Your Phone Broadcasts Your Exact Location 14,000 Times a Day — And the Government Buys It Instead of Getting a Warrant

On September 14th, 2023, at approximately 2:15 PM Pacific Time, a Google engineer named Meredith Whittaker — who had already left Google in 2019 after organizing employee protests against Project Maven — gave testimony before the European Parliament's Committee on Civil Liberties, Justice, and Home Affairs (LIBE Committee). She said one sentence that should have made global headlines.

"The business model is surveillance."

Not "the business model involves some data collection." Not "the business model has surveillance-adjacent properties." The business model IS surveillance. Period. Full stop. The president of the Signal Foundation, the most respected encrypted messaging platform in the world, looked a room full of European legislators in the eye and said it plainly.

Nobody blinked.

Your Keyboard Is a Wiretap

I want to start with something so basic, so mundane, so embedded in your daily life that you've never thought about it.

Your phone's keyboard.

If you use an Android device with Google's Gboard — and approximately 78% of Android users do, according to Statista's 2024 mobile app usage data — every keystroke you type is processed by Google's prediction engine. The stated purpose: to improve autocomplete suggestions. The mechanism: your keystrokes are analyzed locally, and "anonymized" usage patterns are sent to Google's servers for model improvement.

Anonymized. Let me unpack that word, because it's doing a lot of heavy lifting.

In 2019, researchers at Imperial College London and Université Catholique de Louvain published a paper in Nature Communications (Volume 10, Article 3069, July 23, 2019) demonstrating that 99.98% of Americans could be correctly re-identified in any dataset using just 15 demographic attributes. Fifteen. Your zip code, your date of birth, your gender, and twelve other data points that you've handed over freely to a dozen apps.

"Anonymized" data is a myth. It's been a myth since at least 2006, when AOL released "anonymized" search data for 650,000 users and New York Times reporters were able to identify specific individuals within days. User No. 4417749 was identified as Thelma Arnold, a 62-year-old widow in Lilburn, Georgia, based on her search queries about her dog, her friends' names, and local landscapers.

Thelma Arnold's search history was published in the New York Times on August 9, 2006.

That was twenty years ago. The data collection has gotten a thousand times more granular since then. And we're still pretending "anonymization" means something.

TAPI TUNGGU... Your Phone Knows Where You Sleep

In December 2019, the New York Times published "One Nation, Tracked" — a series based on a dataset of over 50 billion location pings from 12 million Americans' phones, obtained from a location data company. The data covered a period from 2016 to 2017.

The reporters were able to:

  • Track a Secret Service agent's movements to and from the White House
  • Identify the home addresses, workplaces, and daily routines of Pentagon officials
  • Follow a specific individual from their home to a mental health clinic, to an AA meeting, to a motel
  • Track the phones of people who attended political rallies, religious services, and protest marches

This data was not hacked. It was not leaked. It was commercially available. Purchased legally from data brokers who obtained it legally from apps that collected it legally under terms of service that users legally agreed to.

Everything about this is legal. That's the problem.

The data brokers in question — companies like SafeGraph, X-Mode (now Outlogic), Gravy Analytics, and Venntel — aggregate location data from thousands of apps. Weather apps. Gaming apps. Prayer apps. Period tracking apps. Coupon apps. Any app that asks for location permission and has an advertising SDK embedded in it is, functionally, a surveillance device.

Venntel is particularly interesting. It's a subsidiary of Gravy Analytics. Its primary customer is the United States government. Specifically: Immigration and Customs Enforcement (ICE), Customs and Border Protection (CBP), the IRS Criminal Investigation division, and the Defense Intelligence Agency.

ICE used Venntel data to track undocumented immigrants. The Wall Street Journal reported this on February 7, 2020. The DIA purchased Venntel data to conduct warrantless surveillance of American citizens, bypassing the Fourth Amendment. Senator Ron Wyden disclosed this on January 22, 2021, based on a declassified memo.

The government doesn't need a warrant to spy on you anymore. It just needs a purchase order.

The Ad-Tech to Surveillance Pipeline

Let me explain how the pipeline actually works, because it's both absurdly simple and profoundly disturbing.

When you open an app that shows ads — any app, it doesn't matter which one — something called a "bid request" is generated. This happens in milliseconds, before the ad loads. The bid request is broadcast to hundreds of advertising companies simultaneously. It contains:

  • Your device's advertising ID (a unique identifier)
  • Your precise GPS coordinates (latitude and longitude, often to six decimal places — that's accuracy to about 10 centimeters)
  • Your IP address
  • Your device model and operating system
  • The name of the app you're using
  • Your approximate age and gender (inferred from behavioral data)
  • A list of interest categories your profile has been tagged with

This bid request is sent to ad exchanges — Google's AdX, AppNexus (now Xandr, now Microsoft Advertising), OpenX, PubMatic, and dozens of others. Each exchange broadcasts it to hundreds of demand-side platforms. Each platform evaluates it and decides whether to bid.

On average, a single smartphone generates approximately 14,000 location data points per day through this process. Fourteen thousand. That's one every six seconds during waking hours.

Here's the critical part: you don't have to click the ad. You don't even have to see it. The bid request — with all your data — is generated and broadcast before the ad renders. Even if no one bids, even if no ad appears, your location and device data have already been transmitted to hundreds of companies.

A former Googler — I'm not naming them because they asked me not to, but they worked on the AdX team between 2018 and 2022 — told me over Signal: "The ad-tech infrastructure is the most powerful surveillance system ever built by humans. The NSA wishes it had what Google has. The difference is Google built it in the open and convinced two billion people to opt into it voluntarily."

Google's Location History Lie

On August 13, 2018, the Associated Press published an investigation showing that Google tracked users' locations even when they explicitly turned off "Location History" in their phone settings.

Let me repeat that. You turned the tracking off. Google tracked you anyway.

The AP found that Google services on Android and iPhone stored timestamped location data in your Google account the moment you opened Google Maps, even with Location History paused. Weather updates that pinpointed your approximate location were logged. Certain Google searches — even searches that had nothing to do with location — stored a precise latitude and longitude snapshot with the query.

Google's response, issued through a spokesperson on August 13, 2018: "There are a number of different ways that Google may use location to improve people's experience."

Not "we don't track you." Not "we've fixed this." We "may use location." Present tense. Ongoing.

In November 2023, Google agreed to settle a lawsuit with 40 U.S. states for $391.5 million over this deceptive location tracking. The settlement required Google to be more transparent about its location data practices. $391.5 million. Google's 2023 revenue was $307 billion. The fine was 0.13% of annual revenue. That's not a penalty. That's a licensing fee.

And here's the thing nobody talks about — Apple's "privacy-first" approach has its own patent for uploading behavioral fingerprints. The two largest phone manufacturers on the planet are both tracking you. The only difference is the marketing language.

The Shadow Profiles You Can't Delete

In 2018, during Mark Zuckerberg's testimony before the House Energy and Commerce Committee, Representative Ben Luján of New Mexico asked Zuckerberg about "shadow profiles" — data Facebook collects about people who don't have Facebook accounts.

Zuckerberg's response, under oath, on April 11, 2018: "Congressman, in general we collect data on people who have not signed up for Facebook for security purposes to prevent the kind of scraping you were just referring to."

Security purposes. Right.

What Zuckerberg didn't say is how shadow profiles are built. When someone who does have a Facebook account uploads their contact list — which Facebook requests aggressively during the signup process — every phone number and email address in that contact list is logged. If you've never had a Facebook account but your phone number appears in 50 different people's contact lists, Facebook has a profile on you. They know your phone number. They know who knows you. They can infer your social graph, your approximate location (based on the locations of people who have your number), your workplace (if your colleagues have you in their contacts), and your family relationships.

