When you open a navigation app or check the weather, you are not thinking about who else might be watching. But the location data those apps generate does not stay on your phone. It moves through a chain of brokers, gets combined with data from other sources, and ends up available for purchase on the open market with almost no restrictions on who can buy it.
That last part matters more than it might seem. This spring, US Central Command confirmed that adversaries had used commercially purchased location data to track and target American military personnel deployed to active war zones. Not hacked or intercepted through classified channels. Purchased, the same way a retailer buys audience data to serve you an ad.
The Pentagon had been warned this was possible since at least 2016. Legislation to close the data broker loophole has stalled repeatedly. A bipartisan group of lawmakers sent a letter to the Pentagon this week pressing for basic protective measures that the Army’s own researchers had already identified as achievable years ago.
What makes this story matter beyond the military context is what it reveals about the market itself. There is no mechanism for screening who buys this data or what they intend to do with it. The infrastructure was built for advertising. It turns out it works for targeting people too.
Your data is in that market. So is everyone else’s.
;
