Last year, A Media investigation It was discovered that a Florida -based data broker, datastream group, was selling highly sensitive location data that tracked the military and intelligence personnel of the United States abroad. At that time, the origin of that data was unknown.
Now, a letter sent to the office of American senator Ron Widen which was obtained by an international collective of media outlets-included wired and 404 media-it states that the final source of that data is Eskimi, a little-known lithuanian advertisement- Was a technical company.
The role of Eskimi highlights the apartheid and mutual nature of the location data industry: a Lithuanian company provided data to American military personnel in Germany to a data broker in Florida, which was then the a theoretically selling that data to someone Can
Zach Edwards says, “Some unknown advertising companies have a global internal threat risk risk, and they are essentially selling all these systems by misusing their reach and selling this highly sensitive data to brokers, which the government is selling it. And sell personal interests. ” Broadly referring to Senior Threat Analyst, Ed-Tech Ecosystem at Cyber Security Firm Silent Push.
In December, Wired, Beersian Randfank (BR), and Netzpolitik.org analyzed a free sample of location data provided by the datastream. Investigations have revealed that the datastream was providing access to exact location data from American military and intelligence personnel, which included in the German airbase, which stored American nuclear weapons. Datastream location is a data broker in data history, sourcing data from other providers and then sells it to customers. Its website earlier stated that it “internet advertising data coupled with the hashed email, cookies and mobile location data.”
The dataset had 3.6 billion location coordinates, some logged at the milcecond interval, from 11 million mobile advertising IDs in Germany over a month period. The data was collected by developers through embedded SDK (Software Development Kit) in mobile apps, which deliberately integrate tracking tools in exchange for revenue-sharing agreements with data brokers.
After this reporting, the Wayden's office sought a reply from the datastream group about its role in the smuggling of data of American military personnel. In response, the datastream recognized ESKIMI as its source, stating that it receives data “legally from Eskimi.com, a respected third-party provider.” Eskimi's CEO, Vytautas Paukstys says “ESKIMI ever has no commercial relations with a datasis/datastream group,” Another name mentions that datastream has used, and that ESKIMI “a data There is no broker. “
In an email that answers detailed questions from reporting collector, M. Seth Lubin informed the data legally from a third party. While Lubin admitted Widen that data was intended for use in digital advertisement, he emphasized the reporting collective that it was never intended for resale. Lubin refused to disclose the source of data, citing a nondisclosure agreement, and reporting collective analysis as careless and misleading.
The Defense Department (DOD) refused to answer specific questions related to our investigation. However, in December, DOD spokesman Javan Rasneke said that the Pentagon knew that Geolocation services may risk the workers and urge the members of the service to remember their training and strictly follow the operational safety protocols. Are.
In an email, Keith Chu, the Chief Communication Advisor and the Deputy Policy Director for Vayeden, described how his office has tried to join Eskimi and Lithuania's Data Protection Authority (DPA) for months. The office approached Eskimi on 21 November and did not receive any response, Chu says. Employees then contacted the DPA several times, “a Lithuanian company serving the places of data selling data abroad, raising concerns about the national security impact of a Lithuanian company.” After no response, the Wayden Staff approached the Defense Attitude at the Lithuanian Embassy in Washington, DC.