, SOCOM division SOCAFRICA paid $589,000 for A6’s services.
In April 2022, The Intercept and Tech Inquiry reported on presentations that A6 made in a meeting with Zignal Labs, a social media monitoring firm with access to Twitter’s “firehose.” A6 proposed a partnership between the two firms that would allow their clients to determine “who exactly sent certain tweets, where they sent them from, who they were with,” and more. In order to demonstrate its capability, A6 performed a live demonstration: it tracked phones of Russian soldiers amassed on the Ukrainian border to show where they had come from, and it tracked 183 devices that had visited both the NSA and CIA headquarters to show where American intelligence personnel might be deployed. It followed one suspected intelligence officer around the United States, to an American airfield in Jordan, and then back to their home.
https://www.blacklistednews.com/article/82756/how-the-federal-government-buys-our-cell-phone-location.html