Security agencies routinely purchase commercial advertising intelligence

A comprehensive study by German security academics, published by the tech think-tank Interface, has found that purchasing commercially available advertising intelligence (Adint) has become a primary means of government surveillance, not just in the US but also across Europe. Based on a survey of eleven European intelligence agency regulators, researchers found that commercial data brokers compile streams of bulk data that provide greater detail on targets than traditional state-directed surveillance activities.

Purchased data includes unique mobile device identifiers, precise historical location tracking, and granular profile data detailing age, sex, political preferences, sexual orientation, and religious beliefs. Large agencies frequently purchase these datasets directly or via front companies to mask their identities, while smaller governments utilise off-the-shelf commercial analysis tools.

The shift occurred because consumers routinely sign away their rights through product or service terms and conditions. In contrast, legal frameworks governing Adint remain vague or absent. While strict rules govern traditional interceptions, post-2013 surveillance laws do not cover commercial data purchases. 

£ - This article requires a subscription. 

Training Announcement: The BCS Foundation Certificate in Information Security Management Principles (CISMP) is an entry-level programme aligned with ISO/IEC 27001 and Cyber Essentials that examines the fundamental concepts, technologies and principles of information security management. It provides attendees with practical knowledge of key concepts and techniques in risk management, security operations, and technical, physical, and environmental security. In addition, CISMP addresses legal and regulatory requirements, business continuity and disaster recovery planning, and emerging technologies. Find out more.