EU Officials' Location Data Sold to Highest Bidders, Despite Strict Data Laws

Journalists in Europe have found it was easy to spy on top European Union officials using commercially obtained location histories sold by data brokers, despite the continent having some of the strongest data protection laws in the world. According to a report by Netzpolitik, the coalition of reporters obtained the dataset, offered as a free sample from a data broker, containing 278 million location data points from the phones of millions of people around Belgium. Much of the location data is uploaded by ordinary apps installed on a person's phones, which is sold to data brokers. Those data brokers then sell that data to governments and militaries. The dataset also included the granular location histories of Europe's top officials, including those who work directly for the European Commission, which has its headquarters in Brussels. The reporters said they were able to identify hundreds of devices belonging to people who work in sensitive areas around the EU, including 2,000 location markers from 264 officials' devices. The reporters claimed that the data was easily accessible and could be used to track the movements of top officials, raising concerns about the potential for surveillance and data misuse. EU officials expressed concern about the trade of citizen and officials' mobile phone location data. In response, they have issued new guidance to staff to counter the tracking. "We take the protection of personal data very seriously, and we are concerned about the potential risks associated with the trade of location data," said a spokesperson for the European Commission. "We are working to ensure that our staff are aware of the risks and take necessary precautions to protect their personal data." The report highlights the risks associated with the commercial sale of location data. Much of the location data is uploaded by ordinary apps installed on a person's phone, which is then sold to data brokers. These data brokers then sell the data to governments and militaries. This practice has raised concerns about the potential for surveillance and data misuse. "The fact that it's so easy to obtain this data is a major concern," said a cybersecurity expert. "It highlights the need for greater regulation and oversight of the data brokerage industry." The European Union has some of the strongest data protection laws in the world, but the report suggests that these laws may not be sufficient to protect citizens' and officials' personal data. The EU's General Data Protection Regulation (GDPR) requires companies to obtain explicit consent from individuals before collecting and processing their personal data. However, the report suggests that many people may not be aware that their location data is being collected and sold. The current status of the issue is that EU officials are working to address the concerns raised by the report. The European Commission has issued new guidance to staff to counter the tracking of location data. However, the report highlights the need for greater regulation and oversight of the data brokerage industry to prevent the misuse of location data. As the report notes, "the trade of location data is a major concern, and it requires a coordinated effort to address the risks associated with it."