According to the latest documents leaked by former U.S. Government contractor Edward Snowden, Some of the world’s most popular Smartphone applications like Angry Bird are telling British (GCHQ) and American intelligence agencies (NSA) everything about you.
Reports have emerged that “leaky” smartphone apps are transmitting users’ private information across the internet to government spy agencies including the US National Security Agency (NSA) and Britain’s Government Communications Headquarters (GCHQ).
The Guardian claims that the NSA and its UK counterpart GCHQ have been developing capabilities to take advantage of these ‘leaky’ apps, collecting most sensitive information such as sexual orientation and “even sends specific sexual preferences such as whether or not the user may be a swinger.” Now this is what which blows our minds.
One slide from a May 2010 NSA presentation, titled “Golden Nugget!”, set out the agency’s “perfect scenario”, described as a “target uploading photo to a social media site taken with a mobile device.” The presentation explained that in such a case, the agency could get a “possible image”, email and “a host of other social working data”.
It will perhaps come as no surprise that the NSA and GCHQ are harvesting data from smartphone apps. It has long been know that they use similar techniques to intercept mobile internet traffic and text message data. However, the documents reveal that the agencies are increasingly convinced of the importance of mobile applications data.
“The efforts effectively means that anyone using Google Maps on a Smartphone is working in support of a GCHQ system.“
The Guardian also reported that the NSA has already spent more than $1 Billion in its phone targeting efforts, giving illogical reason that they are trying to defend the country from terrorist attacks and they are spying on only non-US citizens, but the NSA and GCHQ are collecting the info as part of their widespread global data collection effort.
Thomas Labarthe, managing director for Europe at mobile security firm Lookout, explained that most apps do not use encryption when transmitting information, or only encrypt specific details such as financial transactions.
“If an app is not using encryption, it is basically handing over the data to anyone who’s listening. This includes everything ranging from geo-location through to what’s being entered into forms, depending on the app,” he said.
In a statement, Rovio (maker of Angry Birds game app) VP of marketing and communications, Saara Bergström, told the Guardian:
“Rovio doesn’t have any previous knowledge of this matter, and have not been aware of such activity in 3rd party advertising networks. Nor do we have any involvement with the organizations you mentioned.”
But that doesn’t mean that developers are blameless. Developers can take more proactive measures to try and encrypt the data obtained from their apps.
Angry Birds is not alone in this, either; Facebook and Twitter were also named in these reports and Google Maps is apparently a major source of information for these agencies as well. The scale and the specifics of the data haul are not clear.