Surveillance Valley Has Put a Billion Bugs in a Billion Pockets
This article first appeared on Pando Daily, and is reprinted here with permission.
“A mobile phone has eyes, ears, a skin, and knows your location. Eyes, because you never see one that doesn’t have a camera. Ears, because they all have microphones. Skin because a lot of these devices are touch screens. And GPS allows you to know your location.”
—Vic Gundotra, Google’s Vice President of Social, on Android
* * *
Last week, we were treated to yet another shocking revelation of government espionage: leaked Power Point slides revealing that American and British intel agencies are using our most cherished mobile apps and games to spy on us. Apparently no app is safe from NSA snooping — not even Angry Birds, beloved by hundreds of millions of kids all across the globe.
The techie spooks were so psyched by the loads of mobile data they could scoop with almost no effort that they couldn’t restrain their glee. It’s a “Golden Nugget!” they yelped on one of the slides.
The leaked documents made headlines around the world, and were held up by journalists and privacy activists as yet another example of the ridiculous lengths the NSA is willing to go to monitor every aspect of our daily lives.
But if you take a step back and look at the bigger picture, these NSA revelations say less about government spying than they do about the our hyper-connected mobile culture and the creepy for-profit surveillance business model that underpins it. The story wasn’t that the NSA had bugged our phones, but that they had used existing surveillance tools built into handsets and apps in order to access our data in the exact same way that companies like Burger King or Starbucks are able to do.
We are outraged when we hear that the government has the capability to wantonly vacuum up our personal info, regardless innocence, guilt or even suspicion. And yet we implicitly trust when powerful Surveillance Valley megacorps do the same thing on an even greater scale as a normal part of doing business.
Our smartphones are a perfect example.
We still think of mobile phones as just phones. But what used to be a technology to reach out and touch someone has turned into perhaps the greatest surveillance tool ever invented — a sophisticated tech appendage that’s always with us, and is used by powerful corporate interests to spy on and profile us for profit. All our smartphone activities are funneled through corporate mainframe computers, which record and analyze what we do, who we talk to, where we go, what we buy, what songs we listen to, what movies we watch…
The ultimate goal of all this monitoring: to understand us as intimately as possible, and to squeeze as much profit from that intel.
As Sergey Brin said, “We want Google to be as smart as you — you should be getting an answer the minute you think of it.”
* * *
News about NSA and GCHQ mobile tapping came via a joint investigation by The New York Times, The Guardian and ProPublica. They obtained about a dozen documents leaked by Edward Snowden that revealed US and UK were actively developing programs to intercept mobile data as it streamed over the Internet from mobile devices to corporate mainframes.
The investigation revealed that intel agencies could intercept an incredible amount of sensitive, highly detailed information about smartphone users without ever having to tap or hack the actual devices. The bugs are already built into the system, mostly in the form of “advertising” components embedded in popular apps. All that the NSA and GCHQ have to do is intercept that data.
Intel agencies school can scoop up obvious things like phone call logs, address book data, photos, buddy lists, as well as email and web surfing activity. And depending on the application, they can also intercept highly detailed profile data that includes a user’s current location, age, gender, household income, marital status, sexual orientation, ethnicity and even “political alignment” — all of that tied to a unique phone ID number.
That’s the kind of intel generated when people use what seem like the most innocuous of apps, including Angry Birds, which has been downloaded more than a billion times. Angry Birds is made by a Finnish company called Rovio Entertainment, which delivers its ads via a partnership with Baltimore-based Millennial Media, one of the largest digital advertising companies in the world, with clients ranging from CBS to Patagonia.
A 2012 British report identified Millennial Media as a particularly aggressive profiler, and even included code on how to intercept those profiles when people played Angry Birds on Android:
According to the report, the Millennial profiles contain much of the same information as the others, but several categories listed as “optional,” including ethnicity, marital status and sexual orientation, suggest that much wider sweeps of personal data may take place.
Possible categories for marital status, the report says, include single, married, divorced, engaged and “swinger”; those for sexual orientation are straight, gay, bisexual and “not sure.”