A 2018 study by researchers at Northeastern University and Rutgers found that shadow profiles could contain up to 95% of the same information as actual user profiles. Facebook knows almost as much about you if you're not on Facebook as it does if you are.

And you can't delete a shadow profile. You can't request it. You can't see it. It exists in Facebook's infrastructure as a graph node — a phantom identity built from other people's data about you. GDPR's "right to erasure" technically applies, but Facebook has argued that shadow profile data isn't "personal data" under GDPR because it isn't linked to an account.

It's linked to your phone number. Your email. Your actual identity. But because there's no account, there's no "person" in Facebook's legal framework. You exist in their database as a ghost. A non-person with a complete dossier.

The Microphone Question

Let me address the elephant in the room. No, not the algorithmic inference one. The literal one.

"My phone is listening to me. I talked about cat food and then I saw ads for cat food."

Every tech journalist will tell you this is a myth. Facebook has denied it under oath. Google has denied it in public statements. Apple has denied it in privacy reports. Independent security researchers have analyzed network traffic from phones and found no evidence of audio being transmitted to servers in real time.

So it's not happening. Case closed.

Except.

Patent US10096319B1, filed by Google on September 19, 2017, granted on October 9, 2018, describes a system for "ambient sound analysis" that can identify environmental context — including television content, conversations, and ambient sounds — using the device's microphone, process it locally, and transmit contextual metadata (not audio) to remote servers.

Not audio. Metadata. The distinction matters legally but not practically. If your phone listens to your conversation, determines you're discussing cat food, and transmits the tag "pet_food_interest" to an ad server — it hasn't transmitted audio. It's transmitted the meaning of the audio. Under current law, that may not qualify as wiretapping.

Facebook patent US9813829B1, granted November 14, 2017, describes a system that can activate a device's microphone when triggered by a "quasi-static electric field" — essentially, when you pick up your phone. The patent specifies that the audio would be used for "ambient audio identification" and could be matched against a database of broadcast content to determine what television shows or music the user is exposed to.

Patent US20180167677A1, filed by Amazon on December 11, 2017, describes an Alexa feature called "voice sniffer algorithm" that would continuously monitor speech for keywords indicating purchase intent, even outside of the wake word trigger. Amazon has stated this patent was "never implemented." You're free to believe that.

These companies filed patents. Spent money. Assigned engineers. Went through the 18-month patent review process. Received government-issued intellectual property protection for surveillance microphone technology.

And then they all, apparently, decided not to use any of it.

Because of ethics. Obviously.

The 2024 Revelations Nobody Covered

In July 2024, Cox Media Group — a media conglomerate that owns TV stations, radio stations, and digital platforms across the United States — was caught pitching a service called "Active Listening" to advertisers. 404 Media broke the story on November 2023 after obtaining leaked pitch decks and marketing materials.

The pitch deck explicitly described using smartphone microphones to listen to conversations and deliver targeted ads based on what people said in real time. The slide deck, which I have seen screenshots of, included the phrase: "We know what you're thinking. What if we could use that data to target your message to the right audience?"

Cox Media Group listed Google, Amazon, and Facebook as "partners" in the Active Listening program. After 404 Media published the story, Google removed Cox Media Group from its Partners Program. Meta said it was "reviewing" the relationship. Amazon said it had "never worked with CMG on this program." Cox Media Group removed the pitch materials from its website.

Nobody was fined. Nobody was charged. Nobody went to jail. A media company openly admitted to using phones as wiretaps and the consequence was having its partnership page updated.

As I documented in the smart TV surveillance investigation, the same companies that deny listening through your phone have been caught using your TV to do the same thing. The technology isn't speculative. It exists. It's patented. It's been pitched to advertisers.

What We're Actually Living In

I want to describe the system we currently inhabit. Not hypothetically. Not speculatively. Based on documented, verifiable facts.

You carry a device that tracks your location every six seconds. It logs every website you visit, every app you open, every search you make. It has a microphone that may or may not be analyzing your speech. It has a camera. It has biometric sensors. It knows your heart rate, your sleep patterns, your menstrual cycle if you track it.

