U.S.

Report: Spy agencies comb through ‘leaky’ phone apps for personal data

Shortly after revelation, US moves to allow tech firms to release more data on NSA information demands

The NSA and its British counterpart frequently exchange techniques for snatching info from a user’s address books and phone logs, according to reports.
Chris Ratcliffe/Bloomberg/Getty Images

The National Security Agency and its British counterpart regularly comb through phone apps for user data — including details such as age, gender and location — in their global search for “terrorism” suspects, according to secret documents provided by former NSA contractor Edward Snowden, the New York Times, the Guardian and the nonprofit news site ProPublica reported Monday.

A few hours afterward, the government and Internet giants including Google, Yahoo and Microsoft reached a deal that will allow them to disclose data on how often the NSA and other federal agencies ask them to turn over customer information as part of national security investigations.

Since 2007, the NSA and Britain’s Government Communications Headquarters (GCHQ) have exploited data from dozens of so-called leaky apps — the agencies were particularly interested in Angry Birds and Google Maps apps —that provide everything from a user’s location to their smartphone identification codes.

The two spy agencies frequently exchange techniques for snatching info from a user’s address books and phone logs, as well as geographic data stamped on photos and circulated online via mobile versions of Twitter, Facebook and LinkedIn.

Intelligence agencies’ focus on apps shows how seemingly harmless software can be turned into instruments of espionage. Angry Birds, the birds-versus-pigs game which has been downloaded more than 1.7 billion times worldwide, was one of the most eye-catching examples.

It wasn’t clear precisely what information can be extracted from which apps, but one of the slides gave the example of a user who uploaded a photo using a social media app. Under the words, “Golden Nugget!” it said that the data generated by the app could be examined to determine a phone's settings, where it connected to, which websites it had visited, which documents it had  downloaded, and who its users' friends were.

One of the documents said that apps could even be mined for information about users' political alignment or sexual orientation.

NSA
Click for the latest news and analysis on the NSA.

The NSA did not directly comment on the reports but said in a statement that the communications of those who were not "valid foreign intelligence targets" were not of interest to the spy agency. Britain’s GCHQ said it did not comment on intelligence matters, but insisted that all of its activity was "authorized, necessary and proportionate."

Earlier this month, President Barack Obama called on the federal government to curtail its collection of phone data from millions of Americans, ordering intelligence agencies to obtain permission from the secretive Foreign Intelligence Surveillance Court before accessing such records.

"The reforms I'm proposing today should give the American people greater confidence that their rights are being protected, even as our intelligence and law enforcement agencies maintain the tools they need to keep us safe," he said in a speech at the Justice Department on Jan 17.

If fully implemented, Obama’s directive would significantly change the NSA’s ability to collect bulk data from phone records. The president gave intelligence agencies 60 days to recommend options for storing already retrieved bulk data.

Obama has defended surveillance programs, revealed over the past six months, as necessary tools in the fight against terrorism. But recently he has attempted to straddle the line between intelligence gathering agencies and privacy advocates, saying he understands that the public is concerned about privacy.

The scale of the data collection from phone apps, as reported by the Times and ProPublica on Monday, is not clear. Nor do the secret documents address how many users may be affected and how often. But the two spy agencies regularly scoop up data from smartphones, according to the reports, generating such a massive volume of digital traces left by mobile phones that classified NSA computers had trouble storing it all.

"N.S.A. does not profile everyday Americans as it carries out its foreign intelligence mission," the agency told the Times in a written response. "Because some data of U.S. persons may at times be incidentally collected in N.S.A.'s lawful foreign intelligence mission, privacy protections for U.S. persons exist across the entire process."

With wire services

Find Al Jazeera America on your TV

Get email updates from Al Jazeera America

Sign up for our weekly newsletter

Get email updates from Al Jazeera America

Sign up for our weekly newsletter

Join the Conversation