The level of detail that digital advertising networks can extract from people doing something as simple as playing mobile games is extremely unnerving. The NYT/Guardian/ProPublica investigation was surprised by the pervasiveness of the mobile surveillance: “Smartphones almost seem to make things too easy.”
Indeed. Smartphones make spying too easy — effortless, even. And the reason for that? They were designed that way. Put simply: smartphones leak our private data not by accident, but by design.
Perhaps nothing shows that like Google’s Android, the most popular smartphone/tablet operating system on the planet.
Android mobile operating system was released in 2008 and in just a few short years monopolized the market. Today the operating system sits on an estimated 80% of all new smartphone units sold.
Back in 2007, when Google announced it was on the verge of releasing an open source operating mobile system that would be available for free for phone manufacturers to install, the tech press was mystified. Why would a search company be getting into operating systems? Wasn’t it a bit out of its league?
What they didn’t understand was that Google’s search operations were just one part of a larger and much more ambitious project: to create a global advertising-intelligence company that funnels as much user activity in the real and online world through its services in order to profile people and monetize their information.
In Steven Levy’s “In The Plex: How Google Thinks, Works, and Shapes Our Lives,” a hagiographic but highly informative story of Google’s rise to dominance, you get a clear sense of that Sergey Brin and Larry Page very early on understood that Google’s success depended on monopolizing people’s online activities and maintaining proprietary control over all the intel it collects. They also understood that Google was going to change — and in fact needed to change — our expectations of privacy.
Page told Levy: “there’s going to be large changes in the world because of all this stuff … People will have to think before when they publish something online, ‘This might be here forever associated with me.’ Because Google exists.”
Google captured every bit of user behavior from the very beginning — first to improve its search algorithms and then to make money. Lots and lots of money.
Google search bots got so good at scanning the Internet for every last crumb of information — no matter how private or sensitive — that it was too private and sensitive even for Google’s then-CEO Eric Schmidt. In 2005, a CNET reporter published a story to see how much private information she could dig up on Schmidt using nothing but Google’s search engine, noting simply that Schmidt’s net worth was $1.5 billion, that he lived in the town of Atherton and made $90 million selling some of his Google shares. Google’s PR department went ballistic, blacklisting CNET for a year for disclosing the Schmidt’s “personal” information. The New York Times was shocked and surprised by Google’s aggressiveness, noting that the “company reacted in a way better suited to a 16th-century monarchy than a 21st-century democracy with an independent press.”
If Schmidt was freaked out by Google’s public search capabilities, then he must have trembled in awe of what Brin and Page were rolling out next: Gmail, a full-on for-profit intelligence machine that captured and monetized personal and business email correspondence, private documents and search and browsing histories. While Google did not make that information public, it parsed and mined it in extremely intrusive ways to gather insight into a person’s life, personality and behavior.
As Google grew and expanded its service offerings, the company morphed into a massive for-profit surveillance hub, intercepting terabytes of global traffic flowing through its servers to construct sophisticated psychological profiles on hundreds of millions of people all over the world.
The data harvesting takes so much space and processing power that Google that is now the largest computer manufacturer just from building its own servers.
Google doesn’t restrict the surveillance to its registered Google users. The company intercepts and analyzes the private communication of anyone who emails with a Gmail user, meaning that it maintains profiles on a significant percentage of the world’s Internet population.
“Google makes money with advertising online, but that’s about 20 percent of total advertising spent,” Linus Upson, Google’s VP of Engineering, told Levy. “Eighty percent of the time, people’s attention is offline. To the extent that we can make computers better, everything will go online, and Google can participate in that advertising space. There are four more Googles to be had here.”
Android was a natural extension of Google’s for-profit surveillance operation.
Sergey Brin and Larry Page started planning to muscle their way in the mobile phone market way back in 2004, around the same time that Steve Jobs began developing the iPhone.
Back then, the smartphone market was in its infancy. But it was clearly shaping up to be the future of ubiquitous computing. Brin and Page realized that if Google played its cards right, they could own the keys to the mobile surveillance kingdom. Google wouldn’t be restricted to running apps on someone else’s operating system environment, nor would they have to share their revenue with traditional mobile gatekeepers like AT&T or Verizon. They would be the environment that underpinned the mobile experience, allowing the company to be the ultimate gatekeeper: mediating and monetizing interactions between users, apps and advertisers.
“We’re not going into the phone business, but we’re going to make sure Google is on those phones,” Schmidt said in 2004.
And that’s exactly what the company did a year later when it bought Android Inc, a tiny company that was developing a low-fi version of the mobile Android operating system.
Here’s how Levy described the thinking of Google executives in “In The Plex”:
“An open network would give Google unlimited opportunity, so that even if Google spent millions of dollars to develop an operating system — and then gave it away for free — it would still come out ahead,” wrote How Google Thinks, Works, and Shapes Our Lives.”
Google released the first version of Android in 2008, and a few years later was already the most dominant player in the field.
Google already had a frighteningly detailed profile of people’s lives. Android provided it with a whole new dimension of intel: the space-time dimension.
On top Google’s entire app suite — email, office tools, maps, chat, social networking, photo sharing — Android phones were equipped with GPS units and tied to people’s real identities. People always had their phones with them, and were always logged into Google’s services.
With Android, Google can know not only what you are doing, but the time and place where you were when you were doing it. Google could map out the entire contents of a person’s life: where you worked, your commute, your weekend getaways, your favorite sports bar, where you bought your groceries. All that information could be spread out on a physical map, and diced and analyzed for patterns, and combined with all the other intel that Google has you.
What does Google do with all this info? Well, that’s hard to tell. Google is notoriously guarded and vague about what data it collects on its users and how it uses it.
One thing we do know is that the company has a nasty reputation for doing whatever it wants and for constantly pushing the envelope of acceptable privacy behavior. Not surprisingly, researchers probing Android’s data collection noticed that devices not only vacuumed up their users’ private information, but hijacked their phones for Google’s own surveillance projects.
In 2011, a hacker/researcher Samy Kamkar discovered that Google used Android phones to compile a giant database that linked Wi-Fi networks and their locations.
Wall Street Journal reported on Kamkar’s findings:
HTC Android phone collected its location every few seconds and transmitted the data to Google at least several times an hour. It also transmitted the name, location and signal strength of any nearby Wi-Fi networks, as well as a unique phone identifier… Its location data appears to be transmitted regardless of whether an app is running, and is tied to the phone’s unique identifier.
The mapping of Wi-Fi locations was part of Google’s ongoing effort to create maps that linked routers and street addresses across the world. The information is valuable, as it allowed Google to determine the precise location of users logging in to Google services from their computers. That’s how, for instance, Google is able to pinpoint your precise location if you log in to Google Maps through your laptop via a wifi connection at your local Starbucks.
What made Google’s wifi monitoring activities even sketchier is that Google has access to passwords for just about every wifi network. Android automatically backs up users’ wifi passwords to Google’s servers, where they seem to be stored in plain text.
Google is of course not alone in extracting user location data. Microsoft and Apple were doing exactly the same thing, as were cellular carriers like Verizon and AT&T. It seems everyone’s playing with monetizing their customers’ location data. It was all part of the Surveillance Valley business model, where intelligence equals money.
MIT Technology Review did a series of articles on the emerging cellular location data mining business, helping companies and government agencies get a handle on how people move around and how they behave in certain environments:
Verizon is working to sell demographics about the people who, for example, attend an event, how they got there or the kinds of apps they use once they arrive…
AirSage, an Atlanta, Georgia, a company founded in 2000, has spent much of the last decade negotiating what it says are exclusive rights to put its hardware inside the firewalls of two of the top three U.S. wireless carriers and collect, anonymize, encrypt, and analyze cellular tower signaling data in real time. Since AirSage solidified the second of these major partnerships about a year ago (it won’t specify which specific carriers it works with), it has been processing 15 billion locations a day and can account for movement of about a third of the U.S. population in some places to within less than 100 meters, says marketing vice president Andrea Moe.
Recent research shows that even anonymizing the information doesn’t truly protect privacy, as the data can be quickly reverse-engineered to determine real identities.
