CONFIRMED — GOVERNMENT DOCUMENTS — MARCH 2026A government document obtained by 404 Media confirmed Border Patrol purchased your precise location data from the online advertising ecosystem. No warrant required.
Confirmed active — Border Patrol — March 2026

Your Apps Are Spying on You.
The Government Is Buying the Feed.

Every time you open an app with ads, your exact GPS location gets sold — sometimes within milliseconds. Border Patrol and immigration enforcement have been confirmed buying that data. No warrant. No court order. They just pay for it like anyone else would. Here is how it works and how to stop it.

Source: 404 Media FOIA · Border Patrol contract documents · EFF March 2026 · Updated March 31, 2026
95,000+
location pings Border Patrol bought from ad companies
No warrant
required — they buy it like a subscription
Every app
that shows you ads is potentially part of this
2026
confirmed active — government documents obtained via FOIA
Section 01 — The Mechanism

Here Is What Happens Every Time You Open Instagram

You open Instagram. Before the first post loads, your phone has already broadcast your exact GPS coordinates to hundreds of companies you've never heard of. They bid on the right to show you an ad. The whole auction takes less than a second.

And somewhere downstream, a company bought your location — not to show you ads, but to sell your movement history to whoever is paying. Border Patrol paid. Immigration enforcement paid. They don't need a warrant to do it. They just need a credit card.

Companies that buy and resell your data sit in the middle of this system. They aggregate your location history across millions of devices and sell access to it. Government agencies are among their customers. This has been happening since at least 2020.

Your Phone
Opens any app with ads. Your GPS location and device ID are broadcast automatically — in milliseconds.
→ location sent to →
The Ad System
Hundreds of companies receive your coordinates simultaneously. The ad auction is over in under a second.
→ sold in bulk to →
Data Resellers
Companies that buy and resell your data aggregate your location history across millions of devices.
→ purchased commercially by →
The Government
No warrant required. Border Patrol, immigration enforcement, and others buy “commercially available” data. Confirmed since at least 2020.
Section 02 — The Exposure

What They Can Learn About You From Your Location History

What your location data reveals
  • Your home addressEven if you never gave it to anyone. Your phone is there every night. That pattern identifies your home with high confidence.
  • Whether you go to a mosque, church, or synagogueHow often. Which one. Attendance patterns at religious sites are tracked over months or years and stored in searchable databases.
  • Your medical history — inferred from where you goIf you've been to an abortion clinic, an addiction treatment center, or an HIV specialist. The location data doesn't lie.
  • Whether you were at a protestYour phone was there. It was logged. It may have already been sold. There is no retroactive erasure once that data has been purchased.
  • Who else lives with youBased on which other phones are always at your address overnight — even across different accounts and carriers.
  • Assumptions about your immigration statusPatterns near immigration courts, border checkpoints, or consulates can be used to make assumptions about your immigration status — and are being used that way.
Source: EFF analysis of ad system data exposure, March 2026 · 404 Media, Border Patrol FOIA document, 2026
Section 03 — The Law

Why This Is Legal — and Why That's the Problem

The Fourth Amendmentsays the government needs a warrant to search you. But there's a loophole big enough to drive a truck through: if the government buysyour data from a private company instead of demanding it from you directly, courts have generally said that doesn't count as a “search.”

You “chose” to use apps. You “chose” to let them track you. So when the government pays a company for that tracking data, you technically “agreed” to it. That is the legal argument. It is being used right now.

The logic goes like this: once you share information with a third party — an app, a service — you lose your constitutional protection against the government obtaining that information. Courts developed this rule long before smartphones existed. It was never designed for a world where every app on your phone silently broadcasts your location hundreds of times a day.

What the Supreme Court ruled in 2018
In Carpenter v. United States, the Supreme Court said the government does need a warrant to get your location history directly from your phone carrier. That was a win. But it only covered carrier data — not data bought from the app advertising system. That gap has never been closed.
What remains unresolved — and exploited
Government agencies know the gap exists. They are using it. No federal court has ruled on whether buying your ad-system location data requires a warrant. Congress has not acted. The loophole is active and being commercially exploited by federal agencies right now.
Section 04 — Protect Yourself