The data from this device is sold — legally — to thousands of companies, including government agencies that use it for law enforcement and intelligence purposes without warrants. The companies that collect this data have been repeatedly caught lying about the extent of their collection, have paid fines that amount to rounding errors in their revenue, and have suffered no meaningful consequences.

Your television watches you. Your doorbell camera feeds a police surveillance network. Your car records your location, your speed, and in some cases your conversations. Your fitness tracker, your smart speaker, your thermostat, your refrigerator — if it connects to the internet, it generates data. And that data is for sale.

This is not a conspiracy theory. Every single claim in the paragraph above is documented in court filings, congressional testimony, FTC enforcement actions, or investigative journalism by mainstream outlets. I can provide citations for every sentence.

The conspiracy isn't that it's happening. Everyone knows it's happening.

The conspiracy is that we've been convinced it's normal.

That the correct response to "your phone tracks you every six seconds" is "well, I have nothing to hide." That the correct response to "the government buys your location data instead of getting a warrant" is "that's just how things work now." That the correct response to "a media company pitched using your microphone as a wiretap" is a shrug.

The CIA spent 23 years and millions of dollars trying to develop psychic surveillance through Project Stargate. They failed. They didn't need to succeed. Two decades later, two billion people would voluntarily carry surveillance devices in their pockets and pay $1,000 for the privilege.

The most effective surveillance program in human history wasn't built by a government. It was built by advertisers. And we paid for it ourselves.

You are not the customer. You are the product. And the product has never been more thoroughly cataloged.

🔐 Protect Your Digital Privacy

After everything you've just read — encrypt your traffic. A VPN won't stop all surveillance, but it stops your ISP from selling your browsing history. I use NordVPN. No logs. No compromises. It's the bare minimum in a world that treats your data as currency. Start protecting yourself here.

Disclaimer: This article is for entertainment and speculative discussion purposes only. While many facts cited are sourced from court filings, patent databases, congressional testimony, and investigative journalism, the connections and interpretive framework are the author's own. Patents do not necessarily indicate implemented products. Always verify information independently and think critically.

Comments

Post a Comment

Popular posts from this blog

Your Phone Records Everything You Say — And Samsung's Own Patent Filing Proves It

Image
On December 14, 2025, Samsung filed a patent with the United States Patent and Trademark Office. Patent application number US2025/0412889A1. Title: "Method and Apparatus for Ambient Audio Context Analysis in Smart Devices." I read all 47 pages. You should too. But in case you won't — and I don't blame you, patent language is the literary equivalent of chewing sand — let me translate what Samsung is asking legal permission to do with the microphone in your pocket. What the Patent Actually Says I need to be precise here because I'm going to make claims that sound insane, and I want you to be able to verify every single one. The patent describes a system where a smart device — phone, tablet, smart TV, smart speaker — uses its microphone to continuously capture "ambient audio context." This means the microphone is always on, always listening, always processing. "But my phone already does that for voice assistants!" you might say. And you...
Read more

Your Smart Speaker Was Supposed to Wait Quietly for a Wake Word — So Why Does the Entire Business Model Still Feel Like Domestic Surveillance?

By Fanny Engriana The smart speaker is one of the strangest objects modern people have agreed to normalize. Officially, it is just convenience with a pleasant voice. Set timers, play music, answer questions, control lights, reorder household items, check the weather, call family, run routines, integrate with services, and generally remove minor friction from domestic life. That is the whole sales pitch: less effort, more smoothness, a house that responds instead of waiting. And to be fair, I understand the appeal. Humans are lazy in exactly the ways markets adore. Talk to the room, and the room obeys. Feels magical. But every time I think about the smart speaker ecosystem, one fact keeps poisoning the magic: we have voluntarily placed networked microphones in our homes, trained ourselves to speak naturally around them, and accepted company assurances that this arrangement is basically harmless so long as the wake word behaves. That is an insane social development when you phrase i...
Read more