My Phone Was Spying on Me, so I Tracked Down the Surveillants

THREAD on the location data industry and how European personal data ended up at a U.S. government contractor.
There are 160 apps on my phone. What they’re actually doing, I don’t know. So I decided to figure it out by using the power of the GDPR - or the more lame name of subject access requests (SAR).
Long story short – I got a lot of data on my movements. Actually more than 75.000 data points on my precise location.

Home and work:
How: I designed an experiment where I installed a lot of apps on an Android phone. I then consented to sharing my location data. Then I turned the tables: By using SARs I stitch together the data flows from me to different companies. (Better graphics in article.)
The app Funny Weather appeared in the metadata provided by Venntel and Gravy Analytics. The data might have been shared through Predicio, but the company did not respond to any requests for an interview.
Complementics and Predicio sent my personal data to Gravy Analytics, a major data broker in the marketing business. This is according to the SAR from Gravy. Gravy did not respond to comment.
Venntel is a subsidiary of Gravy Analytics. Venntel has a lot of government contracts – CBP, ICE, IRS, FBI, DEA. What these agencies actually use the data for @ByronTau (WSJ) and @josephfcox (Motherboard) have a lot of good reporting on.
Venntel told me in a subject access request that my data was shared, but they did not provide to whom. When contacted later - they told me in a short statement that the data was not shared with ICE or CBP.
ENGLISH ARTICLE: https://nrkbeta.no/2020/12/03/my-phone-was-spying-on-me-so-i-tracked-down-the-surveillants/
My Phone Was Spying on Me, so I Tracked Down the Surveillants

There are 160 apps on my phone. What they're actually doing, I don't know. But I decided to find out. This is an English translation, read the original here. I have a feeling these apps are …

https://nrkbeta.no/2020/12/03/my-phone-was-spying-on-me-so-i-tracked-down-the-surveillants/
We cooperated with @josephfcox, who made this article with a US focus https://www.vice.com/en/article/epdpdm/ice-dhs-fbi-location-data-venntel-apps
How an ICE Contractor Tracks Phones Around the World

New documents show how Venntel, which sells some of its location data to ICE, CBP, and the FBI, obtains the information from ordinary apps.

https://www.vice.com/en/article/epdpdm/ice-dhs-fbi-location-data-venntel-apps
In the article you will find statements from U.S. agencies and apps / companies.
Reaction to the reporting by @josephfcox https://twitter.com/aclu/status/1334531537799409664
Some have asked about easy steps to better protect themselves or someone that are less technical: https://twitter.com/martingund/status/1334825574821453826?s=20
Reactions: Slovak DPA opens an investigation after my reporting. Will likely focus on the app provider Sygic as the company is based in Slovakia. https://twitter.com/martingund/status/1337338804273901569
App provider breaks partnerships https://twitter.com/martingund/status/1337427140850147328
You can follow @martingund.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.