Tag: data collection

Pokémon Go — The Largest Mapped Data Collection Ploy in History

When Pokémon Go was released, it appeared to be a harmless game encouraging people to go outside and explore, yet beneath that surface was a far more sophisticated system that directed human movement into very specific locations where data was needed most, turning millions of users into mobile data collectors. The placement of Pokémon, Gyms, and PokéStops was not random, but concentrated around landmarks, businesses, and dense urban corridors, meaning players were repeatedly funneled into high-value mapping zones, often returning to the same locations over and over again, capturing them from multiple angles, at different times of day, and under varying conditions, which is exactly how high-quality spatial datasets are built.

For many reading this, particularly those who never played the game, it is important to understand what this actually looked like in practice, because this was not some passive background process, it required people to physically walk through neighborhoods, parks, shopping districts, and even residential areas while holding up their phones, actively scanning their surroundings to “catch” virtual creatures that did not exist. The game encouraged users to point their cameras at real-world objects, move around them, and interact with the environment. The system was capturing detailed imagery not just of public landmarks but also of surrounding areas, including streets, entryways, and private homes, all embedded in what appeared to be a simple entertainment experience.

Keep reading

Massachusetts Agrees to Delete Data From App It ‘Secretly Installed’ During Pandemic

Massachusetts officials have agreed to delete data from a contact tracing application that people said was installed on their phones without their permission during the COVID-19 pandemic.

Under a settlement agreement approved by a federal judge on March 31, the Massachusetts Department of Public Health “shall (a) destroy any Primary Data in the Department’s possession, custody, and control, which the Department, exercising all due diligence, has located and … that was made available to the Department from the COVID Exposure Notification Setting on Android Devices; and (b) certify in writing to Class Counsel that such data has been destroyed and will not be provided to any third party.”

The state’s health commissioner also promised not to have data collecting applications installed on people’s phones without their permission for five years.

The settlement came in a case brought by plaintiffs who said the app in question, known as MassNotify v.3 or Exposure Notification Settings Feature-MA, was “secretly installed” on their phones without their permission.

American Institute of Economic Research senior fellow Robert Wright, who lives in Massachusetts, said the app was downloaded onto his Android phone around July 1, 2021, without his knowledge. Johnny Kula, a New Hampshire resident who travels to Massachusetts on a daily basis for work, also said he discovered the app on his phone around the same time, and that it was back on the phone later in 2021 after he uninstalled it.

The plaintiffs’ claims echoed reviews from app store users complaining they had not downloaded the app, but it appeared on their phones. The app, which allowed people to say they had tested positive for COVID-19, and alerted others who had recently been close in location to those people, was downloaded more than one million times, according to court filings. Similar applications were developed by at least 24 other states.

Keep reading

FBI Resumes Buying Americans’ Location Data Without Warrants

The FBI is buying Americans’ location data again. Director Kash Patel confirmed it to lawmakers on Wednesday, confirming what we already knew: that it has resumed purchasing commercial surveillance data, including detailed location histories, from data brokers.

The brokers feeding that data pipeline source much of it from phone apps and games that people use daily without realizing they’re being tracked.

By the time a precise location record reaches a federal agency, it may have originated from a weather app or a mobile game, passed through an advertising middleman, and been packaged for resale, with the person who generated it never consulted or notified.

Senator Ron Wyden asked Patel directly whether the FBI would commit to not buying Americans’ location data without a warrant. Patel declined. The agency “uses all tools…to do our mission,” he told the committee.

He followed up by confirming that “we do purchase commercially available information that is consistent with the Constitution and the laws under the Electronic Communications Privacy Act,” adding that it “has led to some valuable intelligence for us.”

Wyden called that arrangement exactly what it is: the government buying what it cannot legally seize. Purchasing information on Americans without a warrant is “an outrageous end-run around the Fourth Amendment,” he said, referring to the constitutional protection against unreasonable searches and seizures.

The workaround is not unique to the FBI. Federal agencies are generally required to convince a judge that probable cause exists before demanding private records from a tech or phone company.

The commercial data market offers a way around that requirement entirely. Agencies simply purchase what they would otherwise need a warrant to obtain, creating a market for data grabbing and exploiting a legal gap that courts have not yet addressed.

Wyden and other lawmakers introduced the Government Surveillance Reform Act last week, which would require a court-authorized warrant before any federal agency can purchase Americans’ data from brokers. The bill is bipartisan and bicameral. Without it, the gap that lets agencies buy their way around the Fourth Amendment remains open.

Keep reading

FTC Says Companies Can Collect Kids’ Personal Data, As Long As It’s Called “Age Verification”

The FTC just told companies they can collect children’s personal data without parental consent, as long as it’s for “age verification.”

That’s the practical effect of a policy statement the agency issued this week. Under COPPA, websites collecting data on kids under 13 generally need verifiable parental consent first. The FTC’s new statement carves out an exception: gather whatever personal information you need to verify someone’s age, and the Commission won’t come after you for it.

The agency calls this child protection. The infrastructure it’s enabling looks different.

Christopher Mufarrige, director of the FTC’s Bureau of Consumer Protection, said “Age verification technologies are some of the most child-protective technologies to emerge in decades,” and framed the announcement as a tool for parents.

