A previously unknown National Security Agency surveillance program leaked by former contractor Edward Snowden reveals the agency collects large amounts of data from “leaky,” unsecured smartphone apps like Angry Birds, Google Maps, Facebook, Twitter, LinkedIn and more.
The Guardian, ProPublica and New York Times report the NSA and its British counterpart the Government Communications Headquarters can tap communications network cables to pull information like phone identification codes, contacts, location, age, sex, political affiliation and even sexual orientation, forgoing the need to hack individual phones directly.
One of the documents leaked by Snowden refer to the “rich resources” gathered from iPhone and Android devices as the “GoldenNugget!” and indicate the agencies have been routinely obtaining data from certain apps since at least 2007.
Looking up directions on Google Maps, uploading pictures to post on social media platforms, and playing games in which developers have embedded targeted ad content all leave behind a trail of byproduct data through which personal information can be easily derived.
According to the documents, the signals intelligence agency has already spent $1 billion on the programs. Another British intelligence document went as far as saying that anyone using Google Maps on a smartphone ”is working in support of a GCHQ system.”
Many of the apps have been downloaded millions or even billions of times, including Rovio’s popular “Angry Birds,” of which there have been numerous sequels and releases.
In a report from The Guardian, Rovio stated it was unaware of any collection of its data by intelligence agencies, and that it does not directly work with NSA or GCHQ. The New York Times report states researchers found Rovio to be collecting bulk data and passing it on to ad companies as far back as 2012.
Both Google and Millennial Media, which did ad work for Rovio, declined to comment on the programs, while the NSA released a statement saying the agency “does not profile everyday Americans as it carries out its foreign intelligence mission. Because some data of U.S. persons may at times be incidentally collected in N.S.A.’s lawful foreign intelligence mission, privacy protections for U.S. persons exist across the entire process.”