And there are plenty of other parties profiting off of our smartphone private data. The NYT/Guardian/ProPublica investigation into NSA and GCHQ mobile data interception only names a handful of app developers and advertising networks, but it’s so widespread that you might as well call it industry best practice — we’re in Surveillance Valley, after all.
Companies began scheming for ways to slyly plunder our private mobile data from the moment that Apple and Google opened their platform to app developers. These for-profit surveillance entrepreneurs launched mobile apps that collected all sorts of sensitive information on unwitting users: browsing history, location data, address book contacts, calendars entries, calling histories, private documents and anything else they could get their hands on. Sometimes, developers were so sloppy and careless that they didn’t bother securing the data before sending it as plain text over the Internet — giving any Internet traffic sniffer direct access to our private information.
Some of the apps were nothing more than honeypots: free or cheap novelty programs designed to brazenly grab and sell as much private mobile data as possible. The FCC recently went after one of these scammers: Android Brightest Flashlight. Its advertised function: to turn your phone’s touchscreen into a bright light. Up to a 100 million people bought into the scam and downloaded the app from Android’s store. Little did they know that they were installing a giant bug that scooped up as much of their information as possible — including their location and a unique phone identifier, which could be linked to their real identity with little effort.
Security researchers at BitDefender, an antivirus company, analyzed over 500,000 apps on both iOS and Android systems and found that the platforms were equally leaky about private data. Many popular applications grabbed emails, phone numbers, contact lists, location tracking and other private data without fully notifying users — and much of that was being shared with third-party advertising and data aggregation companies. BitDefender’s analysis has been backed up by other independent investigations.
The BitDefender report concluded that many of these apps are no different than spyware:
…adware tightly integrates with the device – it does not run inside the browser, isolated from other applications. On mobiles, advertising frameworks can learn your communications habits, friends, friends’ contacts, location and – more frequently – all of the above at the same time. This turns them into the modern equivalent of spyware built into the device you’re using the most throughout the day.
Fly-by-night app developers aren’t the only ones plundering our mobile data on the sly. Trusted apps and services are perhaps the biggest culprits. One of the earliest data-grab scandals (and one of the only ones to have generated serious media outrage) came after it was discovered that Path was uploading users’ entire address books to its servers.
Then there are companies like Pandora, which, on top of remembering your music preferences, also collects things like age, gender, location, phone IDs and other identifiers. Pandora’s advertising manger, Jack Krawczyk, recently boasted to Digiday that the company’s user data is going to be the next big cash cow. As Digiday explained: “The music streaming service now attracts over 72 million users a month, he said, all of whom are logged in permanently. As a result, the company is able to build up an extremely detailed understanding of users’ tastes and habits.”
In 2010, the Wall Street Journal published an investigation that found smartphones were being hit with an “intrusive effort by online-tracking companies to gather personal data about people in order to flesh out detailed dossiers on them.”
Intrusive or not, surveillance capabilities are built into the very fabric of our smartphones. The intrusive snooping is carried out by Google and Apple as a matter of routine. Google can offer users more protection if the company wanted, but it explicitly chooses not to. Late last year, Google actually turned off an Android feature that gave users slightly more control over app data collection. Google explained that the release of these privacy features was an accident.
It’s not surprising that Google doesn’t want users to limit Android data collection. The company dominates 41.5 percent of the US mobile advertising market — and many apps go directly through Google’s user tracking and advertising services to make money, with Google taking a huge cut of the action.
That’s what makes Google’s smartphone/tablet dominance so disturbing. The company has a de facto monopoly on much of the digital ecosystem: search, email, digital advertising and now mobile computing — for-profit surveillance ops that are world wide, and not limited by pesky things like ISPs, cellular networks or even national borders.
Industry analysts predict that 1 billion smartphone units will be shipped with Android software. That’s 1 billion Google bugs roaming around the world. No wonder the NSA has been trying to tap into Google’s internal communications. Google’s got the keys to the magical intel kingdom.
We all agree that our government should not spy on Americans who haven’t done anything wrong. The question is: why do we think it’s okay for private companies to do exactly the same?