A new study by researchers at the Duke University of Durham, NC, found that buying sensitive data about American military personnel from data brokers is “shockingly easy.” The study suggests that such easy access to military data can likely undermine U.S. national security.
The Massachusetts Institute of Technology (MIT) publication Technology Review called it an “unsettling study” that spanned the course of a year and approached the question of accessibility to sensitive military-related data with a focus on risks to privacy, safety, and national security. Authored by Justin Sherman and his team at the Duke University, the study included 12 American data brokers and found that it took just a couple hundred dollars to obtain very sensitive data on military personnel from these brokers.
The researchers say they were “shocked” at the ease with which they were able to obtain highly sensitive data about members of the military.
The study’s implications are alarming. As noted in the takeaways from the study on the university’s website, the data-selling business is “highly unregulated by the U.S. Government” and enables malicious hands, including foreign actors, to target active-duty military personnel, as well as veterans, and their families and acquaintances.
Technology Review noted that the results of this study are not new and reminded that back in 2018, a social networking app for athletes called Strava was found to reveal the secretive military bases and patrol routes to the app users.
It’s worth noting that data brokers selling this kind of information have a claim to have “strong vetting processes” that would prevent the wrong hands from acquiring their data.
Brokers are not the only sources of access to sensitive military personnel data. Security breaches happen at times and reveal protected information to the public. Earlier this year, such a breach led to a number of classified documents from the Pentagon appearing on social media platforms like Twitter and Telegram. These included military documents related to the Russia-Ukraine war. Shortly after the incident, 21-year-old Jack Teixeira of the Massachusetts Air National Guard was arrested and prosecuted for leaking the classified documents.