Federal Agencies Used Advertising Data to Track Cellphone Locations

WASHINGTON — An internal U.S. government document shows that federal border officials tested the use of online advertising data to track the location of mobile phones, raising new concerns about how commercial data collected from everyday apps can be used for surveillance.

The document, obtained through a Freedom of Information Act request by the news outlet 404 Media, indicates that U.S. Customs and Border Protection ran a pilot program from 2019 to 2021 using commercially available location data tied to mobile advertising identifiers.

The records come from a Privacy Threshold Analysis submitted to the U.S. Department of Homeland Security, which oversees CBP. Such analyses are required when agencies test or deploy new technologies that may affect personal privacy.

According to the document, CBP tested whether marketing data tied to mobile Advertising IDs — commonly known as AdIDs — could be used to support the agency’s “targeting, vetting, analysis, and illicit network discovery processes.” The identifiers act as digital tags assigned to mobile devices, allowing advertisers to track app activity and user behavior without attaching a person’s name or phone number.

The document appears to be the first confirmation that CBP obtained mobile phone location data originating from online advertising systems, according to 404 Media.

Advertising data of this kind is generated through a process called real-time bidding. When an advertisement loads in a mobile app, an automated auction determines which ad is shown to a user. During that process, advertising platforms may collect device data, including location and a unique advertising identifier.

Although the identifiers do not directly reveal a person’s identity, they allow companies — and potentially government agencies that purchase the data — to follow a device’s movements over time.

The practice builds on a broader pattern in which federal agencies have purchased cellphone location information from commercial data brokers. In 2020, The Wall Street Journal reported that U.S. Immigration and Customs Enforcement had bought access to a commercial database of cellphone location data to help identify immigrants who were later arrested. The newspaper also reported that CBP used similar data to identify phone activity in remote desert areas near the U.S. border.

Civil liberties advocates say such purchases allow agencies to sidestep traditional legal safeguards. Documents previously released by the American Civil Liberties Union show that DHS agencies have acquired large amounts of cellphone location data from brokers — information that would typically require a warrant if obtained directly from telecommunications companies.

More recently, 404 Media reported that ICE purchased surveillance tools capable of searching for mobile devices within a defined geographic area over a period of time. That reporting prompted about 70 members of Congress to call for an investigation by the DHS Inspector General.

The CBP pilot program highlights how data collected by everyday mobile apps — including games, dating platforms, weather apps, and news services — can ultimately be repurposed for government surveillance when sold through the digital advertising marketplace.