Your Phone Is Talking. Someone Is Listening and Selling the Transcript.

There’s a story doing the rounds that deserves more attention than it’s getting. US senators are formally warning that the advertising data industry represents a national security threat, because location data harvested from ordinary apps is being used to track military personnel in active war zones. The Department of Defense, apparently, has yet to implement basic protections against this. In war zones. For its own troops.

Take a moment with that.

The same surveillance infrastructure that serves you ads for things you talked about near your phone is, in a very literal sense, capable of getting soldiers killed. Not as a hypothetical. As a documented concern raised at the senate level.

The dark comedy in the comments online was hard to ignore. Someone joked about the Amazon recommendations you’d receive in a conflict zone. Kevlar. 5.56 ammunition. Baby oil. It’s funny until it isn’t, which is about three seconds.

What keeps nagging at me is how mundane the mechanism is. Nobody had to hack anything. Nobody needed a spy in the field. You just buy the data. It’s commercially available. A broker packages up location pings harvested from weather apps and mobile games and navigation software, and sells it to whoever has the budget. That could be a retailer wanting to know if you visited a competitor. It could also be a foreign intelligence service wanting to know where a cluster of American devices just appeared in the Middle East.

This isn’t a new observation. John Oliver did a whole segment on data brokers years ago, including the genuinely alarming stunt of purchasing and delivering the location data of members of Congress to make exactly this point. Congress watched the segment, presumably nodded gravely, and then continued not passing meaningful privacy legislation. The cycle is familiar enough to be demoralising.

One senator, by the accounts I’ve read, has been banging this drum for years. The frustrating thing about that situation is that it apparently involves classified information he can’t fully disclose. He can gesture at the shape of the problem without being able to name it plainly. That’s a strange and exhausting position to be in, and I have some sympathy for it.

The harder argument, and the one I find most compelling, is that the problem isn’t fixable by telling troops to leave their phones at home. The problem is the existence of the market itself. Someone in the thread made the point well: treat personal data like toxic waste, not like an asset. Make holding it a liability. Make the risk of a breach or misuse so catastrophic that companies stop wanting more data than they absolutely need to complete a transaction.

The GDPR comparison is instructive. Fines calculated as a percentage of global revenue actually sting. Flat fines are just a cost of doing business for companies operating at scale. Australia’s privacy framework has improved but still has a long way to go on meaningful enforcement. The OAIC can name and shame, but the penalties haven’t historically matched the scale of the violations.

There’s a tension I keep sitting with here. I find the technology genuinely interesting. The infrastructure that makes targeted advertising possible is, from a purely technical standpoint, remarkable. I’ve worked close enough to data pipelines to understand the engineering involved. And I think that’s actually part of the problem: the people building these systems are often more focused on the elegance of the solution than on what it enables downstream. I’ve been in those rooms. The question “what could someone do with this if they wanted to cause harm” doesn’t come up as often as it should.

The national security framing might actually be the thing that moves the needle, if anything can. Privacy advocates have been making the civil liberties argument for decades without shifting the needle much. But “this data market can be used to track and target your own military personnel” is a different kind of argument. It lands differently in certain rooms.

I’m not holding my breath. But I’m watching.