Here’s some riveting reporting/opinion from the New York Times on a trove of mobile device data that shows how 40 percent of the people at the Stop the Steal marched on to the Capitol on Jan. 6.

The data places many of them inside the Capitol.


But this is about much more than tracking rioters.

It became clear that this data — collected by smartphone apps and then fed into a dizzyingly complex digital advertising ecosystem — was a liability to national security, to free assembly and to citizens living mundane lives. It provided an intimate record of people whether they were visiting drug treatment centers, strip clubs, casinos, abortion clinics or places of worship.

Surrendering our privacy to the government would be foolish enough. But what is more insidious is the Faustian bargain made with the marketing industry, which turns every location ping into currency as it is bought and sold in the marketplace of surveillance advertising.

Still, I’d love to see the tracking of the two Arkansas state troopers who attended the rally, one of whom has acknowledged marching to the Capitol and inside the outer security perimeter, though not inside.


The Times picked one person’s travel from his home in Kentucky to Washington and then to pings that put him very near the Capitol. He disputes his cell phone data could show that. Yet his own Facebook photos, since deleted, show the crowd advancing on Capitol doors.

The Times writers have reported on cell phone data before. But it keeps getting better.


Unlike the data we reviewed in 2019, this new data included a remarkable piece of information: a unique ID for each user that is tied to a smartphone. This made it even easier to find people, since the supposedly anonymous ID could be matched with other databases containing the same ID, allowing us to add real names, addresses, phone numbers, email addresses and other information about smartphone owners in seconds.

The IDs, called mobile advertising identifiers, allow companies to track people across the internet and on apps. They are supposed to be anonymous, and smartphone owners can reset them or disable them entirely. Our findings show the promise of anonymity is a farce. Several companies offer tools to allow anyone with data to match the IDs with other databases.

We were quickly able to match more than 2,000 supposedly anonymous devices in the data set with email addresses, birthdays, ethnicities, ages and more.

Moral: You think you have secrets? Think again.

Smartphone users will never know if they are included in the data or whether their precise movements were sold. There are no laws forcing companies to disclose what the data is used for or for how long. There are no legal requirements to ever delete the data. Even if anyone could figure out where records of their locations were sold, in most states, you can’t request that the data be deleted.

Their movements could be bought and sold to innumerable parties for years. And the threat that those movements could be tied back to their identity will never go away.