GCHQ and the US National Security Agency have been developing capabilities to take advantage of "leaky" smartphone apps, such as the wildly popular Angry Birds game, which transmit users' private information across the internet, according to top secret documents.
The data pouring on to communication networks from the new generation of iPhone and Android apps ranges from phone model and screen size to personal details such as age, gender and location. Some apps, the documents state, can share users' most sensitive information, such as sexual orientation - and one app recorded in the material even sends specific sexual preferences such as whether the user may be a swinger.
Many smartphone owners will be unaware of the full extent to which this information is being shared across the internet, and even the most sophisticated would be unlikely to realise that all of it is available for the spy agencies to collect.
Dozens of classified documents, provided to the Guardian by the whistleblower Edward Snowden and reported in partnership with the New York Times and ProPublica, detail the NSA and GCHQ efforts to piggyback on this commercial data collection for their own purposes.
Scooping up information the apps are sending about their users allows the agencies to collect large quantities of mobile phone data from their existing mass surveillance tools - such as cable taps, or from international mobile networks - rather than solely from hacking into individual mobile handsets.
Exploiting phone information and location is a high-priority effort for the intelligence agencies, as terrorists and other intelligence targets make substantial use of phones in planning and carrying out their activities, for example by using phones as triggering devices in conflict zones. The NSA has spent more than $1bn (pounds 600m) on phone targeting.
The disclosures also reveal how much the shift towards smartphone browsing could benefit spy agencies' collection efforts. One slide from a May 2010 NSA presentation on getting data from smartphones - breathlessly entitled Golden Nugget! - sets out the agency's "perfect scenario": "Target uploading photo to a social media site taken with a mobile device. What can we get?" The question is answered in the notes to the slide: from that event alone, the agency said it could obtain a "possible image", email selector, phone, buddy lists, and "a host of other social working data as well as location".
In practice, most major social media sites, such as Facebook and Twitter, strip photos of identifying location metadata (known as EXIF data) before publication. However, depending on when this is done during upload, such data may still, briefly, be available for collection by the agencies.
Depending on what profile information a user had supplied, the documents suggested, the agency would be able to collect almost every important detail of a user's life including home country, current location (through geolocation), age, gender, postcode, martial status - options included "single", "married", "divorced", "swinger" and more - income, ethnicity, sexual orientation, education level, and number of children.
The agencies also collected location information in bulk from Google and other mapping apps. One basic effort by GCHQ and the NSA was to build a database locating every mobile phone mast in the world, meaning that just by taking tower ID from a handset, location information could be gleaned.
A more sophisticated effort relied on intercepting Google Maps queries made on smartphones and using them to collect large volumes of location information. So successful was this effort that one 2008 document noted that "[i]t effectively means that anyone using Google Maps on a smartphone is working in support of a GCHQ system".
The information generated by each app is chosen by its developers, or by the company that delivers an app's adverts. The documents do not detail whether the agencies actually collect the potentially sensitive details some apps are capable of storing or transmitting, but any such information would probably qualify as content rather than metadata.
Data collected from smartphone apps is subject to the same laws and minimisation procedures as all other NSA activity - procedures which Barack Obama suggested may be subject to reform in a speech this month. But the US president focused largely on the NSA's collection of the metadata from US phone calls and made no mention in his address of the large amounts of data the agency collects from smartphone apps. The documents do not make it clear how much of the information that can be taken from apps is routinely collected, stored or searched, nor how many users may be affected. But they set out in great detail exactly how much information can be collected from widely popular apps.
One document held on GCHQ's internal Wikipedia-style guide for staff details what can be collected from different apps. Though it uses Android apps for most of its examples, it suggests much of the same data could be taken from equivalent apps on the iPhone or other platforms.
The GCHQ documents set out examples of what information can be extracted from different ad platforms, using perhaps the most popular mobile phone game of all time, Angry Birds - which has reportedly been downloaded more than 1.7bn times - as a case study.
From some app platforms, relatively limited, but identifying, information such as exact handset model, the unique ID of the handset, software version, and similar details is all that is transmitted. Other apps choose to transmit much more data, meaning the agency could potentially net far more. One mobile ad platform, Millennial Media, appeared to offer rich information. Millennial Media's website states it has partnered with Rovio, the maker of Angry Birds, on a special edition of the game; with Farmville maker Zynga; with Call of Duty developer Activision; and many other major franchises.
"Rovio doesn't have any previous knowledge of this matter, and have not been aware of such activity in third-party advertising networks," said Saara Bergstrom, Rovio's vice-president of marketing and communications. "Nor do we have any involvement with the organisations you mentioned [NSA and GCHQ]." Millennial Media did not comment.
GCHQ's targeted tools used against individual smartphones are named after characters in the TV series The Smurfs. An ability to make the phone's microphone "hot", to listen in to conversations, is named Nosey Smurf. High-precision geolocation is called Tracker Smurf, power management - an ability to stealthily activate a phone which is apparently turned off - is Dreamy Smurf, and the spyware's self-hiding capabilities are codenamed Paranoid Smurf.
The NSA said its phone interception techniques were only used against valid targets, and were subject to stringent legal safeguards. "The communications of people who are not valid foreign intelligence targets are not of interest to the National Security Agency," a spokeswoman said.
"Any implication that NSA's foreign intelligence collection is focused on the smartphone or social media communications of everyday Americans is not true. Moreover, NSA does not profile everyday Americans as it carries out its foreign intelligence mission . . . Because some data of US persons may at times be incidentally collected in NSA's lawful foreign intelligence mission, privacy protections for US persons exist across the entire process concerning the use, handling, retention, and dissemination of data. In addition, NSA actively works to remove extraneous data, to include that of innocent foreign citizens, as early as possible in the process.
"Continuous and selective publication of specific techniques and tools lawfully used by NSA to pursue legitimate foreign intelligence targets is detrimental to the security of the United States and our allies - and places at risk those we are sworn to protect."
GCHQ declined to comment on any of its specific programmes, but stressed all of its activities were proportional and complied with UK law. "It is a longstanding policy that we do not comment on intelligence matters," said a spokesman. "All of GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight."
Original headline: Revealed: spy agencies target phone apps: GCHQ and NSA able to harvest data through games such as Angry Birds: Agencies use phone apps to spy on owners
Most Popular Stories
- Criminal Investigation Opened Into James Foley's Death
- Swiss Suicide Tourism Doubled Since 2009
- Florida's Largest Insurer Says 'Bailout' Attacks Unfair
- Wealth Gap Widened in Past Decade: Census
- James Foley Beheading Sparks Anger, Little Action
- Gap Reports Higher Profits, India Plans
- International Revulsion Grows Over James Foley Death
- Beyonce, Jay-Z Cuba Trip Was Legal After All
- Sears Holdings Loses $573 Million
- Chinese Stock Funds Are a Late-summer Bloomer