Spies use smartphone apps to track people
Documents leaked by former NSA contactor Edward Snowden suggest that spy agencies have a powerful ally in Angry Birds and a host of other apps installed on smartphones across the globe.
The documents, published Monday by The New York Times, the Guardian, and ProPublica, suggest that the mapping, gaming, and social networking apps which are a common feature of the world's estimated 1 billion smartphones can feed America's National Security Agency and Britain's GCHQ with huge amounts of personal data, including location information and details such as political affiliation or sexual orientation.
The size and scope of the program aren't publicly known, but the reports suggest that US and British intelligence easily get routine access to data generated by apps such as the Angry Birds game franchise or the Google Maps navigation service.
The joint spying program "effectively means that anyone using Google Maps on a smartphone is working in support of a GCHQ system," one 2008 document from the British eavesdropping agency is quoted as saying. Another document - a hand-drawn picture of a smirking fairy conjuring up a tottering pile of papers over a table marked "LEAVE TRAFFIC HERE" - suggests that gathering the data doesn't take much effort.
The NSA did not directly comment on the reports but said in a statement Monday that the communications of those who were not "valid foreign intelligence targets" were not of interest to the spy agency.
"Any implication that NSA's foreign intelligence collection is focused on the smartphone or social media communications of everyday Americans is not true," the statement said. "We collect only those communications that we are authorized by law to collect for valid foreign intelligence and counterintelligence purposes - regardless of the technical means used by the targets."
GCHQ said it did not comment on intelligence matters, but insisted that all of its activity was "authorised, necessary and proportionate."
Intelligence agencies' interest in mobile phones and the networks they run on has been documented in several of Snowden's previous disclosures, but the focus on apps shows how everyday, innocuous-looking pieces of software can be turned into instruments of espionage.
Angry Birds, an addictive birds-versus-pigs game which has been downloaded more than 1.7 billion times worldwide, was one of the most eye-catching examples. The Times and ProPublica said a 2012 British intelligence report laid out how to extract Angry Bird users' information from phones running the Android operating system.
Another document, a 14-page-long NSA slideshow published to the Web, listed a host of other mobile apps, including those made by social networking giant Facebook, photo sharing site Flickr, and the film-oriented Flixster.
It wasn't clear precisely what information can be extracted from which apps, but one of the slides gave the example of a user who uploaded a photo using a social media app. Under the words, "Golden Nugget!" it said that the data generated by the app could be examined to determine a phone's settings, where it connected to, which websites it had visited, which documents it had downloaded, and who its users' friends were. One of the documents said that apps could even be mined for information about users' political alignment or sexual orientation.
Google and Rovio Entertainment, the maker of Angry Birds, did not immediately return messages seeking comment on the reports.
The Times' web posting Monday of a censored US document on the smartphone surveillance briefly contained material that appeared to publish the name of an NSA employee. Computer experts said they were able to extract the name of the employee, along with the name of a Middle Eastern terror group the program was targeting and details about the types of computer files the NSA found useful.
Since Snowden began leaking documents in June, his supporters have maintained they have been careful not to disclose any intelligence official's name or operational details that could compromise ongoing surveillance.
The employee did not return phone or email messages from the AP.
Michael Birmingham, a spokesman for the Director of National Intelligence, said the agency requested the Times redact the information. Danielle Rhodes Ha, a Times spokeswoman, attributed the posting to a production error and said the material had been removed.