Share this page!

Wolfie Christl Profile picture
Twitter logo
14 Dec, 19 tweets, 10 min read
Predicio, a French data broker who was caught selling location data harvested from ordinary smartphone apps to the US defense contractor Venntel, also provides 'foot traffic data' in partnership with Aspectum, another US company who sells to law enforcement and homeland security.
Aspectum (aka EOS Data Analytics) claims to provide 'geospatial insight based on cell phone activity and other data sources for a better understanding of local social interaction hazards' such as 'demonstrations, protests, riots, and other mass civil disorder acts', for example.
Sources:
aspectum.com/industry-publi…
aspectum.com/data-on-demand/

As a part of a 'combined offer from Aspectum and Predicio', that 'enables' clients 'to track and analyze human activities', 'foot traffic data' is 'available for selected countries' including the US and most EU countries.
So-called 'foot traffic data' usually refers to commercial location data secretly harvested via smartphone apps, often tied to unique personal identifiers.

According to Aspectum's website, Predicio seems to be their main provider for location data, but this must not be true.
"The real-time map displays current protests hotspots, estimates numbers of participants by city..."

Here's how Aspectum has visualized Black Lives Matter demonstrations in June. It's not clear whether they included smartphone/location data here, though: aspectum.com/blog/aspectum-…
Promo video on YouTube that shows how Aspectum and Predicio identified 75 individuals who met on a train platform in Paris, and then tracked 'their movements around the city during the next 2 weeks', where they 'crossed paths with 100000 other users':
Here's the recent investigation by @martingund that describes how Predicio obtained location data from weather+navigation apps and sold it to Gravy/Venntel, the US firm who is selling location data to US federal agencies:
nrkbeta.no/2020/12/03/my-…

Thread:
In addition to Aspectum, the French data broker Predicio mentions other 'trusted partners', including the European branch of the Interactive Advertising Bureau (IAB), representing the online advertising industry.

It also mentions Datarade and Narrative.
location-data.predic.io/location-data-…
According to a listing at Datarade, a kind of yellow pages directory of data brokers, Predicio sells data on the movements of 61.5 million 'daily active' app users in many countries including GPS location and personal identifiers:

(screenshots from Dec 4)
In addition, Predicio sells location data to (or via) Narrative, another US data broker.

This is interesting, because Narrative also lists Complementics, the second company who sold app location data to US defense contractor Venntel, as a 'data provider'.
narrative.io/data-partners
Narrative claims to (re)sell data on 2 billion mobile devices from 17 data providers. Location records include at least 'latitude and longitude of a given device', the 'time of the observation' and a 'unique identifier for a device or user'.

/cc @CNIL_en

narrative.io/data-types/loc…
I don't think that gathering personal data in the form of location records from smartphone apps and selling access via a data broker can be done in a GDPR compliant manner, especially not when the data broker's privacy policy doesn't even mention the GDPR.
narrative.io/privacy-policy
As I said earlier, if I were an EU data protection authority and I'd have sufficient grounds for suspicion that an EU company processes/sells personal data on millions without a legal basis, I'd raid offices and seize server access to investigate stuff.
Also, it is LONG overdue that EU authorities crack down on data companies in the US and elsewhere, who are monitoring behaviors in the EU at scale.

There is enough evidence out there on the web, in reports etc. The location data industry would be a low-hanging fruit.
Oh, I wonder why did Predicio take down its website?
predic.io
Statement by Aspectum. I suggest this should be investigated by EU DPAs.
Anyway @Aspectumapp:

1) Are you aware how 'personal data' is defined in the GDPR?

2) Are you sure you do not process pseudonymous personal data rather than anonymized data?

3) How can you follow the movements of 75 persons w/o processing personal data?
I doubt that this 'combined offer' on the 'Data on Demand' page of Aspectum's website doesn't involve processing of personal data as defined in the GDPR.

If it would, Aspectum+Predicio would be joint data controllers, and need a legal basis to process it.
aspectum.com/data-on-demand/
Oh my, now they also took the Youtube video that shows how Aspectum and Predicio identified 75 persons and then tracked their movements down 🤔

That doesn't make much sense. Predicio's website is on archive.org, and of course, I archived the video before tweeting...

