WHEN a smartphone user opens Angry Birds, the popular game application, and starts slinging birds at chortling green pigs, spies could be lurking in the background to snatch data revealing the player’s location, age, sex and other personal information, according to secret British intelligence documents.
In globe-spanning surveillance for terrorism suspects and other targets, the National Security Agency and its British counterpart have been trying to exploit a basic byproduct of modern telecommunications: With each new generation of mobile phone technology, ever greater amounts of personal data pour onto networks where spies can pick it up.
According to dozens of previously undisclosed documents, among the most valuable of those unintended intelligence tools are so-called leaky apps that spew everything from the smartphone identification codes of users to where they have been that day.
The NSA and Britain’s GCHQ were working together on how to collect and store data from dozens of smartphone apps by 2007, according to documents provided by former contractor Edward Snowden.
Since then, the agencies traded recipes for grabbing location and planning data when a target uses Google Maps, and vacuuming up address books, buddy lists, telephone logs and geographic data embedded in photographs when someone sends a post to mobile versions of Facebook, Flickr, LinkedIn, Twitter and other services.
The scale and the specifics of the data haul are not clear. The documents show that the NSA and GCHQ routinely obtain information from certain apps, particularly those introduced earliest to cellphones. Some personal data, developed in profiles by advertising companies, could be particularly sensitive: A secret British intelligence document from 2012 said spies can scrub smartphone apps to collect details like a user’s “political alignment” and sexual orientation.
The documents do not address how many users might be affected, whether they include Americans or how often.
One secret report showed that just by updating Android software, a user sent more than 500 lines of data about the phone’s history and use onto the network.
The agencies displayed a particular interest in Google Maps, accurate to within a few yards . Intelligence agencies collected so much data from the app “you’ll be able to clone Google’s database” of global searches for directions, according to a top-secret NSA report from 2007. Google declined to comment for this article.
The agencies have had occasional success, at least by their own reckoning. The spies say tracking smartphone traffic helped break up a bomb plot by al-Qaeda in Germany in 2007. Similarly, mining such data helped lead to the arrests of members of a drug cartel hit squad in the killing of an American Consulate employee in 2010.