Cheap Phone Data Targets U.S. Bases

A soldier in U.S. Army uniform typing on a laptop with green code displayed on the screen

Foreign adversaries can reportedly buy smartphone data that tracks U.S. troops in real time, and Congress is putting fresh heat on the Pentagon to stop it before Americans come home in body bags.

Story Snapshot

Commercial data brokers are selling detailed, individually identified data on U.S. service members, veterans, and their families, including highly sensitive information.
Researchers have shown this data can be bought cheaply and potentially used by hostile regimes to map patrol routes, target bases, and profile troops.^[1]^[2]^[5]^[6]
New federal law now bans making precise geolocation and other “sensitive” U.S. data available to foreign adversary governments, but enforcement and Pentagon action remain in question.^[1]^[4]^[5]
Conservatives are pressing for stronger, America‑first rules that treat data as a battlefield asset, not a corporate commodity.

How Data Brokers Turn Troops’ Phones into Targeting Beacons

Researchers from Duke University’s Sanford School demonstrated in 2023 that it is not difficult to purchase sensitive, individually identified data on active-duty service members, veterans, and their families from commercial data brokers.^[1]^[6] They were able to buy non-public data such as health, financial, and religious information for as little as twelve cents per record using benign-looking internet domains, including one registered outside the United States.^[1] The same ecosystem also offers location data on service members, even though that particular category was not purchased for the study.^[1]^[5]

Analysts warn that this kind of information lets hostile actors reconstruct where troops live, worship, and seek medical care, and when they leave their bases or housing.^[1]^[2]^[5] A briefing from the Electronic Privacy Information Center notes that data broker dossiers on military personnel have already exposed sensitive national security details like patrol routes around bases through commercial location and advertising systems.^[2] A 2020 security report for the North Atlantic Treaty Organization StratCom center concluded that adversaries could use brokered data to craft highly targeted influence messages aimed at individual soldiers.^[6]

Why Congress Says the Pentagon Has Not Gone Far Enough

Conservative and bipartisan lawmakers argue that these risks are not hypothetical, because the data broker industry has operated for years in a lightly regulated environment where companies stockpile extraordinarily sensitive information on Americans, then sell it with little transparency.^[2]^[3]^[4] A detailed national security study from Ohio State University describes how foreign adversaries such as China, Russia, and Iran can legally buy vast quantities of U.S. citizens’ data, including location histories, purchase records, and web browsing, and use it to map patterns of life and identify targets.^[3] That same analysis stresses there has been “little to no” federal regulation on who data brokers can sell to.^[3]

For military families, this means hostile governments may not need spies or cyberattacks to locate deployed Americans; they can simply pay data brokers that quietly harvest smartphone and app data.^[3]^[4] National security advocates argue this is a serious failure of basic force protection, since routine activities like fitness tracking, mobile games, or social networking can reveal base layouts and unit movements if the data is aggregated and resold.^[2]^[4]^[6] The broad consensus in these reports is that the United States has treated data as a marketing asset first and a security asset second, leaving troops exposed in the name of corporate profit.^[2]^[3]^[5]

What the New Law Does—and Where the Gaps Remain

In 2024, Congress passed the Protecting Americans’ Data from Foreign Adversaries Act as part of a larger national security package, directly targeting the risks posed by data brokers.^[1]^[4]^[5] The law prohibits data brokers from selling, licensing, or otherwise providing sensitive, personally identifiable data—including precise geolocation information—to foreign adversary countries such as China, Russia, Iran, and North Korea or to entities they control.^[1]^[4]^[5] Enforcement authority rests with the Federal Trade Commission, which can seek significant civil penalties against violators, theoretically giving Washington a new tool to punish companies that put American troops at risk.^[5]

Privacy and security experts, however, caution that this statute is only a first step, because it focuses on who buys data, not how much data companies are allowed to harvest in the first place.^[2]^[4]^[5] The data broker ecosystem still collects massive volumes of information on Americans as they browse the internet, use smartphone apps, and interact with online services, then combines these details into expansive dossiers.^[2]^[4] Analysts argue that as long as this surveillance business model continues, determined foreign actors will look for loopholes, intermediaries, or shell companies to keep buying what they need.^[2]^[3]^[5]

Why Conservative Voters Should Care About the Data Battlefield

National security researchers stress that data brokers create a structural vulnerability: once sensitive information on service members has been collected, it must be defended forever against misuse, sale, or theft.^[2]^[3]^[6] Reports from civil liberties and academic organizations describe how personal data can be weaponized for blackmail, phishing attacks, and psychological operations aimed at both troops and their families.^[2]^[6] For conservatives who believe government’s first duty is to defend the nation, these findings reinforce the case for treating data protections as a core element of military readiness rather than a secondary consumer privacy issue.

Seems like it'd be smarter to regulate how tech companies collect and sell user data, rather than trying to keep US troops one step ahead of data brokers by controlling which browsers they use and which advertising settings they select devices. https://t.co/4411xpOsp2 pic.twitter.com/4qwxk5KFqO

— Kyle Rempfer (@kyle_rempfer) May 28, 2026

Policy analysts have begun urging reforms that align more closely with an America‑first approach: sharply limiting what data can be collected on Americans without explicit consent, tightening rules on resale, and demanding that the Pentagon treat commercial data exposure as seriously as physical perimeter defense.^[2]^[3]^[5]^[7] An internal U.S. Army report on commercial data risks bluntly states that there is currently no national privacy law adequately shielding citizens or soldiers from data broker vulnerabilities.^[7] For readers who value a strong military, restrained government, and real accountability for corporate power, the message is clear: protecting the digital footprint of U.S. troops is not just a technology issue, it is a constitutional duty to provide for the common defense.