Secret Service Admits It Didn’t Check if People Really Consented to Being Tracked

The Secret Service never actually checked whether people gave proper consent to be tracked by a mobile phone location monitoring tool, despite claiming the data was collected with peoples’ permission, the agency admitted in an email obtained by 404 Media.

The email undermines the Secret Service’s and other U.S. federal agencies’ justification that monitoring the movements of phones with commercially available location data without a warrant is possible because people allegedly agreed to the terms of services of ordinary apps that may collect it. The news also comes after the Federal Trade Commission (FTC) banned Venntel, the company that provided the underlying dataset for the surveillance tool used by the Secret Service, from selling sensitive location data, and alleged that it did not obtain that consent in multiple cases. The tool used by the Secret Service is called Locate X, which is made by a company called Babel Street.

In the 2022 email, the office of Senator Ron Wyden asked the Secret Service what steps it had taken to verify that the location data it purchased from Babel Street was obtained from consumers who consented to “the onwards sale and sharing of the data.” Venntel collates location data from a variety of sources, including apps installed on peoples’ phones such as weather or navigation tools. The Secret Service’s one word response to that question read “None,” according to a copy of the email Wyden’s office shared with 404 Media.

The Secret Service added it had not been obtaining a warrant before using Locate X. The agency also said it had used the tool “to assist with developing leads and intelligence,” and that it had not been used in prosecutions.

In October 404 Media and a group of other journalists published never-before-seen screenshots and details about the Locate X tool. In demonstration videos leaked to the journalists, a user was able to draw a geofence around a particular area and then follow mobile devices that had been in that location at a particular time. In one case, the user traced the movements of devices that visited an abortion clinic, including one that crossed state lines to visit the facility.

In November 404 Media published internal Secret Service emails in which various officials argued over whether a warrant was needed to use such a tool. For ordinary cellphone historical location data, a warrant is required. “FYI. A warrant isn’t needed because the user gives consent. It happens when you agree to the terms of service,” one of those emails reads, referring to smartphone location data.

But the new email provided by Senator Wyden shows the Secret Service did not verify this claim, and the FTC’s investigation and subsequent action alleges that Gravy Analytics, the parent company of Venntel which has provided data to Locate X, did not obtain consent from impacted users. The FTC complaint itself includes multiple examples which the agency says show that consent-seeking pop-ups in relevant apps do not make clear at all that collected location data may eventually be sold to the government.

“It is outrageous to claim that the average user downloading an app is also waiving their privacy rights for any government agency that wants to buy their location history. And as far back as 2022, the Secret Service told my office it took no action to verify the claim that Americans consented to their location data being sold to government agencies,” Senator Wyden told 404 Media in a statement.

The Secret Service said in a statement that “The U.S. Secret Service uses a variety of tools as part of its protective and investigative operations and does so in accordance with applicable laws and government policies. We do not discuss the specific means and methods used during our operations.”

Last October, an oversight body for the Department of Homeland Security (DHS) found that Immigration and Customs Enforcement (ICE), Customs and Border Protection (CBP), and the Secret Service all broke the law while using commercially purchased location data. In one case, a CBP official used the data to track the location of coworkers with no investigative purpose.

About the author

Joseph is an award-winning investigative journalist focused on generating impact. His work has triggered hundreds of millions of dollars worth of fines, shut down tech companies, and much more.