top of page

Surveillance for the Highest Bidder, Part I

With the release of his new book, "Means of Control”, The Wall Street Journal reporter Byron Tau tells the story of surveillance practices of the U.S. government that are enabled by commercial data brokers and the smartphones we carry with us every day. The book, along with an excerpt published on Wired, has gained widespread attention in the U.S. and even brought the author onto a recent episode of Jon Stewart’s critically acclaimed The Daily Show. At the core of his book, Tau addresses an uncomfortable issue: Our smartphones constantly collect data that reveals not only our behaviours in the digital world but also our movements in the physical one. The technology that enables actors to access and use this data for geolocation tracking – internet advertisements – seems almost banal. However, as Tau reveals, the use of advertisement, or adtech data, to gather intelligence from smartphones is anything but new and has been referred to by its own term in the mid-2010s: ADINT, in reference to the monickers commonly used for intelligence categories such as human intelligence (HUMINT), and open-source intelligence (OSINT). And while Tau’s focus is on the use of ADINT by the U.S. government, it is based on freely available commercial data that can be used by private entities and other non-governmental actors to conduct open-source intelligence operations on individuals and organisations.


In this first instalment of a two-part series, we explain the technology behind ADINT, how it works, and the risks and opportunities of ADINT related to therisk intelligence field.


In order to understand ADINT, it is necessary to first understand the workings of the online advertising ecosystem. Borrowing the taxonomy used by Vines, Roesner and Kohno, the presentation of online ads on websites or apps happens in the form of an auction: Ads are served to end device users through cookies, which are data points that are saved by the browser or app, containing pieces of information about the user’s behaviour in the particular online space. On mobile devices, which are especially interesting for ADINT since people carry them everywhere, a so-called Mobile Advertisement ID (MAID) is used. The MAID acts as an identifier for all cookies by all browsers and apps on the device. Free ad space is provided by the owners - or publishers - of the websites or apps. This ad space is managed by so-called Supply Side Providers (SSPs), who obtain cookies or the MAID from the publishers and auction off the information about the user and their behaviour to bidders, the Demand Side Providers (DSPs). These DSPs manage the auctioning process on behalf of advertisers. In their position, DSPs have access to either or both user information from the SSPs, or they maintain their own databases about user information based on previous auctions. This puts DSPs in a position where they can essentially become data brokers of personal data, which they can pass on to a willing buyer, and in some cases, even law enforcement agencies acting without a warrant. An ADINT Operator can also pose as an advertiser without the DSPs explicit knowledge, to obtain user information from the DSP and use it to spy on the device of their interest.


1: Illustration of the online advertising ecosystem. Adapted from Vines, Roesner and Kohno (2017)


As a result of this ecosystem, a wide range of actors can access user information that is being auctioned off to advertisers targeting users with the highest likelihood of interacting with their ads.   

   

The apps that present the opening for ADINT surveillance seem innocent and are used by ordinary people daily: Every time a navigator app is allowed to receive a GPS signal to show the user’s current location, this data is saved in the form of cookies in the app and gets auctioned off to DSPs. The same is true for ride-sharing apps, mobile games, social media, and even weather apps. Whenever a user permits these applications to use the device location, this information enters the advertising ecosystem by default. The use of location data by dating apps is a particularly sensitive issue: Location data from Grindr, a dating app targeted towards gay and bisexual men, has repeatedly been used to facilitate the geotracking of individuals, with devastating effects for  its victims. The use of apps like Grindr reveals particularly sensitive private information about vulnerable individuals which can be used to more easily identify a particular person in a pool of anonymised information. Furthermore, manually disabling these location features on a device is not always an optimal solution, as it often results in limited app functionality.


Because the auctioned data is mostly historical, it does not allow real-time geotracking of a device. Instead, it enables the creation of a person’s so-called pattern of life: For example, it can suggest where the device owner lives by showing where the device tends to rest in the evenings and where they work by showing where the device regularly travels during working hours. Additionally, it can provide information on other locations the device visits when certain apps are active. Is the device owner using mobile games in their work location? Are they using dating apps in the evening while at home? And how much time do they spend in these places? All this information can potentially be determined through ADINT.


2: Illustration of geotracking. The red dots mark locations of app usage, the black lines routes of travel. From Vines, Roesner & Kohno (2017), p.6.


This has certain implications for the field of risk intelligence: First, risk intelligence companies can use ADINT to create pattern of life analyses for specific subjects, such as high-ranking executives of competitors. Notably, ADINT can be used potentially by everyone, including malicious actors, putting clients at risk for the same kind of surveillance. However, there are certain constraints that need to be considered. Given that ADINT functions on the basis of information from people’s mobile devices, it is subject to privacy regulations affecting personal online data. These regulations can vary from region to region and heavily influence the feasibility of conducting ADINT operations. Additionally, as privacy concerns from users gain more attention, users are being given more control over their devices’ use of cookies by OEMs addressing these concerns.


These developments have a significant impact on the ADINT field and merit a closer look. As a consequence, the second article in this series on ADINT will present the state of the advertisement ecosystem in the European Union, as well as technical developments initiated by Apple and Google, to assess the current feasibility of ADINT operations. It will also take a look at what users can do to protect themselves from becoming targets of ADINT operations.


Comments


bottom of page