Customs And Border Protection Bought Half A Million Dollars Worth Of Location Data

Submitted by Sovereign Man

Customs and Border Protection (CBP) just got its hands on a whole bunch of location data. The news service Motherboard (Vice’s technology segment) uncovered a procurement order for $476,000 paid to the company Venntel Software last month. Venntel specializes in location data mining, compiling and selling GPS data gathered on users from various phone apps.

Sources who work with Venntel gave Motherboard more insight into the type of data the government now has its hands on.

Venntel’s technology only gives anonymized data, meaning it does not identify specific people or phone numbers. It gives only a randomized identification number. BUT there is an easy way to identify the owners of the phone.

The technology allows the CBP to draw a perimeter around a geographical area, and obtain the location data for any phones in that area. In this way, CBP could draw a circle around one particular home, acquire the data from it, and surmise that the few devices in that home belong to the homeowners.

What this means:

This allows Customs and Border Protection to ignore laws that require them to obtain a warrant before surveilling particular subjects. They simply purchase the data, instead of having to show probable cause that a crime has been committed.

And keep in mind that CBP does not just target immi'It’s just a question of, one, is it ethical, and two, does that open up the information to being released elsewhere?,'grants. They recently flew their surveillance drones over cities outside the border zone to help other local and federal law enforcement agencies identify and monitor protesters. Of course, CBP is being tight lipped about what exactly the Venntel software will be used for.

A CBP spokesman said:

"Consistent with its border security and law enforcement authorities, CBP has acquired limited access to commercial telemetry data through the procurement of a limited number of licenses to a vendor provided interface."

This is not the first government agency to use this loophole to skirt the intent of the Fourth Amendment-- which requires a warrant to collect certain personal information on people. In June, the House Oversight Committee opened an investigation into Venntel’s sales of personal data to the Department of Homeland Security, Internal Revenue Service, and Federal Bureau of Investigation.

Users generally have to consent in cell phone applications to allow this type of data to be collected for marketing purposes. But that consent does not include government surveillance.

What you can do about it:

Of course, the fewer apps you give permission to share your location with, the less vulnerable you will be to this particular software identifying you. In a recent, exclusive interview for Total Access (Sovereign Man’s top-tier service), Simon talked to a world-class security expert who worked in military cybersecurity.

He gave some tips on how to stop your devices from handing out your personal data.

Compartmentalize.

Use different phones. One you trust more, and one you trust less-- and therefore avoid putting personal or sensitive information on it.

For instance, people can hack into your device through sophisticated tools such as Pegasus-- spyware that can gain access through a phone call or text.

That’s how Jeff Bezos was targeted by the Saudis who stole pictures from his phone which Bezos had sent to his mistress (and it cost Bezos about $40 billion in a divorce).

If Bezos had one phone for close friends and family, and a second phone for talking to sketchy Saudi Princesses, this situation could have been avoided.

Depending on your security goals, you could, for instance, keep one phone for downloading all the apps you want that may see your location, and a different phone which you take with you to places you don’t want to be tracked.

Internet of Things devices like your Smart TV, refrigerator, or baby monitor-- any appliance that connects to the Internet-- are not very secure. They open holes on your network to the Internet where automated scanning can be used by hackers to find places to exploit.

Hackers could use unsecured devices to do nefarious things and make it look like it came from your IP address. Or they could access your other devices (like phones and laptops) from the hacked device.

To protect against this, set up two different wifi networks, which you can do from the same router. Put all your Internet of Things devices on one network, and the Internet you actually use for phones and laptops on the other.

That fences off your personal devices, so if anyone gains access to your Smart TV for instance, they cannot also access your main devices. The TV can’t see your laptop because they are on different networks.

Other ways to compartmentalize:

  • Use a password generator and secure manager (like 1password.com or Bitwarden.com) to create random, different passwords for each account.
  • Use different email addresses for each account. You can create email aliases and multiple addresses, and forward them to your main account with tools from simplelogin.io or anonaddy.com.
  • Use different phone numbers (which you can acquire from Google Voice or other VoIP services). That way fewer people have access to your main number. Your main number could be exploited to gain access to more secure accounts, or for a SIM swap attack, where hackers transfer your phone number to their device, and can then receive reset codes for any accounts linked to that number.

It’s a good idea to get started, little by little, understanding how cyber-security for your personal life works, at least at a basic level. A little homework makes you more vigilant to the threats, and allows you to recognize and avoid common vulnerabilities.