IRS Could Search Warrantless Location Database Over 10,000 Times (vice.com) 16
An anonymous reader quotes a report from Motherboard: The IRS was able to query a database of location data quietly harvested from ordinary smartphone apps over 10,000 times, according to a copy of the contract between IRS and the data provider obtained by Motherboard. The document provides more insight into what exactly the IRS wanted to do with a tool purchased from Venntel, a government contractor that sells clients access to a database of smartphone movements. The Inspector General is currently investigating the IRS for using the data without a warrant to try to track the location of Americans. "This contract makes clear that the IRS intended to use Venntel's spying tool to identify specific smartphone users using data collected by apps and sold onwards to shady data brokers. The IRS would have needed a warrant to obtain this kind of sensitive information from AT&T or Google," Senator Ron Wyden told Motherboard in a statement after reviewing the contract. [...]
One of the new documents says Venntel sources the location information from its "advertising analytics network and other sources." Venntel is a subsidiary of advertising firm Gravy Analytics. The data is "global," according to a document obtained from CBP. Venntel then packages that data into a user interface and sells access to government agencies. A former Venntel worker previously told Motherboard that customers can use the product to search a specific area to see which devices were there, or follow a particular device across time. Venntel provides its own pseudonymous ID to each device, but the former worker said users could try to identify specific people. The new documents say that the IRS' purchase of an annual Venntel subscription granted the agency 12,000 queries of the dataset per year.
"In support of Internal Revenue Service (IRS) Criminal Investigation's (CI) law enforcement investigative mission, the Cyber Crimes Unit (CCU) requires one (1) Venntel Mobile Intelligence web-based subscription," one of the documents reads. "This allows tracing and pattern-of-life analysis on locations of interesting criminal investigations, allowing investigators to trace locations of mobile devices even if a target is using anonymizing technologies like a proxy server, which is common in cyber investigations," it adds.
One of the new documents says Venntel sources the location information from its "advertising analytics network and other sources." Venntel is a subsidiary of advertising firm Gravy Analytics. The data is "global," according to a document obtained from CBP. Venntel then packages that data into a user interface and sells access to government agencies. A former Venntel worker previously told Motherboard that customers can use the product to search a specific area to see which devices were there, or follow a particular device across time. Venntel provides its own pseudonymous ID to each device, but the former worker said users could try to identify specific people. The new documents say that the IRS' purchase of an annual Venntel subscription granted the agency 12,000 queries of the dataset per year.
"In support of Internal Revenue Service (IRS) Criminal Investigation's (CI) law enforcement investigative mission, the Cyber Crimes Unit (CCU) requires one (1) Venntel Mobile Intelligence web-based subscription," one of the documents reads. "This allows tracing and pattern-of-life analysis on locations of interesting criminal investigations, allowing investigators to trace locations of mobile devices even if a target is using anonymizing technologies like a proxy server, which is common in cyber investigations," it adds.
Re: (Score:2)
And yet the 3 letters cant get these fuckfaces off Slashdot. Way to go useless 3 letter agencies.
Re: (Score:2)
I think you are confusing detectors with jammers. Detectors are legal in almost every state.
DARPA? (Score:5, Insightful)
The total internet is backdoored. This is just one little incident that happened to have gotten found out about.
All 3 lettered agencies have backdoors. Period.
Our society is so stupid.
Re: (Score:2)
The only fucking I want you to do is to FUCK OFF.
Earth to Sen Wyden... (Score:3)
The reason they don't need a warrant to do this is because of the fact that users are "voluntarily giving up" this data to the apps and people like you have never written sweeping privacy laws to fix it. Don't blame the IRS for behaving legally. They haven't violated the fourth amendment, Stored Communications Act, etc. They are just walking through the massive loophole that modern tech enables and that your peers haven't closed--presumably because closing it would mean a financial Holocaust for Big Tech that's dependent on targeted ad revenue.
Stop grandstanding and just do something about it. Like, you know, pass a bill that one-ups the GDPR.
You know what the Internet really needs? Is for the US and EU to take a flamethrower to the "free service, but you're the product" business model.
Re: Earth to Sen Wyden... (Score:3)
Re: (Score:2)
"Could", or "was able to"? (Score:2)
Re: (Score:2)
More concerning, "over 10,000 times" could mean 10,001 of a billion or infinity.
In this case they had a license that allowed 12,000 queries. They "could have" accessed up to 12,000 times. They "would have been able to". It is supposed to be describing an upper limit.
"Were able to" suggests they actually did access over 10,000 times. I suspect that is the intended meaning. 12,000 max allowed and used between 10k and 12k.
Either way it's shit writing.
Noone could have seen this coming... (Score:1)
Re: (Score:2)
It's only a "loophole" if it's legal.
If it's illegal, it's not a hole.
The IRS is being investigated for potentially illegal activity. As it should be, because the activity may have been illegal.