„Der Regierung wäre es nie erlaubt worden, Milliarden Menschen dazu zu verpflichten, jederzeit Geräte zur Standortüberwachung bei sich zu haben, ihre sozialen Interaktionen aufzuzeichnen oder lückenlose Aufzeichnungen ihrer Lesegewohnheiten vorzuhalten“, fasst das Office of the Director of National Intelligence zusammen. Doch Smartphones, vernetzte Fahrzeugen, Webtracking, das Internet der Dinge und „andere Innovationen“ hätten die gleichen Folgen, ohne dass die Regierung etwas tun müsse.
Archiv: PeekYou (corporation)
Bestätigt: US-Geheimdienste kaufen persönliche Daten – Datenschutzbedenken wachsen
Die Art und Weise, wie US-Geheimdienste Daten aus verbundenen Fahrzeugen, Webbrowser-Aktivitäten und Smartphones sammeln und nutzen, steht zunehmend im Fokus. Dabei besteht die Gefahr, dass die unregulierte Verbreitung und der Verkauf von privaten Informationen amerikanischer Bürgerinnen und Bürger deren Privatsphäre bedroht. Der Bericht wurde vom Büro des Direktors der nationalen Geheimdienste (ODNI) veröffentlicht.
In response to my request, DNI Haines has confirmed that the government is buying Americans‘ private data with no guardrails for when and how that data is used. If this isn‘t a wake up call for Congress to stop feds from buying up Americans‘ information, I don‘t know what is.
Office of the Director of National Intelligence Senior Advisory Group Panel on Commercially Available Information
(27 January 2022, approved for release by ODNI on 5 June 2023)
(U) EXECUTIVE SUMMARY
(U) There is today a large and growing amount of what the U.S. Intelligence Community (IC) refers to as “Commercially Available Information” (CAI). As the acronym indicates, and as we use the term in this report, CAI is information that is available commercially to the general public, and as such, is a subset of publicly available information (PAI). We do not use the term CAI to include, and we do not address in this report, commercial information that is available exclusively to governments. The volume and sensitivity of CAI have expanded in recent years mainly due to the advancement of digital technology, including location-tracking and other features of smartphones and other electronic devices, and the advertising-based monetization models that underlie many commercial offerings available on the Internet. Although CAI may be “anonymized,” it is often possible (using other CAI) to deanonymize and identify individuals, including U.S. persons.
(…)
Today, in a way that far fewer Americans seem to understand, and even fewer of them can avoid, CAI includes information on nearly everyone that is of a type and level of sensitivity that historically could have been obtained, if at all, only through targeted (and predicated) collection, and that could be used to cause harm to an individual’s reputation, emotional well-being, or physical safety.
(…)
(U) A May 2014 report from the Federal Trade Commission (FTC) provides a similar account:
(U) Data brokers collect data from commercial, government, and other publicly available sources. Data collected could include bankruptcy information, voting registration, consumer purchase data, web browsing activities, warranty registrations, and other details of consumers’ everyday interactions.
(…)
1.3. (U) Examples of CAI. We do not attempt a comprehensive description of the scope and scale of data that are available as CAI, or the relevant markets, in part because they are so large and so dynamic. However, a few examples of CAI offerings will illustrate the current nature of available offerings:
• (U) “Thomson Reuters CLEAR is powered by billions of data points and leverages cutting-edge public records technology to bring all key content together in a customizable dashboard.”
• (U) LexisNexis offers more than “84B records from 10,000+ sources, including alternative data that helps surface more of the 63M unbanked/underbanked U.S. adults.”
• (U) Exactis has “over 3.5 billion records (updated monthly)” in its “universal data warehouse.”
• (U) PeekYou “collects and combines scattered content from social sites, news sources, homepages, and blog platforms to present comprehensive online identities.”
(…)
As the FTC explained in its May 2014 report:
(U) Data brokers rely on websites with registration features and cookies to find consumers online and target Internet advertisements to them based on their offline activities. Once a data broker locates a consumer online and places a cookie on the consumer’s browser, the data broker’s client can advertise to that consumer across the Internet for as long as the cookie stays on the consumer’s browser. Consumers may not be aware that data brokers are providing companies with products to allow them to advertise to consumers online based on their offline activities. Some data brokers are using similar technology to serve targeted advertisements to consumers on mobile devices.
(…)
2.2. (U) Examples of CAI Contracts. The IC currently acquires a large amount of CAI. Unclassified IC and other contracts for CAI can be found at Sam.Gov, a U.S. government website that allows searching by agency or sub-agency and by keywords, among other things. By way of example only, this website shows that the following agencies have, have had, have considered, or are considering the following contracts or proposals related to CAI:
• (U) The Federal Bureau of Investigation (FBI) with ZeroFox for social media alerting (15F06721P0002431)
• (censored)
• U) The Defense Intelligence Agency (DIA) for social media reports on individuals who are seeking a security clearance (HHM402-16-SM-CHECKS), and with LexisNexis for “retrieval of comprehensive on-line search results related to commercial due diligence from a maximum number of sources (news, company, public records, legal, regulatory financial, and industry information),” among other things (HHM402-21-Q-0094)
• (U) The U.S. Navy with Sayari Analytics, Inc. for access to its database that “contains tens of thousands of previously-unidentified specific nodes, facilities and key people related to US sanctioned actors including ‘2+3’ threats to national security” (N0001518PR11212)
• (U) Various offices within the Treasury Department for access to Banker’s Almanac (RFQ-FIN-55100-21-0010)
• (U) The Department of Defense (DOD) for access to Jane’s online (W31P4Q17T0009)
• (U) The Coast Guard with Babel Street for “Open Source Data Collection, Translation, Analysis Application” (70Z08419QVA044).
(U) In addition, DIA has provided the following information about a CAI contract in an unclassified and publicly-available paper sent to Congress on January 15, 2021:
(U) DIA currently provides funding to another agency that purchases commercially available geolocation metadata aggregated from smartphones.
……………………………………
US intelligence agencies buy Americans’ personal data, new report says
The report was completed in January 2022 but only recently declassified. Democratic Sen. Ron Wyden of Oregon asked the ODNI for the report.
“Congress needs to pass legislation to put guardrails around government purchases, to rein in private companies that collect and sell this data, and keep Americans’ personal information out of the hands of our adversaries,” Wyden said in a statement Monday in response to the report.