The NSA and other allied intelligence agencies are apparently using popular smartphone apps and games that leak data as a means to gather information on targets, according to documents shared by whistleblower Edward Snowden.
With the ubiquity of connected mobile devices like smartphones, smart watches, smart glasses and other wearable technology, privacy might just be a little more difficult to protect. But who knew that seemingly innocent applications and games are a potential avenue for eavesdropping by the NSA and other intelligence agencies that are bent on knowing our every move?
According to documents shared by whistleblower Edward Snowden with The Guardian, spy agencies like the NSA and its British counterpart, the GCHQ, are allegedly using data gleaned from “leaky” applications and piece together user information from this data. The Guardian used the popular Angry Birds franchise as an example, given the game’s propensity to transmit user data via the Internet, which include information like smartphone model, screen size and geo-location. To some extent, apps are even said to divulge name, age, sex and even sexual preference.
While Rovio, the developer of Angry Birds, has denied any knowledge or involvement it has been reported that spy agencies do practice piggybacking on commercial services in order to make their surveillance networks wider and more far-reaching. For instance, the NSA was reported to be collaborating with software developers and service providers in incorporating back-door access into their services.
Analysts at these security agencies have, after all, considered the proliferation of smartphones as a “golden nugget” in surveillance, due to their ubiquity and ability to track information and preferences. In fact, ad-supported apps and services like Gmail and Facebook already track user information. The same can be easily done by security agencies, who may have the ability to intercept the data transmissions at some point.
While President Barack Obama recently outlined the administration’s plans to curtail the NSA’s power, this still has a lot of grey areas to be resolved. For instance, spy agencies’ ability to track and store metadata (which can contain identifiable information when pieced together), but does not explicitly say anything about gathering data from “leaky” apps made by third parties.
Meanwhile, the GCHQ is reported to have access to several smartphone features that it can activate or control remotely, including tracking, microphone, power management and even self-protection. The British authorities are also monitoring social media activity to determine preference and conversations.
Still, the NSA maintains that it only monitors potential threats, and does not necessarily actively monitor all conversations it can eavesdrop on. “N.S.A. does not profile everyday Americans as it carries out its foreign intelligence mission,” the agency said in a statement. Protections are set in place for US and foreign citizens. Likewise, the British GCHQ said in a statement that its surveillance activities are “carried out in accordance with a strict legal and policy framework that ensures that [its] activities are authorised, necessary and proportionate.”
It should be noted that these surveillance activities are considered to be “passive”, which means that the government agency involved does not necessarily have to involve third-party service providers in obtaining the data it needs to run its operations.