What is Fog Data Science? Why is the Surveillance Company so Dangerous?
An EFF investigation of public records acquired from dozens of state and local law enforcement agencies has uncovered a widely-used mass surveillance technology. Americans are accustomed to hearing about how the National Security Agency (NSA), the Central Intelligence Agency (CIA), and even the domestically-focused Federal Bureau of Investigation (FBI) have illegally swept up massive amounts of data on people living in the United States—but what about the state and local police? Fog Data Science LLC, a previously unknown company, provides law enforcement with easy and often warrantless access to the precise and continuous geolocation of hundreds of millions of unsuspecting Americans, collected through their smartphone apps and then aggregated by shadowy data brokers.
What is Fog Data Science?
Fog Data Science is a company that purchases raw geolocation data originally collected by applications people use every day on their smartphones and tablets. Those applications gather location data about where your phone is at any given moment and sell it to data brokers, who in turn sell it most often to advertisers or marketers who try to serve you ads based on your location. That’s where Fog swoops in. According to documents created by the company, Fog purchases “billions of data points” from some “250 million devices” around the United States, originally sourced from “tens of thousands” of mobile apps. Then, for a subscription fee that many law enforcement agencies are happy to pay, Fog provides access to a massive, searchable database of where people are located.
This means that police can open up their Fog map and do a number of things. They can draw a box and see identifiers representing every device within that geographical area at a given time frame. They can also use a device’s ID to trace that device’s precise location history over months or even years. Fog does not require police officers to obtain a warrant or other court order before acquiring this location data (unlike communication service companies that hold their customers’ location data and generally do require a court order). Likewise, many police departments that use Fog do not require their officers to get a warrant.
This means that police, sometimes without a warrant, have the ability to track the precise movements of hundreds of millions of Americans as they go about their day. This is mass surveillance, often with no judicial oversight.
Location-Based Services Market by Type and Geography - Forecast and Analysis 2022-2026
NEW YORK, July 15, 2022 /PRNewswire/ -- The latest market analysis report titled Location-Based Services Market by Type and Geography - Forecast and Analysis 2022-2026 has been added to Technavio's catalog. Location-based services (LBS) are part of a software application that uses location data for IP-capable mobile devices to trace where the mobile device is located. The analysts at Technavio have categorized the global location-based services (LBS) market as a part of the global communications equipment market. 49% of the market's growth will originate from North America with the US emerging as the is the key revenue-generating economy. The increasing use of indoor LBS solutions in the retail sector will fuel the LBS market growth in the forthcoming years. In terms of the highest revenue-contributing segment, the outdoor type segment held the largest LBS market share. The segment will continue to account for the highest growth throughout the forecast period. The increasing applications of outdoor LBS in industries such as manufacturing, oil and gas, defense, and insurance will drive the segment growth in the coming years.
Is Your Printer Spying On You?
Imagine that every time you printed a document it automatically included a secret code that could be used to identify the printer - and potentially the person who used it. Sounds like something from an episode of "Alias " right?
Unfortunately the scenario isn't fictional. In a purported effort to identify counterfeiters the US government has succeeded in persuading some color laser printer manufacturers to encode each page with identifying information. That means that without your knowledge or consent an act you assume is private could become public. A communication tool you're using in everyday life could become a tool for US government surveillance. And what's worse there are no laws to prevent abuse.
'Five Eyes' Countries Will Seek to Scan Messages
The Five Eyes—an alliance of the intelligence services of Canada, New Zealand, Australia, the United Kingdom, and the United States—warned in 2018 that they will “pursue technological, enforcement, legislative or other measures to achieve lawful access solutions” if the companies didn’t voluntarily provide access to encrypted messages. More recently, the Five Eyes have pivoted from terrorism to the prevention of CSAM as the justification, but the demand for unencrypted access remains the same, and the Five Eyes are unlikely to be satisfied without changes to assist terrorism and criminal investigations too.
The United Kingdom’s Investigatory Powers Act, following through on the Five Eyes’ threat, allows their Secretary of State to issue “technical capacity notices,” which oblige telecommunications operators to make the technical ability of “providing assistance in giving effect to an interception warrant, equipment interference warrant, or a warrant or authorisation for obtaining communications data.” As the UK Parliament considered the IPA, we warned that a “company could be compelled to distribute an update in order to facilitate the execution of an equipment interference warrant, and ordered to refrain from notifying their customers.”
SS7： it needs to be replaced rather than patched up
SS7 tells the telephone network what number a user is calling or texting from, known as the "presentation number". This is crucial so that calls can be connected from one to another. The problem is that fraudsters can steal a presentation number, and then link it to their own number.
The issue affects both landlines and mobile phones, with SS7 still central to the 2G and 3G parts of mobile phone networks that continue to carry our voice calls and text messages - even if you have a 5G-enabled handset.
One theory is that the vulnerabilities of SS7 cannot be fixed because the telecoms firms need to give national security agencies access to their networks, but Mr Gribben says GCHQ (Britain's intelligence agency) can monitor communications without using SS7 loopholes.
The problem, he says, is that SS7 is still used in telecoms networks globally. And it needs to be replaced rather than patched up.