U.S. Customs and Border Protection purchased location data from the online advertising ecosystem to track people’s movements without warrants, according to internal Department of Homeland Security documents obtained by 404 Media this week. This marks the first time CBP has publicly acknowledged using real-time bidding (RTB) data—the auction system powering nearly every online ad you see—for surveillance purposes. Between 2019 and 2021, CBP conducted over 55,000 queries tracking Americans through data leaked from everyday apps like Tinder, fitness trackers, and mobile games.
This revelation exposes how the ad tech infrastructure developers integrate every day has become a warrantless government surveillance system. The uncomfortable truth: every ad impression from your app broadcasts user location to thousands of companies, creating permanent tracking records that federal agencies can purchase with a credit card. No warrant. No judicial oversight. Just commercial data broker contracts.
How Your Apps Became Surveillance Infrastructure
Real-time bidding auctions broadcast user data—GPS coordinates, device IDs, browsing history—to thousands of companies in 30-100 milliseconds every time someone sees an ad. The critical vulnerability: all auction participants receive this data, even those who lose the bid. Anyone posing as an ad buyer, including data brokers working with government agencies, can access this firehose of sensitive information about billions of people.
Here’s how it works. When your app loads an ad, the ad network prepares a “bid request” containing the user’s unique advertising ID, precise GPS coordinates, IP address, device details, and inferred interests. This request gets broadcast to thousands of potential advertisers simultaneously. They bid on the ad space in milliseconds. All participants see the data. Location broker Mobilewalla collected data on over 1 billion people this way—60% sourced from RTB auctions alone.
CBP’s internal document, revealed by 404 Media, acknowledges “RTB-sourced location data is recorded when an advertisement is served.” That’s government-speak for “we’re buying the exhaust fumes from your programmatic advertising setup.” Most developers don’t realize their ad integrations create surveillance infrastructure. This happens at the ad network level, often without developer knowledge or control.
Following the Money: Apps to Data Brokers to Government
The government surveillance pipeline runs through data brokers like Venntel and Gravy Analytics. Apps collect location data for legitimate features—weather forecasts, navigation, fitness tracking. Embedded SDKs and RTB systems then share this data with brokers who aggregate and sell to federal agencies. CBP spent over $1 million on Venntel licenses in 2019 alone, conducting 55,000 queries between 2019-2020 across 38 user accounts.
Leaked data revealed thousands of apps sharing location through Gravy Analytics’ network, including Tinder, Grindr, MyFitnessPal, pregnancy trackers, and religious apps—often without developers knowing their ad SDKs were feeding a government surveillance pipeline. Immigration and Customs Enforcement’s “Webloc” tool tracks millions of phones daily, filterable by advertising IDs. Venntel data has been used to identify immigrants later arrested by authorities.
This bypasses Fourth Amendment warrant requirements entirely. Traditional cell tower records require probable cause and a warrant (established in Carpenter v. US). Commercial data purchases face no such restrictions. Government agencies can buy surveillance capabilities that would be unconstitutional to obtain directly—all through data broker intermediaries.
The SDK Black Box: Developers Don’t Know They’re Enabling Surveillance
Many app developers don’t know their ad SDKs leak location data to government surveillance programs. RTB data sharing happens at the ad network level, not the app level. When you integrate Google AdMob, Facebook Audience Network, or similar ad SDKs, those libraries independently share location data through real-time bidding auctions. No developer action or knowledge required—it just happens.
A DHS official told Congress that Venntel’s data “is derived both from SDKs and from the bidstream.” Gravy Analytics acquires all its data “indirectly through other data brokers”—meaning app developers have no direct relationship with the companies selling their users’ data to CBP. The ad tech ecosystem operates as a black box, with data sharing invisible to developers who integrated those SDKs months or years ago.
Developers bear ethical and legal responsibility for data their apps collect. But ad tech operates opaquely—most developers can’t audit what their ad SDKs actually do with location data. Users grant location permission for app features like weather updates and maps, not for government surveillance. The consent model is broken: permission for functionality becomes permission for federal tracking.
The Data Broker Loophole and Fourth Amendment Theater
CBP’s ad tracking purchases exploit what privacy advocates call the “data broker loophole.” Government agencies claim no warrant is needed for commercially available data. The Fourth Amendment traditionally protects against unreasonable searches, but agencies argue that buying data anyone can purchase doesn’t constitute a search. It’s constitutional theater: CBP can’t get a warrant for cell tower records, so it just buys more precise ad tracking data instead. Problem solved—for CBP.
Privacy advocates counter that this violates the spirit of Carpenter v. US, which requires warrants for historical location data. The Fourth Amendment is Not for Sale Act passed the House but stalled in the Senate. If enacted, it would close the data broker loophole and ban warrantless government purchases of location and internet data. Montana became the first state prohibiting government purchase of sensitive data that would require a warrant. Meanwhile, 70+ lawmakers have urged DHS oversight to investigate ICE’s location data purchases.
The legal question is stark: Can government agencies buy surveillance capabilities they couldn’t obtain with a warrant? If the answer is yes, Fourth Amendment protections become meaningless. Developers and tech companies enabling this infrastructure face growing legal and reputational risks as public awareness spreads.
What Needs to Change
Fixing this requires action at three levels. Developers can audit ad SDKs now, minimize location precision, consider SDK-free alternatives, and disclose data sharing practices clearly. Apple’s App Tracking Transparency achieved a 96% user opt-out rate, proving people reject tracking when given clear choice. Google faces mounting pressure to follow Apple’s lead.
The Electronic Frontier Foundation recommends banning behavioral advertising entirely and transitioning to contextual ads based on content rather than user tracking. Montana’s ban on sensitive data purchases without warrants provides a state-level model. The FTC is targeting data brokers like Gravy Analytics, Venntel, and Mobilewalla, but enforcement moves slowly while surveillance continues at scale.
Individual actions help, but they’re not enough. The entire programmatic advertising model needs reform, and the data broker loophole must close. Until then, every app with ads potentially feeds government surveillance—whether developers know it or not.
Key Takeaways
- Real-time bidding broadcasts user location to thousands of companies in milliseconds, creating permanent surveillance records accessible to government agencies through commercial purchases
- CBP conducted 55,000+ location tracking queries between 2019-2020 using data from Venntel and Gravy Analytics, bypassing Fourth Amendment warrant requirements
- Developers often don’t know their ad SDKs leak location data to government programs—RTB sharing happens at the network level without app-level visibility or control
- The “data broker loophole” lets agencies buy surveillance capabilities that would be unconstitutional to obtain directly, turning commercial data markets into warrant alternatives
- Reforms require developer action (audit SDKs, minimize tracking), industry changes (contextual vs behavioral ads), and legislation (close the loophole, ban warrantless purchases)
