Wolfie Christl2d ago

We publish a major Citizen Lab report on Webloc, an ad-based mass surveillance system that monitors the movements and personal characteristics of hundreds of millions people globally based on data obtained from mobile apps and digital advertising.

Customers include ICE, El Salvador and Hungary.

Our research shows that ad-based surveillance is now used by military, intelligence and law enforcement agencies down to local police in several countries.

Full report here:
https://citizenlab.ca/research/analysis-of-penlinks-ad-based-geolocation-surveillance-tech/

Show threadWolfie Christl2d ago

Alongside our report, Hungarian journalist Szabolcs Panyi publishes a VSquare investigation which reveals that Hungarian domestic intelligence has used Webloc since at least 2022, and still does today.

This is the first confirmation of the use of ad-based surveillance technology in Europe:
https://vsquare.org/orban-spying-toolkit-cobwebs-webloc-hungary-spyware-citizen-lab

Orbán’s Spying Kit Revealed: Israeli Surveillance Tool Combined with Hungarian Technology - VSquare.org

Intelligence agencies of Viktor Orbán's government have been secretly using Webloc — a mass surveillance tool that tracks hundreds of millions of people via smartphone advertising data — making Hungary the first confirmed EU country to deploy it, in likely violation of GDPR. Moreover, our investigation confirms the existence of "homegrown" OSINT and spyware tools.

VSquare.org
Show threadWolfie Christl2d ago

i and my colleagues at the University of Toronto's Citizen Lab spent months investigating Webloc, its capabilities and customers, based on public records, leaked docs, freedom of information requests and technical analysis.

Webloc is an add-on to the social media and web intelligence system Tangles, both developed by Israeli Cobwebs Technologies and since 2023 sold by US-based vendor Penlink.

Show threadWolfie Christl2d ago

This screen, from a leaked 2021 document, shows how Webloc tracked a person travelling from Germany via Austria to Hungary.

The system obtains the data from everyday consumer apps installed on phones. The data is tied to mobile device IDs typically used for ad targeting, which identify a phone and its owner.

The systematic misuse of this data for tracking and profiling in digital marketing is already highly problematic. Misusing it for government surveillance is another level of disastrous.

Show threadmojala2d ago
@wchr Wow. Shouldn’t this be illegal according to EU regs? Or is this fair use / otherwise ok with GDPR?
Show threadAris Adamantiadis 💲Paid
@mojala @wchr that sounds totally illegal, but as usual, "intelligence" agencies (read: political opponents tracking mafias) live in a parallel universe where laws don't apply.
Apr 10 at 7:33amWeb