Five Things You Can Do Right Now — With Exact Steps

01
Turn Off Your Advertising ID
iPhone:Settings → Privacy & Security → Tracking → Allow Apps to Request to Track: OFF
Android:Settings → Privacy → Ads → Delete advertising ID
Why this works:Your advertising ID is the number that links your location pings across apps — without it, your data can't be stitched into a profile and sold as a history.
02
Go Through Every App and Revoke Location Access
iPhone:Settings → Privacy → Location Services — set to “Never” for any app that doesn't require location to function. Also deny “Precise Location” even where you allow location at all.
Android: Settings → Location → App permissions — review each app individually.
Why this works:No location permission means no location ping means nothing to sell — “Precise Location” is GPS-grade data that is far more valuable to buyers than an approximate region.
03
Use Signal Instead of Regular Texting
Download Signal (free) from signal.org or your app store.
Signal Protocol: every message and call is end-to-end encrypted by default.
Metadata: Signal does not log who you message, when, or how often on their servers.
Why this works: Regular texts can be read by your carrier and obtained with minimal legal process — Signal messages are mathematically inaccessible to anyone without your physical device.
04
Use a VPN, Especially in Sensitive Locations
Use near protests, checkpoints, immigration courts, or medical facilities.
Recommended: ProtonVPN — Swiss-based, no-log policy, open source, free tier available.
A VPN encrypts your traffic and masks your IP address from your carrier and network observers.
Why this works: A VPN adds a layer between you and network-level surveillance — but note it does not stop GPS location from apps, which is why you also need step 02.
05
Use Airplane Mode at Sensitive Locations
Protests. Immigration courts. Clinics. Places of worship.
Airplane mode disables all radio transmission: cell, Wi-Fi, Bluetooth, and GPS simultaneously.
Also manually disable Wi-Fi and Bluetooth — on some devices airplane mode does not fully disable these.
Why this works: No transmission means no location ping means nothing to log or sell — this is the most reliable method and it costs nothing.
Section 05 — The Fight

There Is a Bill That Would Fix This. It Keeps Getting Killed.

Fourth Amendment Is Not For Sale Act
Sponsors (bipartisan): Sen. Ron Wyden (D-OR) · Sen. Rand Paul (R-KY) · Rep. Warren Davidson (R-OH) · Rep. Zoe Lofgren (D-CA)

Two senators — one Democrat, one Republican — wrote a law that would require the government to get a court order before buying your location data from these companies. The same warrant they'd need to search your house.

It passed the House. It died in the Senate. It has not been reintroduced. The loophole is still open.

Passed the House in 2024. Died in the Senate. Has not been reintroduced in 2026 Congress.
State Action
Montana Closed the Loophole First
Montana became the first state to pass its own version of the law in 2023. It prohibits state law enforcement from buying your data when they'd otherwise need a warrant to demand it directly — closing the commercial-purchase gap at the state level.
Congressional Pressure
70 Lawmakers Demanded Answers
On March 3, 2026, seventy lawmakers sent a letter to DHS oversight demanding a formal investigation into immigration enforcement's location data purchasing practices. The letter cited specific documented purchases and called for a full accounting of which agencies are buying data and from which companies.
Section 06 — The Tools

What to Use Instead

These are free. They work. Here is what each one does.

Signal
Encrypted Messaging
Free, open source. Every message and call is end-to-end encrypted. Signal does not retain logs of who you message, when, or how often. Available on iOS and Android.
Tor Browser
Anonymous Browsing
Routes your traffic through three volunteer-run relays worldwide. Hides your IP address and prevents tracking. Slower than a regular browser but effective for sensitive research.
DuckDuckGo
Private Search
Does not log your searches or build an advertising profile. The DuckDuckGo browser app also actively blocks third-party trackers across apps and websites on iOS and Android.
ProtonVPN
VPN
Swiss-based, audited no-log policy, open source clients. Free tier available with no data cap. Encrypts your connection and masks your IP from your carrier and anyone watching the network.
Apple ATT
iPhone Tracking Opt-Out
Built into iPhone. Settings → Privacy & Security → Tracking → turn off “Allow Apps to Request to Track.” Removes the cross-app tracking identifier that links your activity across apps.
Android Ad ID Deletion
Android Tracking Opt-Out
Settings → Privacy → Ads → Delete advertising ID. Permanently removes the identifier used to link your activity across apps and resell it. Available on Android 12+. Free.
Sources & References
  • 404 Media — Border Patrol purchased location data from online advertising ecosystem, FOIA document (2026)
  • EFF— “Data Brokers Are Selling Your Location to the Government” — March 2026
  • Carpenter v. United States, 585 U.S. 296 (2018) — Supreme Court warrant requirement for cell-site location records
  • Fourth Amendment Is Not For Sale Act — S.1265 / H.R.2415 — Wyden, Paul, Davidson, Lofgren (bipartisan)
  • 70 lawmakers letter to DHS oversight on immigration enforcement location data purchasing practices — March 3, 2026
  • Montana SB 282 — Consumer Data Privacy, location data purchasing restrictions — enacted 2023