The NSA and GCHQ are not making any corporate friends with their incessant snooping. They’re using the apps we use on our smart phones to glean just about everything about us, which is not only going to annoy people and keep them from using apps but also brings attention to how much corporations are stealing our information.
The National Security Agency and its UK counterpart GCHQ have been developing capabilities to take advantage of “leaky” smartphone apps, such as the wildly popular Angry Birds game, that transmit users’ private information across the internet, according to top secret documents.
The data pouring onto communication networks from the new generation of iPhone and Android apps ranges from phone model and screen size to personal details such as age, gender and location. Some apps, the documents state, can share users’ most sensitive information such as sexual orientation – and one app recorded in the material even sends specific sexual preferences such as whether or not the user may be a swinger.
Many smartphone owners will be unaware of the full extent this information is being shared across the internet, and even the most sophisticated would be unlikely to realise that all of it is available for the spy agencies to collect.
Don’t upload photos or use Google Maps, either.
In practice, most major social media sites, such as Facebook and Twitter, strip photos of identifying location metadata (known as EXIF data) before publication. However, depending on when this is done during upload, such data may still, briefly, be available for collection by the agencies as it travels across the networks.
Depending on what profile information a user had supplied, the documents suggested, the agency would be able to collect almost every key detail of a user’s life: including home country, current location (through geolocation), age, gender, zip code, martial status – options included “single”, “married”, “divorced”, “swinger” and more – income, ethnicity, sexual orientation, education level, and number of children.
The agencies also made use of their mobile interception capabilities to collect location information in bulk, from Google and other mapping apps. One basic effort by GCHQ and the NSA was to build a database geolocating every mobile phone mast in the world – meaning that just by taking tower ID from a handset, location information could be gleaned.
A more sophisticated effort, though, relied on intercepting Google Maps queries made on smartphones, and using them to collect large volumes of location information.
So successful was this effort that one 2008 document noted that “[i]t effectively means that anyone using Google Maps on a smartphone is working in support of a GCHQ system.”
If anything is going to put a stop to this, it’s companies like Google throwing their weight around. They don’t want people thinking that using their maps “is working in support of a GCHQ (or NSA) system.”
After all, they want your information for themselves.