Digital rights advocates reacted with alarm to a report published Friday detailing how Defense Intelligence Agency analysts in recent years bought databases of U.S. smartphone location data without first obtaining warrants.
The Defense Intelligence Agency (DIA) is part of the Department of Defense and is tasked with informing military and civilian policymakers about the activities and intentions of foreign governments and nonstate actors.
The new revelation, first reported by the New York Times, initially came in the form of DIA responsesto questions from Sen. Ron Wyden (D-Ore.) regarding the agency’s warrantless purchase of commercial location data generated by phones both inside and outside of the United States.
Wyden asked the DIA to clarify its interpretation of Carpenter v. United States, a 2018 U.S. Supreme Court decision barring law enforcement agencies from requesting personal location information from a cellphone company without first obtaining a search warrant from a judge.
“DIA does not construe the Carpenter decision to require a judicial warrant endorsing purchase or use of commercially-available data for intelligence purposes,” the agency replied, implicitly acknowledging its exploitation of an apparent loophole in the case that DIA believes permits its warrantless acquisition of location data from third-party brokers.
Furthermore, Wyden asked whether DIA operatives differentiated between phone location data obtained inside the U.S. and abroad.
“DIA’s data provider does not supply separate streams of U.S. and foreign location data,” the agency explained, “and so DIA processes the location data as it arrives to identify U.S. location data points, which it segregates in a separate database.”
“DIA personnel can only query this database of U.S. location data when authorized by the DIA chief of staff and DIA’s office of general counsel,” it added. “Permission to query DIA’s database of commercially acquired U.S. device location data has been granted five times in the past two-and-a-half years, when DIA first started buying this source of data.”
Last September it was revealed that the U.S. military was purchasing device location data from apps—including a Muslim prayer app used by tens of millions of people around the world—and using it for counterterrorism purposes.
“The military industrial complex and the surveillance state have always had a cozy relationship with tech,” Rep. Ilhan Omar (D-Minn.) said at the time. “Buying bulk data in order to profile Muslims is par for the course for them—and is absolutely sickening. It should be illegal!”
To that end, the ACLU in December filed a lawsuit to determine how and why federal agencies are buying access to bulk databases of Americans’ cellphone location information and skirting the Fourth Amendment’s warrant requirement.
And as The Hill reported Friday, Wyden plans to introduce legislation—the Fourth Amendment Is Not for Sale Act—which would prohibit government agencies from buying personal information from data brokers.
“I think we’ve really reached the point where you have so much data floating around that governments can essentially buy their way around the Fourth Amendment,” Wyden lamented last November.
In a Senate speech on Wednesday, Wyden condemned the status quo “in which the government, instead of getting an order, just goes out and purchases the private records of Americans from these sleazy and unregulated commercial data brokers who are simply above the law.”
Digital and pivacy rights advocates agree.
“The government cannot simply buy our private data in order to bypass bedrock constitutional protections,” senior ACLU staff attorney Ashley Gorski told The Hill. “Congress must end this lawless practice and require the government to get a warrant for our location data, regardless of its source.”
News of the DIA warrantless data acquisition came a day after Avril Haines was sworn in as President Joe Biden’s director of national intelligence. Haines will oversee the nation’s 18 intelligence agencies, including the DIA.
During her Senate confirmation hearing earlier this week, Wyden asked Haines about government abuse of commercially available location data.
“I would seek to try to publicize, essentially, a framework that helps people understand the circumstances under which we do that and the legal basis that we do that under,” she replied. “I think that’s part of what’s critical to promoting transparency generally so that people have an understanding of the guidelines under which the intelligence community operates.”