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Wolfie Christl

Wolfie Christl Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @WolfieChristl

Wolfie Christl Profile picture
14 Dec
argyle.com, a US startup that aims to aggregate employment records across employers, including data on work activities and reputation, and sell it to recruiters, lenders, insurers. It claims it has already access to 40m records.

This is terrifying + shouldn't exist. Image
"The short term objective for Argyle is access to 100% of employment records; the reason for fundraising at this moment is to quicken the date of 100% access"

From the company's "funding memo":
notion.so/Argyle-A-Round…

Argyle has raised $20m+ in funding:
crunchbase.com/organization/a… Image
"We started with building coverage where Equifax has not - in the gig economy"
notion.so/Argyle-A-Round…

US data brokers have been gathering+selling data on work history/salary for decades, which also shouldn't happen. Argyle's sales pitch suggests they want to go far beyond that.
Read 10 tweets
Wolfie Christl Profile picture
13 Dec
Microsoft Teams for Education knows what students are doing late at night.

It also knows what students are doing early in the morning, at individual level.

Generally, MS Teams for Education has extensive student monitoring capabilities built in.

Its 'Insights' tool can track which meetings students attend and for how long, what tabs they view, if they open files, post messages, reply or react with emojis.
edudownloads.azureedge.net/msdownloads/Mi…
Read 15 tweets
Wolfie Christl Profile picture
11 Dec
Today's digital advertising based on selling user data to the highest bidder has been called the 'largest data breach ever', and yes:

Two firms who sell targeted+mass surveillance to governments are hoovering phone location data from the ad/rtb bidstream: forbes.com/sites/thomasbr…
One of the players, Bsightful, is part-owned by the US surveillance giant Verint, who reportedly supplied phone tapping tech to the NSA.

The other, Rayzone, sells a "Global Virtual SIGINT" system that promises "wide, diverse and in-depth information on global internet users".
According to Forbes, Bsightful is "hoovering up app location data by running what’s known as a Demand Side Platform (DSP)".

That way, they can collect "location and other phone data the app developers are willfully providing, the data passing through [the so-called] bidstream".
Read 12 tweets
Wolfie Christl Profile picture
11 Dec
The question is will Santa bring gifts after clicking "don't allow".
I think we should also discuss Santa's monopoly power.
Hm, 4% of Santa's annual global turnover may amount up to something.
Read 4 tweets
Wolfie Christl Profile picture
29 Nov
Microsoft claims that its MS 365 'productivity score' is not a worker monitoring tool, but should only help diagnose system issues.

Also, MS holds a patent on using 'productivity services data' to single out individuals, deploy 'behavior change' programs, and monitor compliance.
"Yourself and a group of your colleagues have been provided a focus time plan ... to get your important work done"

Microsoft patent "Systems, methods, and software for implementing a behavior change management program":
freepatentsonline.com/20190259298.pdf

H/T, thx!
yro.slashdot.org/story/20/11/29…
The patent reads like the design of an ubiquitous employee monitoring dystopia, presented in the antiseptic language of benevolent behaviorism.

Patents don't necessarily become products, but it is very close to what MS is already providing. It also mentions data from Office 365.
Read 4 tweets
Wolfie Christl Profile picture
24 Nov
Esoteric metrics based on analyzing extensive data about employee activities has been mostly the domain of fringe software vendors. Now it's built into MS 365.

A new feature to calculate 'productivity scores' turns Microsoft 365 into an full-fledged workplace surveillance tool: Image
Employers/managers can analyze employee activities at the individual level (!), for example, the number of days an employee has been sending emails, using the chat, using 'mentions' in emails etc.

Microsoft promo video:


Via Heise:
heise.de/news/Anwenderu… Image
Showing data on individuals can be turned off, but it's activated *by default*. This normalizes extensive workplace surveillance in a way not seen before.

I don't think employers can legally use it in most EU countries. I'm sure they cannot legally use it in Austria and Germany. Image
Read 31 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @WolfieChristl has new unrolls!

Check out other threads from @WolfieChristl!

Read all threads by @WolfieChristl