The US National Security Agency and its UK counterpart, GCHQ, have the ability to harvest sensitive personal data from phone apps that transmit users’ data across the web, such as the extremely popular Angry Birds game.
The US National Security Agency and its UK counterpart, GCHQ, have the ability to harvest sensitive personal data from phone apps that transmit users’ data across the web, such as the extremely popular Angry Birds game, RT website reported.
Along with obtaining information about the specific dimensions and model of an individual’s iPhone or Android, the intelligence agencies are also able to acquire details on that person’s age, gender, and location. Details about a user’s political affiliation may also be vulnerable.
This information – which was revealed in dozens of top secret documents provided by NSA whistleblower Edward Snowden – was first reported Monday by the Guardian in partnership with the New York Times and ProPublica.
Both the NSA and GCHQ are able to “piggyback” on third party advertisements that a user unwittingly brings onto their device when they first download an app. Those ads, along with geolocation information embedded in images a user uploads to a social media site like Facebook and Twitter, essentially pinpoints where an individual is in the world.
The slides published Monday by the Guardian also show that the intelligence behemoths can glean a person’s home country, current location, age, gender, zip code, marital status – with “single,” “married,” “divorced,” and more among the options – income, ethnicity, education level, and number of children.
A more sophisticated effort collects location information by intercepting Google map queries from smartphones. It was deemed to be so successful that GCHQ noted in a 2008 document that it “effectively means that anyone using Google maps on a smartphone is working in support of a GCHQ system.”
Scooping up data from apps allows the agencies to gather large quantities of mobile phone data from their existing mass surveillance tools rather than hacking into individual mobile handsets.
Tapping into phone information is a high priority effort for the agencies, as terrorists and other intelligence targets often use mobile phones to plan illegal activities.
One effort by GCHQ and the NSA consists of a database that geolocates every mobile phone mast in the world. This allows the agencies to gather the mast ID used with any handset, thus giving them a rough location for a particular phone.
Thus it’s the actual phone handset that remains of paramount importance. GCHQ’s tools against smartphones are named after characters in ‘The Smurfs’ cartoon. The ability to make a phone’s microphone ‘hot’ – in order to listen to conversations – is known as “Nosey Smurf.” The sophisticated geolocation ability is called “Tracker Smurf.” Power management – the ability to activate a phone that is turned off – is known as “Dreamy Smurf.” The spyware’s self-hiding capabilities are called “Paranoid Smurf.”