When the Biden administration proposed new protections earlier this month to prevent law enforcement from seeking reproductive health data from companies, they took an important first step in protecting our personal data. But there remains a separate, serious gap in data privacy that Congress needs to address.
While the constitution prohibits the government from forcing companies to return your sensitive data without due process, no law or regulation prevents them from purchasing it.
And the US government has been buying private data for years.
Despite Supreme Court rulings that the government cannot obtain sensitive personal data like your location without a warrant, sketchy data brokers can and do sell this information directly to the government. They are taking advantage of a loophole in our constitutional protection against surveillance: because this data is sold on the open market, the government is not required to compel anyone to provide it. They can buy it easily without any oversight or legal ramifications.
Congress needs to completely ban the government from buying sensitive geolocation data – not just prevent its seizure. As long as agencies and law enforcement can legally purchase this sensitive information from data brokers, there is little point in constitutional limits on the government’s ability to seize this data.
The FBI, the military, and many other government and regulatory agencies are frequent customers of these data brokers, both domestically and abroad. The data they buy gives them an alarming amount of power to collect sensitive information from large groups of people.
The biggest victims of government surveillance are often marginalized communities. For example, the military bought sensitive geolocation data collected from Muslim prayer apps and Muslim dating apps to track users. The broker that sold the user geolocation data, Locate X, claims to be “widely used” by the military, intelligence agencies and multiple levels of law enforcement. Immigration and Customs Enforcement (ICE) has also drawn criticism for buying user data in order to track migrants and skirt sanctuary laws.
Even the National Guard is taking advantage of surveillance loopholes, buying data to target and recruit high schoolers. And the FBI buys geolocation data to track millions of phones — without a warrant.
We have already seen the potentially harmful consequences of personal data and tracking being used by employers and landlords to the detriment of workers or tenants. Placing that information in the hands of government bodies whose decisions carry the weight of law presents an even more serious issue.
Government agencies are often resistant to disclosing how they use privately purchased data for law enforcement operations, but such purchases allow them to evade surveillance restrictions put in place to protect our civil rights. allows. Police departments are cracking down on facial recognition by turning to third-party vendors for their facial recognition search results. In 2018, ICE claimed to have made an arrest and deportation from a “routine traffic stop”, but also incidentally procured specific cellular phone tower data that could have helped with the arrest.
To make matters worse, the data being sold to these powerful institutions may not even be accurate. In addition to being vulnerable to hacking, information brokers often rely on discriminatory algorithms and biases and even then your age, ethnicity and religion can often be mistaken when creating profiles. When the government takes law enforcement action based on inaccurate data, the rights of all Americans are at risk.
Biden’s proposed protections for reproductive health data are a step in the right direction, but it’s not nearly enough on its own. Congress should ban government purchases of sensitive location data and plug this huge hole in data privacy – because as long as your information is for sale, the government will keep buying it.