Pages

Adversaries can get their hands on personal data sold by AdTech

According to a recent report, advertising technology, also known as “AdTech,” is responsible for collecting a massive amount of user data, including their identity, connection, and device location. Later, the collected personal data is sold to companies globally so they can advertise their products according to their need.

However, the data is not bought by big companies alone. Kirsten Hazelrig, head of cyber policy at MITRE Corporation, revealed that America’s rival countries do not require such packed information to target advertisements, but the information sold out by AdTech can be used by blackmailers or cyber attackers.

The report states that if the data includes personal information about any important person, rival countries or organisations can use it against them by targeting sensitive areas, blackmailing, launching cyberattacks, and much more. Hazelrig added that the information released by AdTech is not processed accordingly and thus holds a potential risk. To shield U.S. citizens and prevent threats, the government should realize how the data can be used as a weapon or become a threat to national security.

When experts were asked to share their views in light of the statement given by Kirsten, they agreed that the information gathered from different sources, including mobile applications, could later be used against those users. To support their statement, an example was shared about the influential Catholic official who went to a gay bar before reaching someone’s residence. The data was collected when the official used Grindr, an application for LGBTQ members; later, the collected data reached a buyer who bought personal information and leaked it online. As a result of the news going viral, the Catholic official was asked to step down.

Back in 2022, a media report revealed how a U.S.-based company was responsible for leaking information about intelligence. Sometime later, the accused company came under the spotlight for supporting Russia in its war against Ukraine.

Similarly, nine years ago, in 2014, data extracted by AdTech was used against the United States defense sector. The attacker got hold of the internet protocol address as well as the likes and dislikes of members of the defense sector. Later on, they were targeted with advertisements carrying malicious links.

Unfortunately, the respective authorities don’t have a proper understanding of the potential consequences of data falling into the wrong hands. As a result, the United States National Defense Authorization Act has given the Director of National Intelligence a duty to assess how AdTech can be used as a potential weapon. It is believed that the country can minimize the threat, but how exactly does it work? The answer to this stated that the threat could be dealt with in a technical as well as regulatory manner. The FTC has already started to explore ways through which impact can be reduced. Another way of dealing with the concern is by letting device or app creators focus on reducing data collection.

Though the collected data goes to law enforcement bodies, some dealers would sell it to enemies. Since the technology is commercially available and data can be bought by anyone, the flow of data cannot be restricted.

Compared to Europe, American citizens have more exposed personal information. The European Union-based General Data Protection Regulation law, although referred to as a failure, has forced firms to reconsider buying more user data and focus more on strengthening their data protection security. Despite such measures, both the U.S. and Europe experience large amounts of data being harvested and later sold off.

Illustration: Freepik
Read next: Videos Top The List In Online Content But Guest Articles Are More Popular, Claims New Study

No comments: