US government agencies conduct warrantless mass surveillance of Americans by buying their phone-location and other personal data from commercial data brokers, a documented practice
Where the evidence lands: SupportedThat US government agencies routinely conduct warrantless mass surveillance of Americans by purchasing their cell-phone location histories and other sensitive personal data from commercial brokers, deliberately exploiting a legal loophole so they can acquire, without a court order, the very information the Fourth Amendment and the Supreme Court's Carpenter ruling would otherwise require a warrant to obtain.
Believed by: The core practice is not a fringe belief but a documented fact acknowledged by the government itself and reported by mainstream outlets. Civil-liberties groups across the political spectrum, and a bipartisan bloc in Congress, treat it as established. The dispute is narrow and legal: whether the purchases are constitutional.
The full story
What is documented
This file is unusual for the site, because the headline claim is not a theory that has to be argued into existence. It is a documented, partly self-confessed government practice. Multiple US agencies have bought Americans' personal data, including detailed phone-location histories, from private companies that harvest and resell it, instead of going to a judge for a warrant.
The buyers are not obscure. Records obtained through Freedom of Information Act litigation by the ACLU detail purchases of bulk location data by the Department of Homeland Security and its ICE and CBP components. The IRSCriminal Investigation unit subscribed to a broker's location database. Elements of the military, including Special Operations Command, bought app-harvested location data through firms such as X-Mode and Babel Street. And in a 2023 Senate hearing, the FBI director acknowledged the bureau had purchased commercial location data as well.
The suppliers are a small industry of data brokers, companies like Venntel and X-Mode, that pull location pings and other signals out of ordinary smartphone apps and aggregate them at staggering volume. In marketing materials surfaced by the ACLU, Venntel boasted of sweeping up more than fifteen billion location signals from over 250 million devices in a single day. So the raw question of whether this happens is answered. It does.
The declassified admission
The strongest single piece of evidence is not a leak or an activist report. It is the government describing its own conduct. In June 2023, after a request from Senator Ron Wyden, the Office of the Director of National Intelligence declassified an internal report, dated January 2022, on what it calls commercially available information, or CAI.
The report confirms that the intelligence community acquires increasing amounts of CAI, including sensitive information such as location data. More striking is its candor about what that means. It warns that CAI has grown in scale and detail to the point where it can replicate the results of intrusive surveillance techniques once reserved for targeted operations, and it concedes that changes in the data landscape have undermined the old assumption that publicly available information is categorically non-sensitive. The report even admits the community does not fully know how much CAI it holds or exactly how it is used.
That is the crux of why this file is rated substantiated. When critics say agencies buy revealing data on Americans in bulk, they are not speculating past the evidence. They are restating what the intelligence community wrote about itself in a classified document that was later opened to the public.
The most damning source here is not a whistleblower. It is a declassified government report acknowledging the practice in the government's own words.
The loophole, and why the law is the real fight
The reason this practice is possible turns on a gap between two things that feel identical but are treated differently in law. In Carpenter v. United States (2018), the Supreme Court held that when the government compelsa phone carrier to hand over a person's historical cell-site location records, that is a Fourth Amendment search requiring a warrant, because sustained location tracking exposes the intimate patterns of a life.
The data-broker channel sidesteps that ruling by changing the verb. Instead of compelling records from a carrier, an agency buyslocation data that a broker acquired from apps and offers for sale on the open market. Agencies argue this is an ordinary commercial transaction outside Carpenter's reach: the data was voluntarily generated, a third party is selling it, and the government is merely another customer. Critics counter that this is a distinction without a difference, that it lets the state acquire by purchase precisely what the Constitution says it must get by warrant, and legal scholars have described the maneuver as laundering a search into a sale.
This is where honest reporting requires a firm line. That the purchases happen is documented fact. That they evade the Fourth Amendment is a strong and widely held legal argument, but the courts have not conclusively resolved it, and agencies assert the opposite. This file treats the practice as real and the constitutional evasion as a serious, unsettled claim rather than a decided one.
