British and U.S. intelligence agencies have been working on exploiting "leaky" apps that betray tons of personal information from your location to gender and age. How personal can this get? "A secret 2012 British intelligence document says that spies can scrub smartphone apps that contain details like a user’s 'political alignment' and sexual orientation." Whether or how much it's being used now isn't known.
The N.S.A. and Britain’s Government Communications Headquarters were working together on how to collect and store data from dozens of smartphone apps by 2007, according to the documents, provided by Edward J. Snowden, the former N.S.A. contractor. Since then, the agencies have traded recipes for grabbing location and planning data when a target uses Google Maps, and for vacuuming up address books, buddy lists, phone logs and the geographic data embedded in photos when someone sends a post to the mobile versions of Facebook, Flickr, LinkedIn, Twitter and other services.According to this story, the two intelligence agencies were particularly interested in Google Maps, and "collect so much data from the app that 'you’ll be able to clone Google’s database' of global searches for directions, according to a top-secret N.S.A. report from 2007." The agencies are exploiting the information apps developers and Web ad companies have embedded in their tools and marketing. In one case, the ad company Millennial Media embeds ads in Angry Birds, and collects an insane amount of personal information including "ethnicity, marital status and sexual orientation," and within those options, "single, married, divorced, engaged and 'swinger'; those for sexual orientation are straight, gay, bisexual and 'not sure.'”
The eavesdroppers’ pursuit of mobile networks has been outlined in earlier reports, but the secret documents, shared by The New York Times, The Guardian and ProPublica, offer far more details of their ambitions for smartphones and the apps that run on them. The efforts were part of an initiative called “the mobile surge,” according to a 2011 British document, an analogy to the troop surges in Iraq and Afghanistan. One N.S.A. analyst’s enthusiasm was evident in the breathless title—“Golden Nugget!” — given to one slide for a top-secret 2010 talk describing iPhones and Android phones as rich resources, one document notes.
The scale and the specifics of the data haul are not clear. The documents show that the N.S.A. and the British agency routinely obtain information from certain apps, particularly some of those introduced earliest to cellphones. With some newer apps, including Angry Birds, the agencies have a similar capability, the documents show, but they do not make explicit whether the spies have put that into practice.
Perhaps the most valuable and timely nugget within this newly released report and information is that it confirms findings of both the president's NSA reform advisory board and the Privacy and Civil Liberties Oversight Board that the NSA might just be gathering more information than it can effectively deal with. "Crunching just one month of N.S.A. cellphone data, a secret report said, required 120 computers and turned up 8,615,650 'actors'—apparently callers of interest. A similar run using three months of British data came up with 24,760,289 actors." It's too much data for the computers to sort through, and if anything suspicious had turned up in what had been sorted through, the report didn't include it.