When the Biden administration proposed new protections earlier this month to prevent law enforcement from demanding reproductive health data from companies, they have taken a critical first step in protecting our personal data. But there remains another serious data privacy gap that Congress needs to address.
While the constitution prevents the government from forcing companies to hand over your sensitive data without due process, there are no laws or regulations preventing them from simply buying it.
And the US government has been buying private data for years.
Despite Supreme Court rulings that the government cannot obtain sensitive personal data such as your location without a warrant, shady data brokers can and will sell this information directly to the government. They exploit a loophole in our constitutional defenses against surveillance: Because this data is sold on the open market, the government doesn’t have to force anyone to provide it. They can just buy it without any oversight or legal repercussions.
Congress should prohibit the government from buying up sensitive geolocation data in its entirety — not just to prevent its seizure. As long as agencies and law enforcement can legally purchase this sensitive information from data brokers, constitutional restrictions on the government’s ability to seize this data mean next to nothing.
The FBI, the military, and several other government and regulatory agencies are frequent customers of these data brokers both at home and abroad. The data they buy gives them alarming amounts of power to collect sensitive information from large groups of people.
The biggest victims of government surveillance are often marginalized communities. For example the army purchased sensitive geolocation data collected from an Islamic prayer app and an Islamic dating app to track users. The broker who sold the user’s geolocation data, Locate X, boasts “widely usedby the military, intelligence agencies and various levels of law enforcement. Immigration and Customs Enforcement (ICE) has also drawn criticism purchasing user data to detect migrants and skirt sanctuary laws.
Even the National Guard is exploiting the surveillance loophole by buying data targeting and recruiting high school students. And the FBI buys geolocation data to track millions of phones – all without a warrant.
We have already seen the potentially harmful consequences of using private data and tracking by employers And landlords to the detriment of employees or tenants. Placing that information in the hands of government agencies whose decisions carry the weight of the law poses an even more serious problem.
Government agencies often resist disclosing how they use privately purchased data for law enforcement operations, but such purchases allow them to circumvent oversight restrictions put in place to protect our civil rights. The police forces are circumventing the ban on facial recognition by go to external suppliers for their facial recognition search results. In 2018, ICE claimed to have made an arrest and deportation at a “routine traffic stop”, but also happened to have bought specific cell phone tower data that could have helped in the arrest.
To make matters worse, the data sold to these powerful institutions may not even be accurate. Besides the fact vulnerable to hackingoften trusts information from data brokers discriminatory algorithms and biases and still can often confuse your age, ethnicity and religion when creating profiles. When the government takes law enforcement action based on inaccurate data, the rights of all Americans are at risk.
The protection of reproductive health data proposed by Biden is a step in the right direction, but it is nowhere near enough on its own. Congress needs to ban government purchases of sensitive location data and address this huge data privacy loophole – because as long as your information is for sale, the government will continue to buy it.