Why this is not just the NSA story again
It is tempting to fold this into the familiar post-Snowden narrative of secret bulk collection, and the two share a theme. But the mechanism here is different, and the difference is the whole point of treating it as its own case.
The classic programs ran on secret legal authorities and compelled cooperation from telecommunications companies. The data-broker route runs on a market. The information is generated by consumer apps that most people install without thinking, aggregated by private companies whose business is resale, and sold to whoever will pay, a category that happens to include federal agencies. There is no secret court order at the center of it; there is an invoice.
That is why the debate around it looks different too. The proposed fix is not intelligence reform but a consumer-and-constitutional statute, the Fourth Amendment Is Not For Sale Act, and part of the accountability question points at the brokers themselves, some of whom have since drawn Federal Trade Commission enforcement over selling sensitive location data. The surveillance still happens; it just arrives through the checkout line rather than the wiretap.
There is no secret court order at the center of this one. There is an invoice.
Where the evidence lands
Keep the two layers apart, because that is the whole discipline of the file. The practice is documented: US agencies including the FBI, DHS, ICE, CBP, the IRS, and parts of the military have bought Americans' location and personal data from commercial brokers, and the intelligence community's own declassified report confirms the pattern and its scale. On that, the record is firm, which is why this file is rated substantiated rather than left as an allegation.
What substantiated does not mean is that every framing of the story is proven. Whether the purchases are unconstitutional, as opposed to merely unregulated, is a live legal question the courts have not answered. The exact, current scope of the buying is only partially visible, assembled from litigation and hearings rather than any complete public inventory. And the political effort to close the loophole has so far stalled. Those are real limits, and this file names them.
The right posture is to state plainly what the record supports: the government does buy this data, it has admitted as much, and it is largely doing so without warrants. Then to be equally plain about what is still open: whether that survives Fourth Amendment scrutiny, and whether anyone will rein it in. A conspiracy that the government concedes in its own declassified report is no longer a conspiracy theory. It is a policy the public is entitled to see clearly.
Watch
What's still unexplained
- The central legal question is unresolved. Courts have not definitively decided whether purchasing commercial location data escapes Carpenter's warrant requirement, so the constitutionality of the entire practice remains formally open.
- The full scope is still opaque. The ODNI report itself admits the intelligence community does not fully know how much CAI it holds, what types, or exactly how it is used, which means even insiders cannot precisely bound the surveillance.
- Which agencies are buying what, right now, is only partially visible. Disclosures have come piecemeal through litigation and hearings; there is no comprehensive public inventory of federal data-broker contracts, so the current picture is a floor, not a ceiling.
- Regulation keeps stalling. With the Fourth Amendment Is Not For Sale Act dead in the Senate and executive-branch policy shifting between administrations, whether any durable limit will be placed on the practice is unsettled.
Point by point
The claim: Federal agencies have actually bought Americans' location and personal data from commercial brokers.
What the record shows: Documented and, in several cases, admitted by the agencies. Records obtained through ACLU FOIA litigation detail DHS, ICE, and CBP purchases of bulk phone-location data from Venntel. The IRS Criminal Investigation unit subscribed to Venntel's database. The military bought app-harvested location data through X-Mode and Babel Street. The FBI's own director acknowledged the bureau had purchased location data. This is not an inference; it is a paper trail.
The claim: The intelligence community itself has confirmed the scale of the practice.
What the record shows: Yes. The ODNI's January 2022 report on commercially available information, declassified in 2023, states the intelligence community acquires increasing volumes of CAI, including sensitive location data, and cautions that CAI has grown so far that it can “replicate” the results of intrusive surveillance techniques once used on a limited, targeted basis. That is the government describing its own conduct, not a critic's characterization.
The claim: The data involved is genuinely sensitive, not just harmless public information.
What the record shows: The ODNI report itself concedes that changes in CAI have undermined the old assumption that publicly available information is categorically non-sensitive. Location histories can reveal where a person sleeps, worships, seeks medical care, and protests. In Carpenter, the Supreme Court singled out persistent location tracking as constitutionally sensitive precisely because it exposes “the privacies of life.”
