Editors' Picks

Mobile Phone, Cellphone, Cloud Apps
All the private app data that’s fit to siphon. Photo credit: creativeart / Freepik
Editors' Picks

Saturday Hashtag: #TheDataEconomyThreat

01/24/26

Welcome to Saturday Hashtag, a weekly place for broader context.

Listen To This Story
Voiced by Amazon Polly
RedditThreadsBlueskyLinkedIn

What’s sold as “digital convenience” is actually a hidden surveillance network embedded in apps millions of Americans use daily. Ordinary smartphone software covertly funnels enormous amounts of pilfered personal data to commercial brokers and, ultimately, government agencies without consent or awareness.

These invasive apps don’t just “spy” on users for ads. They feed a commercial data ecosystem that lets the US government access Americans’ private digital lives through loopholes without directly surveilling them. This isn’t accidental, it is structural: commercial collection first, government access later.

Siphoned Data

US Immigration and Customs Enforcement and other agencies track entire neighborhoods using location data siphoned from 12,373 apps that have leaked 30 million precise location points through embedded advertising technology. Among them:

  • Dating: Tinder, Bumble, Grindr, Happn, Hily, LIFE360, SkyLove
  • Games: Candy Crush, Temple Run, Subway Surfers, Harry Potter
  • Productivity: Yahoo Mail, Microsoft 365 
  • Health & Fitness: My Period Tracker, MyFitnessPal 
  • Social Media: Facebook, Instagram, TikTok, Tumblr 
  • Religion: Christian prayer apps, Muslim prayer apps, Bible apps 
  • Other Apps: VPNs, pregnancy trackers, location-sharing apps

Location Data

This data reveals more than where someone is. It can map lives, associations, religious attendance, medical visits (including to abortion clinics), and movement patterns — all without warrants or informed consent.

Image Data 

Location tracking is just the beginning. Meta’s apps use default access to private camera rolls through features marketed as editing suggestions, analyzing highly sensitive personal content and converting intimate memories into tradeable data.

Android and iPhone app privacy controls are obscured and defaulted for data collection, fueling profits from invasive information harvesting projected to reach $2.41 billion this year.

Siphoned Data Economy

Daily app use feeds a vast, obscured economy of personal and location data capture. Users have no real knowledge of how long their information is stored, how it is aggregated, or who profits from it.

Data Breach Economy 

At the center of this exploitative system is Gravy Analytics, a location-data broker in a largely unregulated market. Linked to one of the largest data breaches in history, it has sold location data to commercial and government clients alike.

In today’s digital ubiquity, the most private aspects of life are no longer private. They are extracted and monetized, beyond scrutiny and out of reach of the citizens whose lives they embody. This surveillance capitalism undermines democracy by turning both banal and intimate data into a tool for corporate and government domination.

Take Action

Bookmark privacy-focused search engines like these:

Secure your device:

Use privacy tools: 

Hashtag Picks

Yes, the Government Can Track Your Location — But Usually Not by Spying on You Directly

From The Conversation: “If you use a mobile phone with location services turned on, it is likely that data about where you live and work, where you shop for groceries, where you go to church and see your doctor, and where you traveled to over the holidays is up for sale. And US Immigration and Customs Enforcement is one of the customers. The US government doesn’t need to collect data about people’s locations itself, because your mobile phone is already doing it. While location data is sometimes collected as part of a mobile phone app’s intended use, like for navigation or to get a weather forecast, more often locations are collected invisibly in the background.”

How the Federal Government Buys Our Cell Phone Location Data

From the Electronic Frontier Foundation: “Over the past few years, data brokers and federal military, intelligence, and law enforcement agencies have formed a vast, secretive partnership to surveil the movements of millions of people. Many of the mobile apps on our cell phones track our movements with great precision and frequency. Data brokers harvest our location data from the app developers, and then sell it to these agencies. Once in government hands, the data is used by the military to spy on people overseas, by ICE to monitor people in and around the US, and by criminal investigators like the FBI and Secret Service. This post will draw on recent research and reporting to explain how this surveillance partnership works, why it is alarming, and what can we do about it.”

Privacy Isn’t Dead. Far From It.

The author writes, “Even if you don’t have this feeling now, at some point you may have felt — or possibly will feel — that we’re past the point of no return when it comes to protecting our private lives from digital snooping. There are so many dangers out there — invasive governments, doorbell cameras, license plate readers, greedy data brokers, mismanaged companies that haven’t installed any security updates in a decade. The list goes on. This feeling is sometimes called ‘privacy nihilism.’ Those of us who care the most about privacy are probably more likely to get it, because we know how tough the fight is. … But the important thing to get across is that this feeling is valid, but it’s also not accurate.”

Governor Newsom Announces First-In-The-Nation Privacy Tool Allowing Californians To Block the Sale of Their Data

From the Governor’s Office: “Data brokers quietly work to collect, combine, analyze, trade, and sell personal information, usually without a person’s knowledge or explicit consent, creating risks for fraud and other nefarious outcomes. As of January 1, Californians can submit a single deletion request to registered data brokers through DROP. DROP quickly verifies the user’s California residency and then transmits the deletion request to the data brokers. Under the Delete Act, data brokers must start processing deletion requests August 1, 2026. DROP helps give Californians better control over their data and simplifies the process of requesting that data brokers stop sharing and selling their data. Previously consumers would have to make requests to each data broker individually, making the process extremely difficult and time-consuming. ‘DROP is a game changer for consumer privacy,’ said Tom Kemp, Executive Director of the California Privacy Protection Agency (CalPrivacy). ‘It’s the first platform of its kind and it makes exercising privacy rights simple, free, and accessible for millions of Californians. It gives people a straightforward way to take control of their personal information.’”

Tom Snyder: Agentic AI, Automation Lead 2026 Trends in Data Economy

From WRAL News: “For decades, infrastructure was treated as a background concern. It was important, but rarely thought of as strategic. But infrastructure for the Data Economy is different, and we will see awareness bubble up this year. In 2026, infrastructure is no longer just roads and bridges. It’s power stability, water reliability, transportation flow, broadband access, edge compute, IoT sensor networks, and data pipelines all functioning as a single economic system.”

Twelve Million Phones, One Dataset, Zero Privacy

From The New York Times: “Every minute of every day, everywhere on the planet, dozens of companies — largely unregulated, little scrutinized — are logging the movements of tens of millions of people with mobile phones and storing the information in gigantic data files. The Times Privacy Project obtained one such file, by far the largest and most sensitive ever to be reviewed by journalists. It holds more than 50 billion location pings from the phones of more than 12 million Americans as they moved through several major cities, including Washington, New York, San Francisco, and Los Angeles. … After spending months sifting through the data, tracking the movements of people across the country and speaking with dozens of data companies, technologists, lawyers, and academics who study this field, we feel the same sense of alarm. In the cities that the data file covers, it tracks people from nearly every neighborhood and block, whether they live in mobile homes in Alexandria, VA, or luxury towers in Manhattan.”

50 Ways To Leak Your Data: An Exploration of Apps’ Circumvention of the Android Permissions System

The authors write: “Modern smartphone platforms implement permission-based models to protect access to sensitive data and system resources. However, apps can circumvent the permission model and gain access to protected data without user consent by using both covert and side channels. Side channels present in the implementation of the permission system allow apps to access protected data and system resources without permission; whereas covert channels enable communication between two colluding apps so that one app can share its permission-protected data with another app lacking those permissions. Both pose threats to user privacy.”

RedditThreadsBlueskyLinkedIn

Related Posts: