The Centers for Disease Control and Prevention (CDC) bought access to location data harvested from tens of millions of phones in the United States to perform an analysis of compliance with curfews, track patterns of people visiting K-12 schools, and specifically monitor the effectiveness of policy in the Navajo Nation, according to CDC documents obtained by Motherboard. The documents also show that although the CDC used COVID-19 as a reason to buy access to the data more quickly, it intended to use it for more general CDC purposes.
The CDC used the data for monitoring curfews, with the documents saying that SafeGraph’s data “has been critical for ongoing response efforts, such as hourly monitoring of activity in curfew zones or detailed counts of visits to participating pharmacies. For vaccine monitoring.” The documents date from 2021.
Unrelated, NextGov has a report of the FBI also doing searches against citizens’ data. Using Section 702, the approximate number of searches on U.S. citizens’ electronic data by the FBI was just under 3,394,053, or about 3.4 million––all without a warrant. This is from the 2021 Annual Statistical Transparency Report.
Searches using provisions outlined in Section 702 cannot be levied against U.S. citizens and do not require warrants. What the most recent report reveals, however, was the number of queries the FBI conducted on U.S. citizens using information gathered from Section 702-acquired information obtained by the National Security Agency.
Despite the large volume of searches the FBI conducted, the agency did not open an investigation related to a Section 702 query on a U.S. person.
Why do we care?
Without any specific data privacy laws, this is legal in the US. Upset? Don’t hate the player; hate the game.