The claim: Buying the data lets agencies bypass the warrant the Fourth Amendment would otherwise require.
What the record shows: This is the contested legal core, and it is a serious argument rather than a settled fact. Carpenter held that compelling location records from a carrier requires a warrant. Agencies and their lawyers argue that buying data voluntarily sold by a third-party broker is different and falls outside Carpenter. Civil-liberties groups and several legal scholars argue that this is a distinction without a difference that “launders” a search into a purchase. No definitive Supreme Court ruling has yet resolved whether the purchase route is constitutional, so this file reports the evasion as a strong, widely held legal claim, not as an established holding.
The claim: This is really just the NSA-style mass-surveillance story under a new name.
What the record shows: Related but distinct, and worth keeping separate. Classic programs like bulk telephone-metadata collection ran through secret legal authorities and compelled cooperation from carriers. The data-broker channel is different in mechanism: the data is generated by consumer apps, aggregated by private companies, and sold on a commercial market that anyone with money can enter. That difference is exactly why it raises its own legal questions and why Congress has treated it as a separate problem.
The claim: Congress has confirmed the problem is real by trying to legislate it away.
What the record shows: Accurate. The Fourth Amendment Is Not For Sale Act, aimed squarely at barring agencies from buying data they would otherwise need a warrant to get, passed the House 219-199 in April 2024 with support from across the spectrum. Its failure in the Senate is a story about legislative gridlock, not about the underlying practice being fictional. A bipartisan majority of one chamber does not vote to close a loophole that does not exist.
The claim: Because it is legal for now, there is nothing objectionable about it.
What the record shows: Legality and propriety are not the same question, and current legality is itself uncertain. Even where no statute clearly forbids the purchases, the ODNI report, multiple inspectors and oversight bodies, and civil-liberties organizations have flagged serious privacy and constitutional concerns. The honest framing is that the practice is documented and largely unregulated, that agencies assert it is lawful, and that whether it survives Fourth Amendment scrutiny remains genuinely open.
Other readings
Angles that don't fit neatly into the claim or its rebuttal, laid out and weighed, not endorsed.
The “it's all consented-to public data” defense
Agencies and brokers sometimes argue there is no surveillance problem because the underlying data was voluntarily generated by users who agreed to app terms, making it ordinary commercial information the government may lawfully buy like anyone else. It is a real legal position, and this file reports it fairly. But the ODNI's own report undercuts it by conceding that aggregated CAI is now sensitive enough to replicate intrusive surveillance, and few app users meaningfully consent to having their movements resold to the state. The defense addresses the letter of consent while sidestepping the scale and purpose that make the practice concerning.
The private-market accountability gap
A related angle looks past the agencies to the brokers themselves. Companies such as Venntel and X-Mode built businesses on harvesting and reselling granular location data with little oversight; the Federal Trade Commission has since taken enforcement action against some of these firms over the sale of sensitive location information. This reframes the story as not only a Fourth Amendment problem about government buyers but a consumer-protection problem about an underregulated data industry that supplies them. Both readings can be true at once.
Timeline
- 2018-06-22In Carpenter v. United States, the Supreme Court rules 5-4 that the government's acquisition of a person's historical cell-site location records from a phone carrier is a Fourth Amendment “search” that generally requires a warrant, recognizing the sensitivity of long-term location tracking.
- 2020-02Reporting reveals that Immigration and Customs Enforcement and Customs and Border Protection have bought access to commercial location databases, sourced from broker Venntel, to help track people, without warrants. The “data-broker loophole” enters wider public debate.
- 2020-11-16Motherboard (Vice) reports that the US military, including Special Operations Command, purchased location data harvested from ordinary apps, among them the popular Muslim Pro prayer app, via brokers such as X-Mode and Babel Street's Locate X. The app cuts ties with its data partner after the story.
