Did you know Data Brokers Sold American Intelligence Locations, Traced Back to Lithuanian Ad-Tech Firm

 

It was shared last year that the location data for American military and intelligence personnel located overseas was sold by a data broker based in Florida. However, the source for that sensitive content was not shared at the time.

Now, we can confirm that it was done by several mobile platforms possessing revenue-sharing contracts with an advertising-tech firm based in Lithuania. It was then sold off further by an American firm.

So many platforms can store location data. Some platforms feel this is a necessity and there are map apps that can transit navigators along the process. Some camera apps store location when images are captured. The organization’s own camera platform can do this. For instance, they can search for images captured at different locations.

There is a whole array of examples linked to different apps that collect location data for no specific reason. iOS forces request permission for things like this and we’ve seen so many platforms show this request for no good reason. It’s quite likely that this happens as location data is very crucial for advertisers. So many developers sign contracts with advertising firms that enable ads inside apps to be targeted in a certain region. In return, they get a share of the revenue.

The issue is that so many of the agreements have vague terminology that enable location data to get resold. This is true even when the agreement does not allow for it. It came to people’s views that DataStream was putting location data for sale that belonged to American intelligence and military agencies. One investigation powered by Wired spoke about how the data was collected.

The combined investigation showed how Datastream was putting access to certain location points and data devices for sale that belonged to the military or intelligence. There were some overseas locations included as well such as airbases found in Germany. The data was sourced from different providers and then sold to other clients.

This data was taken through SDKs embedded inside the mobile applications by developers who integrated tracking tools in return for agreements related to revenue exchange with data brokers. After this report, the office of Senator Ron Wyden spoke about answers from Datastream Group about the role linked to the trafficking of different military personnel.

In reply, Datastream identified Eskimi as the main source. It’s based in Lithuania and it was claimed that the data wasn’t supposed to be re-sold. For now, it’s not clear at what stage these apps transformed to be a source of data as the investigations are continuing on this front. It’s similarly not clear if the agreements signed by developers enable the reselling of location points, instead of using them solely for ad-serving purposes on platforms.

It’s not suggested anyone specifically set out to capture data linked to the military but filtering out the locations points of American military bases at home and abroad would be trivial to highlight those involved and serving as military personnel.