What the statement actually does is green-light personal data collection from minors, on the theory that knowing someone’s age requires knowing who they are first.

The exemption is conditional. To avoid enforcement, sites must delete age verification data “promptly” after use, restrict third-party sharing to vendors with adequate security assurances, post clear notices about what they’re collecting, and use methods likely to produce “reasonably accurate” results. These requirements are unverifiable by the people whose data gets collected, and enforced by an agency that just announced it won’t enforce.

COPPA supposedly exists precisely because children’s personal data is sensitive and companies can’t be trusted to protect it without legal pressure.

The FTC’s new exemption uses that same sensitive data as the price of admission for age verification, then steps back from enforcement. The agency is weakening the law’s protections in order to expand the infrastructure that the law was supposedly designed to regulate.

Keep reading

Palantir, Fractal And Your Personal Data Privacy – Get used to being used, because YOU are the product

Who controls the data the government collected from you for a generation?

Your insurance company collected data on your driving – so did your Lexus – who owns that data?

You told your doctor about controlled substances you used – and now it gets brought up in an interview.

If you can’t exclude someone from using your data, then you don’t control it. That means you really don’t own it. It’s that simple.

What does “own” mean here, let’s define the terms.

Owning the data means you can do anything you want with it – share it, sell it, mine it or build an A.I. language model with it.

From birth until the last Social Security check gets cashed, your data is collected by federal and state agencies, corporations and of course the internet.

Your teen daughter puts every waking moment on Facebook or Instagram – so who owns those hundreds of images?

TSA Pre Check, Medicare/Medicaid, Social Security, government or military retirement, Tri-Care, veterans hospitals, and of course, the IRS – gather more data about every citizen than has ever been gathered in the history of mankind.

Each agency gathers different data, at different times, for slightly different purposes. And those purposes may change over time.

Who owns the rights to that data?

It’s a far stickier question than you think.

The knee jerk response is the government owns the data. They collected it for their purposes, so it’s theirs.

The government will certainly say so.

Keep reading

Thailand – A Case Study for Biometric Data Control

Thailand has become a test case for the use of biometric data in every facet of life. Facial recognition data is required for any single transfer above 50,000 baht (around $1,580), daily transfers above 200,000 baht, and any international transfers from personal accounts.  All major Thai banks, such as Bangkok Bank, Kasikorn (KBank), SCB, Krungthai, and Krungsri, require customers to submit biometric data, and the Bank of Thailand (BOT) provides the general guidelines that these banks must follow.

It may begin with banking and documentation, but the ultimate goal is to develop digital IDs that are stored on a centralized database. The board of Thailand’s National Broadcasting and Telecommunications Commission (NBTC) proposed that users must submit biometric data to register SIM cards. The rule went into effect in August and applies to everyone in Thailand, including tourists.

The Thai Ministry of Public Health (MOPH), the Thai Red Cross Society, and the National Science and Technology Development Agency (NSTDA) has implemented the use of biometric data to track undocumented persons. Health agencies claim the technology can identify the spread of disease and assist in providing humanitarian aid and medical services. The MOPH claims the technology is 99.75% accurate. According to the Department of Labour’s Bureau of Alien Workers Administration, over 1 million undocumented migrants were in the nation as of July 2025.

“The application of biometric technology not only improves healthcare, disease prevention and control, medical services, and humanitarian aid with accuracy and inclusivity, but also reflects the protection of human rights and dignity of undocumented people in Thailand. It also creates opportunities for education and research by Thai public health professionals to develop further benefits for the general population,” Health Minister Somsak Thepsuthin stated.

The Thai Red Cross Society is a branch of the global Red Cross agency. Thailand’s Personal Data Protection Act (PDPA) claims all personal data will be securely protected, but they have already begun sharing with international agencies.

Keep reading

Comprehensive data privacy laws go into effect in 8 more states this year

This year, comprehensive privacy laws are going into effect in eight states to regulate how businesses handle digital information and to give consumers more protections over their personal data.

The laws in DelawareIowaMinnesotaNebraskaNew HampshireNew Jersey and Tennessee have taken effect already this year, according to a database from the International Association of Privacy Professionals’ Westin Research Center. Maryland’s privacy law, signed by Democratic Gov. Wes Moore last year, will go into effect Oct. 1.

Privacy laws enacted in IndianaKentucky and Rhode Island will go into effect next year.

Several other states are considering comprehensive privacy bills during this year’s legislative sessions. They include MassachusettsMichiganNorth CarolinaPennsylvania and Wisconsin.

When a person visits a website, applies to a job or logs into an online portal, they may be sharing their personal information. Comprehensive privacy laws can apply to a wide range of companies that participate in this kind of data collection.

These laws generally include two types of provisions — those related to consumer rights and those that establish business obligations, according to the association.

Under each of the new laws, consumers have the right to control when and how their data is collected and shared. Some of those provisions include the right to delete data from a company’s database, the ability to opt out of sharing sensitive information and the right to prohibit a company from selling their data.

