Without warrants, intelligence agency buys location data on US residents

The Defense Intelligence Agency separates information on US residents, according to The New York Times, but can search the data with permission.

Laura Hautala Former Senior Writer
Laura wrote about e-commerce and Amazon, and she occasionally covered cool science topics. Previously, she broke down cybersecurity and privacy issues for CNET readers. Laura is based in Tacoma, Washington, and was into sourdough before the pandemic.
Expertise E-commerce | Amazon | Earned wage access | Online marketplaces | Direct to consumer | Unions | Labor and employment | Supply chain | Cybersecurity | Privacy | Stalkerware | Hacking Credentials
  • 2022 Eddie Award for a single article in consumer technology
Laura Hautala
2 min read

A US intelligence agency is buying phone location information from data brokers, skipping the warrant process.

Getty Images

The US Defense Intelligence Agency collects location information that includes data on US residents without a warrant, according to a memo reported by The New York Times on Friday. The DIA buys the information from data brokers, who often get it from third-party apps running on users' phones. The memo, written to Sen. Ron Wyden of Oregon, says the agency applies some restrictions to the use of location information of US residents.

The practice underscores how intelligence agencies collect location data on US resident without warrants despite a 2018 US Supreme Court decision that ruled warrants are necessary for the practice. Known as the Carpenter decision, the ruling held that the Fourth Amendment requires investigators to clear a higher bar before accessing data that can create a timeline of a person's every movement.

"The DIA does not construe the Carpenter decision to require a judicial warrant endorsing purchase or use of commercially-available data for intelligence purposes," the agency said in its memo. The DIA, which exists to collect intelligence on foreign militaries for US defense efforts, didn't respond to a request for comment. 

According to the memo, US and foreign data are mixed together in the location information the agency purchases. The agency said it puts data from US residents in a separate database that requires special permission to access. It's been accessed five times in the past two and a half years.

In November, Vice reported that US Special Operations Command had purchased location data collected by a third-party data broker from an Islamic prayer app called Muslim Pro. The app maker later said it would stop selling its users' location data. The same month, the US Department of Homeland Security came under investigation by its inspector general after Buzzfeed reported an internal memo showed it was collecting phone location data without warrants for immigration enforcement.

Wyden, a Democrat who advocates for privacy rights, decried the practice in remarks at the Capitol on Thursday. Calling the data brokers "sleazy and unregulated," Wyden pressed Avril Haines, President Joe Biden's nominee for director of national security, on the issue.

"It's especially important that the American people are being told if the government is using legal loopholes in the law and in the warrant requirement of the Fourth Amendment," Wyden said.

ACLU Senior Staff Attorney Ashley Gorski said in a statement the DIA memo reveals that more and more government agencies are ignoring the law. The ACLU argued the Carpenter case in the Supreme Court.

"The government cannot simply buy our private data in order to bypass bedrock constitutional protections," Gorski said. "Congress must end this lawless practice and require the government to get a warrant for our location data, regardless of its source."