Revelations that mobile devices can reveal the identities, activities and locations of U.S. service members stationed abroad prompted members of the Senate Armed Services Committee to call for a Department of Defense (DoD) review on Wednesday.
In a letter to Defense Secretary Jim Mattis, U.S. Sens. Richard Blumenthal (D-CT) and Tom Cotton (R-AK) called for a formal evaluation of security risks posed by wireless devices, including wearable fitness trackers and Google’s Android smartphone.
Recently, representatives from Google submitted statements to Congress that indicate Android mapping data automatically collected through wifi networks could reveal the locations of military bases and other sensitive areas. Although the feature can be disabled, the senators noted that doing so requires a manual “opt-out.”
“For servicemembers using Android-based phones, there is a strong likelihood that most users are sending precise location and activity data to Google, and, by extension, all divisions of its parent company, Alphabet,” the letter stated. “In an era of increasingly contested cyber domains, we could be unknowingly allowing our adversaries to map DoD networks for cyber intelligence, surveillance, and reconnaissance and operational preparation of the environment.”
The senators questioned whether the DoD uses a “nomap” option on its wifi networks to prevent location tracking, whether action should be taken to “prevent surreptitious mapping” when it’s not part of a contractual relationship, and whether Google has ever advised the DoD to use the “nomap” feature to protect its wifi networks.