In a recent report that has raised eyebrows in Germany, a data brokerage firm based in the United States is said to have supplied a journalist with an extensive collection of geolocation data points, numbering in the billions, sourced from German citizens’ mobile applications. This dataset reportedly includes information from the devices of individuals in sensitive national security roles.
The American company, known as Datastream Group, is reported to have provided this data as a complimentary sample, showcasing what could be expected from a potential monthly subscription service. This was detailed in a collaborative investigation by the German public broadcaster Bayerische Rundfunk and the digital rights news platform netzpolitik.org.
Datarade, a German digital marketplace that facilitates the exchange between data providers and purchasers, is said to have played a pivotal role in connecting Datastream Group with the journalist in question.
The ease with which this sensitive geolocation data was obtained has sparked concern, especially given the stringent data protection regulations in the European Union that mandate user consent for the sharing of such information. The incident has left many surprised at their vulnerability to data brokers operating from outside the EU.
While neither Datastream Group nor Datarade has been formally accused of any legal or regulatory infractions, the reaction of Europe’s data protection authorities to these revelations remains to be seen.
For a fee of approximately $14,000 per month, Datastream Group reportedly offers a service that provides a continuous flow of fresh geolocation data from a vast array of smartphones globally, practically in real-time.
A staff member from netzpolitik.org managed to acquire the data, which spanned an eight-week collection period in late 2023, by simply completing a registration form on Datarade using genuine identification details. Following a brief telephone conversation, Datastream Group released the data.
The geolocation information was extracted from advertising identifiers, commonly utilized by the advertising sector to customize marketing efforts to individual smartphones. Possession of a specific advertising identifier enables the tracking of a person’s movements with precision.
The data shared included detailed coordinates and timestamps, allowing the creation of comprehensive movement profiles for numerous individuals, including those in national security and military positions.
For instance, the analysis of the data enabled the identification of a BND official by correlating their residential location with their daytime activities.
Datastream Group and Datarade have yet to respond to inquiries regarding this matter.
The report also touches on the secretive nature of the work environment at the BND’s field office, where employees typically do not disclose their employment status and are required to surrender their mobile devices upon entry.
The Snowden disclosures of 2013 shed light on the role of the BND’s facility, known colloquially as “the Tin Can,” in the NSA’s global surveillance operations.
The data also revealed frequent visits by the identified BND official to American military installations in Germany, linking their residential address to U.S. military activities.
Moreover, the data exposed the movements of individuals associated with Germany’s domestic intelligence agency, whose employees also maintain confidentiality regarding their work and are obliged to leave their mobile phones at the entrance.
The acquired data points, found in parking areas and near various entrances, enabled further personal discoveries about the individuals, including names, social media profiles, and personal details gleaned from online activities.
The report by BR and netzpolitik.org underscores the national security implications of selling such data, while also emphasizing the broader privacy concerns as it reveals the potential to construct detailed movement profiles for millions of ordinary citizens.
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
