U.S. & British spy agencies piggyback on ‘leaky’ apps for intel
U.S. and British intelligence agencies have plotted ways to gather data from Angry Birds and other smartphone apps that leak users' personal information onto global networks.
It was citing previously undisclosed intelligence documents made available by fugitive American spy agency contractor Edward Snowden.
The U.S. National Security Agency (NSA) and its British counterpart, the Government Communications Headquarters (GCHQ), have been taking advantage of increasing volumes of personal data that spill onto networks from new generations of mobile phone technology. They’ve been developing capabilities to piggyback onto ‘leaky’ smartphone apps, such as the wildly popular ‘Angry Birds’ game, that transmit users' private information across the internet, according to top secret documents.
The U.S. and British agencies were working together on ways to collect and store data from smartphone apps since 2007.
The agencies have traded methods for collecting location data from a user of Google Maps and for gathering address books, buddy lists, phone logs and geographic data embedded in photos when a user posts to the mobile versions of Facebook, Flickr, LinkedIn, Twitter and other services.
Snowden, who is living in asylum in Russia, faces espionage charges in the United States after disclosing the NSA's massive telephone and Internet surveillance programs last year.
His revelations and the resulting firestorm of criticism from politicians and privacy rights activists prompted U.S. President Barack Obama to announce intelligence-gather reforms on 17th January, including a ban on eavesdropping on the leaders of close allies and limits on the collection of telephone data.
The report said the scale of the data collection from smartphones was not clear but the documents showed that the two national agencies routinely obtained information from certain apps, including some of the earliest ones introduced to mobile phones.
The agencies also made use of their mobile interception capabilities to collect location information in bulk, from Google and other mapping apps. One basic effort by GCHQ and the NSA was to build a database geolocating every mobile phone mast in the world – meaning that just by taking tower ID from a handset, location information could be gleaned.
A more sophisticated effort, though, relied on intercepting Google Maps queries made on smartphones, and using them to collect large volumes of location information.
Scooping up information the apps are sending about their users allows the agencies to collect large quantities of mobile phone data from their existing mass surveillance tools – such as cable taps, or from international mobile networks – rather than solely from hacking into individual mobile handsets.
Exploiting phone information and location is a high-priority effort for the intelligence agencies, as terrorists and other intelligence targets make substantial use of phones in planning and carrying out their activities, for example by using phones as triggering devices in conflict zones. The NSA has cumulatively spent more than $1bn on its phone targeting efforts.
The disclosures also reveal how much the shift towards smartphone browsing could benefit spy agencies' collection efforts.