How commercially-available phone location data is used by ICE (and other law enforcement agencies)
from cypherpunks@lemmy.ml to privacy@lemmy.ml on 08 Jan 2026 19:51
https://lemmy.ml/post/41421285

screenshot of text: The material does not say how Penlink obtains the smartphone location data in the first place. But surveillance companies and data brokers broadly gather it in two different ways. The first is from small bundles of code included in ordinary apps called software development kits, or SDKs. SDK owners then pay the app developers, who might make things like weather or prayer apps, for their users’ location data. The second is through real-time bidding, or RTB. This is where companies in the online advertising industry place near instantaneous bids to get their advert in front of a certain demographic. A side effect is that companies can obtain data about peoples’ individual devices, including their GPS coordinates. Spy firms have sourced this sort of RTB information from hugely popular smartphone apps.

via this 404 media article: www.404media.co/inside-ices-tool-to-monitor-phone…

paywall bypass: web.archive.org/…/inside-ices-tool-to-monitor-pho…

screenshot of text: The material shows Webloc users can search its databases of mobile phone data in various ways. Users can perform a single perimeter analysis to search a specific area for mobile phones across a certain time period. They can draw the target area with a rectangle, circle, or polygon. They then select the maximum number of results the system should display, and the maximum number of devices to return. Once a Webloc user has identified a device of interest, they can get more details about that particular phone, and, by extension, its owner, by seeing where else it has travelled both locally and across the country. Users can click a route feature which shows the path the device took. The material suggests that if users look at where the device was located at night, they might find the person’s possible home, and during the day, the person’s possible employer. The software can also do a multi-permiter analysis, which monitors multiple locations at once to see which devices have been present at two or more specific places.

#privacy

threaded - newest

Goodlucksil@lemmy.dbzer0.com on 08 Jan 2026 20:51 next collapse

I blame Bush. He created ICE. But I also blame Trump for allocating 9 billions to ICE

captainlezbian@lemmy.world on 08 Jan 2026 21:08 next collapse

I also blame Bush but largely for his firm commitment to ignore the spirit of the bill of rights

Goretantath@lemmy.world on 08 Jan 2026 21:39 collapse

Bush was Reagan 2.0, Trump is 3.0, all put in by the Heritage Foundation.

[deleted] on 08 Jan 2026 21:29 next collapse

.

chillpanzee@lemmy.ml on 09 Jan 2026 07:58 next collapse

True, but they don’t even need 0days or software exploits to breach the systems. The data is harvested legally and sold to whoever wants to pay for it. Insane amounts of data about everything you do is made commercially available by phone platforms, tech companies, apps, banks, email providers, retail establishments, cell phone carriers, governments, and of course their continual data breaches.

Anybody can target you too, it doesn’t have to be espionage outfits or state sponsored threat actors. It’s just for sale.

[deleted] on 09 Jan 2026 16:58 collapse

.

magic_smoke@lemmy.blahaj.zone on 09 Jan 2026 18:57 collapse

True, its just more work and not going to be used for dragnet surveillance.

OpFARv30@lemmy.ml on 09 Jan 2026 18:31 collapse

Reminder that GrapheneOS.

[deleted] on 09 Jan 2026 18:50 collapse

.

OpFARv30@lemmy.ml on 09 Jan 2026 21:08 collapse

Is the baseband isolated?

Yes, the baseband is isolated on all of the officially supported devices.

And

The mobile Atheros Wi-Fi driver/firmware is primarily a SoftMAC implementation with the vast majority of the complexity in the driver rather than the firmware. The fully functional driver is massive and the firmware is quite small.

[deleted] on 09 Jan 2026 21:41 collapse

.

BeardededSquidward@lemmy.blahaj.zone on 09 Jan 2026 19:16 collapse

Part of what to take away from this, do not go to organized events with your phone, leave it at home. They can easily and readily track you with it on or off.

Imaginary_Stand4909@lemmy.blahaj.zone on 09 Jan 2026 22:03 next collapse

Just curious, what about a secondary (burner I guess) smartphone? I have an old phone I stopped using years ago that I flashed LineageOS onto, it has no SIM card, I keep it fully shut down until I leave my house, and it only has Signal on it for messaging purposes and ProtonVPN. Is that also a big enough threat? I used it while at a No Kings protest.

Are dummy phones the only way to go?

BeardededSquidward@lemmy.blahaj.zone on 09 Jan 2026 22:23 collapse

No phones, period. The phone will still send out signals, just that it won’t be allowed service onto networks without the SIM card. They can still trace the phone to the point it turned on and since you used it previously as a personal phone there’s probably records they can pull on it from your carrier at the time. They can probably trace it to you via the various numbers tied specifically to that phone. As much of a PITA it is, getting a small digital camera is the way to go as long as it doesn’t do any connectivity. Just be sure to scrub the meta data on all pictures if you share them or post them online.

NewOldGuard@lemmy.ml on 09 Jan 2026 22:59 collapse

Bring it but powered off in a faraday bag. If an emergency strikes you’ll be glad to have the option.