Officials inside the Secret Service clashed over whether they needed a warrant to use location data harvested from ordinary apps installed on smartphones, with some arguing that citizens have agreed to be tracked with such data by accepting app terms of service, despite those apps often not saying their data may end up with the authorities, according to hundreds of pages of internal Secret Service emails obtained by 404 Media [404media.co]:
The emails provide deeper insight into the agency’s use of Locate X, a powerful surveillance capability that allows law enforcement officials to follow a phone, and person’s, precise movements over time at the click of a mouse. In 2023, a government oversight body [404media.co] found that the Secret Service, Customs and Border Protection, and Immigration and Customs Enforcement all used their access to such location data illegally. The Secret Service told 404 Media in an email last week it is no longer using the tool.
“If USSS [U.S. Secret Service] is using Locate X, that is most concerning to us,” one of the internal emails [documentcloud.org] said. 404 Media obtained them and other documents [documentcloud.org] through a Freedom of Information Act (FOIA) request with the Secret Service.
Locate X is made by a company called Babel Street. In October 404 Media, NOTUS, Haaretz, and Krebs on Security published articles [404media.co] based on videos that showed the Locate X tool in action. In one example, it was possible to follow the visitors to a specific abortion clinic across state lines and to their likely place of residence.
Tools similar to Locate X often use data that has been collected from ordinary smartphone apps. Apps on both iOS and Android devices collect location data and then sell or transfer that to members of the data broker industry. Eventually, that data can end up in tools like Locate X.
Originally spotted on Schneier on Security [schneier.com]
Previously: Secret Service Bought Location Data Pulled From Common Apps [soylentnews.org]