search

A Catholic priest resigned after a news site used cell phone location data to track his phone

Yesterday a Catholic new site called the Pillar published a story which resulted in the resignation of Monsignor Jeffrey Burrill, the General Secretary of the US Conference of Bishops. Here’s what the Pillar reported:

A priest of the Diocese of La Crosse, Wisconsin, he began to work at the bishops’ conference as associate general secretary in February 2016. In that capacity, the priest was charged with helping to coordinate the U.S. bishops’ response to the Church’s 2018 sexual abuse and coercion scandals.

But an analysis of app data signals correlated to Burrill’s mobile device shows the priest also visited gay bars and private residences while using a location-based hookup app in numerous cities from 2018 to 2020, even while traveling on assignment for the U.S. bishops’ conference.

According to commercially available records of app signal data obtained by The Pillar, a mobile device correlated to Burrill emitted app data signals from the location-based hookup app Grindr on a near-daily basis during parts of 2018, 2019, and 2020 — at both his USCCB office and his USCCB-owned residence, as well as during USCCB meetings and events in other cities.

There has been a pretty strong reaction to this at various media outlets and maybe not the one you would expect. An opinion piece published by the National Catholic Reporter labeled the report “unethical” and “homophobic.”

I am a sinner. So are you. So is Msgr. Jeffrey Burrill. Not one of us has a personal life that would withstand the sort of scrutiny The Pillar has applied to Burrill. Every single one of us has had a shameful moment we regret, and I suspect most of us must be caught up in cycles of sinfulness that we repeat less because we want to than because we are sinners and cannot help being sinners.

Like anyone else, Burrill’s sins are between him and God. Like any other priest, we can say his bishop belongs in that conversation too. But unless there is some reason to think he has harmed someone else, I feel sure his sins are none of my business, as much as my sins are none of yours. As a Catholic, I am bound to believe all of that.

But non-Catholic news sites have mostly expressed concern about how the Pillar did what it did. If you can use cell data to out and oust a priest, you can probably do it to almost anyone. That’s something that seemed to concern a spokesperson for Grindr:

“The alleged activities listed in that unattributed blog post are infeasible from a technical standpoint and incredibly unlikely to occur,” she said late Tuesday in a statement. “There is absolutely no evidence supporting the allegations of improper data collection or usage related to the Grindr app as purported.”

Privacy experts have long raised concerns about “anonymized” data collected by apps and sold to or shared with aggregators and marketing companies. While the information is typically stripped of obviously identifying fields, like a user’s name or phone number, it can contain everything from age and gender to a device ID. It’s possible for experts to de-anonymize some of this data and connect it to real people.

In fact, as Vice pointed out in a story published last week, there’s an entire industry devoted to de-anonymizing data collected on cell phones.

Tech companies have repeatedly reassured the public that trackers used to follow smartphone users through apps are anonymous or at least pseudonymous, not directly identifying the person using the phone. But what they don’t mention is that an entire overlooked industry exists to purposefully and explicitly shatter that anonymity.

They do this by linking mobile advertising IDs (MAIDs) collected by apps to a person’s full name, physical address, and other personal identifiable information (PII). Motherboard confirmed this by posing as a potential customer to a company that offers linking MAIDs to PII…

This de-anonymization industry uses various terms to describe their product, including “identity resolution” and “identity graph.” Other companies claiming to offer a similar service as BIGDBM include FullContact, which says it has 223 billion data points for the U.S., as well as profiles on over 275 million adults in the U.S.

“Our whole-person Identity Graph provides both personal and professional attributes of an individual, as well as online and offline identifiers,” marketing material from FullContact available online reads, adding that can include names, addresses, social IDs, and MAIDs.

In short, if you have a cell phone there is potentially some “anonymized” data out there about you and that data could be de-anonymized by any number of companies willing to do so for a price.

It’s not hard to see how this sort of data could become a weapon used against any number of people or even a means to blackmail someone. Younger people who are most attached to their phones are potentially facing a lifetime of waiting to be canceled the moment someone out there decides they deserve it.

Related Post

This website uses cookies.