East Germany’s Ministry for State Security, better known as the Stasi, competed with the KGB for the title of world’s most feared intelligence agency during the Cold War.
The Stasi’s primary responsibility was spying on East German citizens, chiefly through a domestic surveillance network of as many as 500,000 “unofficial” informants and 1.5 million as “occasional” informants. Ultimately, nearly one in six East German citizens either worked for the Stasi outright or was an unofficial informant for it.
The Stasi systematically embedded snitches in virtually every apartment block across the country. Workplaces (both public and private) had their own informant network as well. In some cases, spouses even spied on each other.
The reunification of Germany, beginning in 1990, spelled the end of the Stasi’s 40-year history. When it was disbanded, the internet was in its infancy; most people didn’t even have email accounts. Yet its success in weaponizing information to crush dissent made it one of the most effective intelligence agencies in history in crushing political dissent.
This background came to mind recently when we reviewed a document the Defense Intelligence Agency issued in response to a query from the office of Senator Ron Wyden (D-OR). The declassified material confirmed that American intelligence agencies routinely bypass laws regulating surveillance by purchasing location data about cellphone users from private companies. Senator Wyden wanted to know if the DIA was obtaining search warrants to obtain this information, as a 2018 Supreme Court case concerning a criminal defendant named Timothy Carpenter requires.
Per the agency’s response to Wyden’s inquiry, the “DIA does not construe the Carpenter decision to require a judicial warrant endorsing purchase or use of commercially available data for intelligence purposes.” In other words, the DIA is engaged in what we view as “data laundering”: acquiring information on the open market that would be illegal for the agency to gather directly.
But the DIA is hardly the only agency using purchased, quasi-legal location data to carry out surveillance. Others include the Department of Homeland Security, Customs and Border Protection, and the IRS.
Location tracking seems to be merely the first phase of more comprehensive tracking efforts. An example is technology developed by a company called SignalFrame, which claims on its website that it “harnesses billions of detectable Wi-Fi and Bluetooth signals to reveal the world through signals.” Its SignalGraph platform “enables a new generation of proximity services and delivers unprecedented brand and product market intelligence.”
SignalGraph operates by turning your smartphone into an eavesdropping device that detects wireless signals from other nearby smart devices. It only works with Android phones, not iPhones, but Android devices account for 70% of the global smartphone market.
One SignalFrame client is the US Air Force, which appears to be intrigued by the idea of not only knowing your geographical location, but also what you’re doing there and who you’re doing it with. And since the information is commercially available, no warrant is required for this type of surveillance. Effectively, it’s data laundering on steroids.
Of course, mass surveillance of this type is nothing new. In 2013, whistleblower Edward Snowden revealed that the National Security Agency’s ultra-secretive PRISM initiative involves the agency tapping directly into the server hubs of leading internet companies to extract audio and video chats, photographs, e-mails, documents, and connection logs. Companies mentioned in the documents include Microsoft, Yahoo, Google, Facebook, Paltalk, AOL, Skype, YouTube, and Apple.
The NSA has essentially placed a drift net across the electronic spectrum to capture everything transmitted over it. One of the documents Snowden acquired describing PRISM’s capabilities looked like this:
It turns out that much, if not most, of the data sucked up by the NSA (and more recently companies like SignalFrame) comes from apps popularly installed smartphones. One such app is TikTok, a social media platform widely used by teenagers. TikTok admits that it collects usage information and IP addresses, the identity of your cellular company and your keystroke patterns, and your location data, among other information.
However, TikTok’s corporate parent is a Chinese company. Thus, in August 2020, President Trump signed an executive order that would remove TikTok from US domestic app stores because the platform poses a security risk. The ban never came into effect and the order was reversed by President Biden. But if TikTok is a security risk to the average American user, so are the apps targeted by PRISM, along with virtually every other app installed on your smartphone. Just imagine how much more efficient the Stasi would have been if all East German citizens had been issued an Android device!
How can you protect yourself? One simple, albeit draconian, solution to end it is to throw away your smartphone. Replace it with a burner – a cheap mobile phone and prepaid voice and internet service purchased with cash. Follow this link to learn where to buy one or set one up.
If you want to keep your smartphone, the NSA itself has some suggestions to help us maintain privacy, although not “us” as in ordinary Americans. Instead, the NSA’s guidance applies to American spies, military personnel, and government contractors on missions in which failing to limit “location data exposure” could jeopardize the mission’s success. Or, for that matter, result in injury or death to those involved.
Among the most important precautions to take, according to the NSA, are to turn off “find my phone” services, Wi-Fi, and Bluetooth on your device. And of course, you should turn off location sharing on your smartphone, although that will seriously limit the functionality of many of your apps. The agency also reminds us that simply turning on an internet-connected mobile device exposes location data. And “even if cellular service is turned off on a mobile device, Wi-Fi, and Bluetooth can be used to determine a user’s location.”
What’s more, the NSA admits that “detecting compromised mobile devices can be difficult or impossible. Such devices may store or transmit location data even when location settings or all wireless capabilities have been disabled.”
It’s a good time to throw out your smartphone, or at least begin to secure it, today. Big Brother certainly isn’t going to do it for you.