Enlarge / If your phone knows where you are, the feds can too. (credit: Luis Alvarez | Getty Images )

The Defense Intelligence Agency, which provides military intelligence to the Department of Defense, confirmed in a memo that it purchases "commercially available" smartphone location data to gather information that would otherwise require use of a search warrant.

The DIA "currently provides funding to another agency that purchases commercially available geolocation metadata aggregated from smartphones," the agency wrote in a memo ( PDF ) to Sen. Ron Wyden (D-Ore.), first obtained by the New York Times .

The Supreme Court held in its 2018 Carpenter v. United States ruling that the government needs an actual search warrant to collect an individual's cell-site location data. "When the Government tracks the location of a cell phone it achieves near perfect surveillance, as if it had attached an ankle monitor to the phone’s user," Chief Justice John Roberts wrote for the majority in his opinion. "The retrospective quality of the data here gives police access to a category of information otherwise unknowable."

Enlarge / A surveillance camera mounted on a wall on a sunny day. (credit: Thomas Winz / Getty)

In an attempt to mitigate the potential spread of COVID-19, one Michigan college is requiring all students to install an app that will track their live locations at all times. Unfortunately, researchers have already found two major vulnerabilities in the app that can expose students' personal and health data.

Albion College informed students two weeks before the start of the fall term that they would be required to install and run the contact tracing app, called Aura.

Exposure notification apps being deployed by states , based on the iOS and Android framework that Apple and Google announced earlier this year, are designed to minimize harms to privacy. That framework basically uses a phone's Bluetooth capabilities as a proximity sensor, to see if the phone it's installed on has been near a phone of someone who reports having tested positive for COVID-19.

Enlarge / Dozens of apps on your phone know where you are, whether you're home, at a doctor's appointment, at the airport, or sitting still in a blank white room to pose artfully for a photo shoot. (credit: JGI | Tom Grill | Getty Images )

An increasing number of law enforcement agencies, including the US Secret Service, are simply buying their way into data that would ordinarily require a warrant, a new report has found, and at least one US senator wants to put a stop to it.

The Secret Service paid about $2 million in 2017-2018 to a firm called Babel Street to use its service Locate X, according to a document ( PDF ) Vice Motherboard obtained . The contract outlines what kind of content, training, and customer support Babel Street is required to provide to the Secret Service.

Locate X provides location data harvested and collated from a wide variety of other apps, tech site Protocol reported earlier this year. Users can "draw a digital fence around an address or area, pinpoint mobile devices that were within that area, and see where else those devices have traveled" in the past several months, Protocol explained.