The new measures also require businesses to ask consumers if they want to opt in to data collection. In some states, businesses are required to complete consumer data risk assessments and identify ways in which discrimination could take place. Some companies also may be required to limit to how consumer data is processed.

Keep reading

Technocrat Sweep: US Health Officials, Tech Executives To Launch Data-Sharing Plan

Why would Technocrats care about your health data? When they see the public as a herd of cattle, they naturally move to “manage the herd.” RFK, Jr. earlier bragged that he wants all citizens to don wearable medical devices within four years, to collect mountains of data. This initiative is headed by AMY GLEASON, the Administrator of DOGE.

Amy Gleason worked at the predecessor of DOGE from 2018-2021 during the first Trump administration, where she played a key role on the White House Coronavirus Task Force’s data team managing critical pandemic data. She was named an Obama-era “Champion of Change” for her work in patient advocacy and precision medicine. She has emerged as a key Technocrat with her association with Elon Musk. Court records clearly show that Musk was never in charge of DOGE, but rather Amy Gleason.

Keep reading

The Biden Admin Stole Your Data to Rig Elections and Censor Speech

Jason Chaffetz has delivered a devastating exposé that should terrify every American who values his or her constitutional rights. Writing in the New York Post, the former House Oversight Committee chairman pulls back the curtain on what may be the most comprehensive assault on American democracy we’ve witnessed in our lifetime—and it’s happening with our own tax dollars.

Chaffetz revealed that the Biden administration didn’t just weaponize federal agencies against political opponents; it orchestrated an elaborate data-theft operation that would make authoritarian regimes jealous. As Chaffetz explains, “Federal entities outsourced unlawful data collection to politically sympathetic partners. Rather than directly amassing data, they procured or exchanged it from or with nonprofits and technology firms.”

This isn’t some conspiracy theory cooked up by partisan critics. This is documented reality, backed by Freedom of Information Act requests and congressional testimony that the mainstream media has conveniently ignored.

The scope of this operation is breathtaking. Chaffetz exposes how the Small Business Administration—an agency supposedly focused on helping entrepreneurs—was transformed into a partisan voter registration machine. The SBA “proactively reached out to states, especially battleground states like Arizona and Georgia, to seek recognition as voter-registration organizations, despite federal law stipulating that states must initiate this process under the National Voter Registration Act.”

When SBA Associate Administrator Jennifer Kim was pressed during a 2024 hearing about whether the agency conducted events in non-Democrat-leaning regions, she couldn’t provide a straight answer. The evidence speaks for itself: “documented evidence of partisan bias in these efforts” reveals an administration that viewed federal resources as tools for electoral manipulation.

But voter manipulation was just the beginning. The Biden administration’s data dragnet extended into financial surveillance that targeted Americans based on their political beliefs. Christian nonprofits, gun manufacturers, conservative protesters—even members of the Trump family—found their accounts terminated without justification. As Chaffetz notes, “This initiative ultimately targeted Christian nonprofits, gun manufacturers, conservative demonstrators — even Melania and Barron Trump — shutting down their accounts without justification.”

Keep reading

ICE Is Snooping on Your Medical Bills

The feds are vacuuming up a lot of data on Americans in the name of stopping illegal immigration. Their latest target? Your insurance data.

Immigration and Customs Enforcement (ICE) is now using data from the Insurance Services Office’s ClaimSearch, a private industry service for detecting car and health insurance fraud, according to ICE documents obtained by the tech news site 404 Media on Wednesday. ClaimSearch includes 1.8 billion insurance claims and 58 million medical bills—along with the personal data attached to them, including addresses, tax identification numbers, and license plates.

ClaimSearch’s public policy states that it grants full access to law enforcement agencies “investigating or prosecuting insurance-related crime, or developing background information about a specific individual or list of individuals who have been identified as persons of interest with regard to homeland security activity.”

Verisk, the company that runs ClaimSearch, denied to 404 Media that ICE or the Department of Homeland Security is one of its clients. But the National Insurance Crime Bureau, which controls access to ClaimSearch, did not directly answer whether ICE has access. 404 Media speculated that ICE could have gained access through another government agency.

In March 2025, the Trump administration signed an executive order to tear down “information silos” between federal agencies, and in May, the IRS signed a data-sharing agreement with ICE. The administration has leaned heavily on surveillance contractor Palantir, which has a contract with ICE to facilitate “complete target analysis of known populations.”

ICE has also been tapping into the nationwide network of license plate reading cameras by asking local law enforcement agencies to run searches for specific cars, 404 Media reported earlier this year. Some police departments insisted to 404 Media that the searches were conducted for ICE’s Homeland Security Investigations branch, which handles organized crime and smuggling rather than immigration enforcement.

However, the ICE documents on ClaimSearch specifically said that the data was going to Enforcement and Removal Operations, the branch that handles the detention and deportation of undocumented immigrants.

The immigration cops didn’t just start building their mass surveillance dragnets this year. In 2021, at the start of the Biden administration, The Washington Post reported that ICE was buying utility company records. While Customs and Border Protection (CBP) insisted in a 2018 report that it buys “only anonymized data” from third-party brokers, it has used commercial cell phone data to track and arrest specific people.

Keep reading