- 2020-12The ACLU files a Freedom of Information Act lawsuit against DHS, ICE, and CBP seeking records of their location-data purchases, after the agencies fail to respond to earlier requests.
- 2022-07Documents released through the ACLU lawsuit detail DHS's purchase and use of vast quantities of phone-location data. Marketing materials show broker Venntel claimed to sweep up more than 15 billion location signals from over 250 million devices in a single day.
- 2023-03-08At a Senate Intelligence Committee hearing, FBI Director Christopher Wray acknowledges the bureau had previously purchased commercial location data, while saying it was no longer doing so and now used a court-authorized process. The admission confirms the practice on the record.
- 2023-06-09ODNI declassifies and releases a January 2022 internal report on “commercially available information,” prepared at Senator Ron Wyden's request. It confirms the intelligence community buys large volumes of CAI, including sensitive location data, and warns the scale can now replicate intrusive surveillance once reserved for targeted operations.
- 2024-04-17The US House passes the Fourth Amendment Is Not For Sale Act by 219-199, a bipartisan bill to bar agencies from buying data they would otherwise need a warrant to obtain. The Senate does not take it up, and the bill dies with that Congress.
- 2026-03At a fresh Senate hearing, Senator Wyden asks FBI Director Kash Patel to commit to not buying Americans' location data. Patel declines, saying the bureau purchases commercially available information it considers consistent with the Constitution, showing the underlying loophole remains open.
From the case file
The actual records: declassified, released, or leaked. We link straight to each document in its official archive, so you never have to take our word for it. Read the originals yourself.
Other case files that cite the same sources
Supported. This is one of the rare files where the underlying claim is simply true and on the record. Multiple US agencies, including the FBI, the Department of Homeland Security and its ICE and CBP components, the IRS Criminal Investigation unit, and elements of the military and intelligence community, have purchased Americans' cell-phone location data and other sensitive personal information from commercial data brokers, rather than obtaining it with a warrant. A January 2022 report by the Office of the Director of National Intelligence, declassified in June 2023, acknowledges that the intelligence community buys large volumes of “commercially available information” (CAI), including location data, and warns that its scale can now replicate intrusive surveillance. The practice is real and government-confirmed. What remains genuinely contested is the law: whether buying this data evades the Fourth Amendment warrant requirement the Supreme Court set out in Carpenter v. United States (2018). That legal question is unsettled, and this file keeps it separate from the documented fact of the purchases.
Reviewed by The Conspiratory Editors · Last reviewed July 19, 2026 · How we rate
Sources
- 1.ODNI Declassified Report on Commercially Available Information (January 2022), Office of the Director of National Intelligence (2023)
- 2.ODNI Report on Intelligence Agencies' Data Purchases Underscores Urgency of Reform, Electronic Privacy Information Center (EPIC) (2023)
- 3.Closing the Data Broker Loophole, Brennan Center for Justice (2024)
- 4.New Records Detail DHS Purchase and Use of Vast Quantities of Cell Phone Location Data, American Civil Liberties Union (2022)
- 5.How the U.S. Military Buys Location Data from Ordinary Apps, Motherboard (Vice) (2020)
- 6.Your data is everywhere. The government is buying it without a warrant, NPR (2026)
- 7.H. Rept. 118-459: Fourth Amendment Is Not For Sale Act, U.S. House of Representatives (Congress.gov) (2024)
- 8.Fact Sheet: Closing the Data Broker Loophole, Project On Government Oversight (POGO) (2024)
- 9.Carpenter v. United States, Oyez (Supreme Court case summary) (2018)
- 10.U.S. Intelligence Has Amassed 'Sensitive and Intimate' Data on 'Nearly Everyone', Gizmodo (2023)
Help us investigate
This is a living case file. If you spot an error or know evidence we missed, tell us, and weigh in on where you land.
Where do you land?
Cast your read on this one.
Comments
Add your take. Comments are read and approved by a human before they appear, so keep it on topic and civil. Please do not accuse named, living people of crimes.