Hungarian domestic intelligence, the National Police in El Salvador, and several US law enforcement and police departments have been held responsible for the use of an advertising-based global geolocation surveillance system called weblock.
According to a report published by Citizen Lab, the tool was developed by Israeli company Cobwebs Technologies and is now sold by its successor Penlink after the two companies merged in July 2023. PenLink, founded in 1986, is a provider of “mission-critical communications and digital evidence collection and analysis software” to law enforcement agencies in the US and around the world.
Weblock’s US customers include Immigration and Customs Enforcement (ICE), the US Army, the Texas Department of Public Safety, DHS West Virginia, the NYC District Attorney, and various police departments in smaller cities and counties such as Los Angeles, Dallas, Baltimore, Tucson, Durham and Elk Grove city and Pinal County.
“WebBlock is sold as an add-on product to the social media and web intelligence system Tangles,” said Citizen Lab researchers Wolfie Crystal, Astrid Perry, Luis Fernando Garcia, Sienna Anstis and Ron Deibert. “WebLock provides access to a continuously updated stream of records from 500 million mobile devices worldwide that include device identifiers, location coordinates, and profile data derived from mobile apps and digital advertising.”
Advertising-based surveillance systems, in short, use data purchased from mobile apps and digital advertising to analyze the behavior and activities of billions of people. It was officially announced by Cobwebs Technologies in October 2020, described as a “state-of-the-art location intelligence platform that collects and analyzes web data associated with geospatial data points using interactive layered maps to connect the digital world to physical data.”
Customers of the tool can use it to monitor the location, activities and personal characteristics of an entire population up to three years in advance. According to information available on PennLink’s website, WebLock can be used to “investigate and interpret location-based data to support your cases.” WebLock also has the ability to infer location from IP addresses and identify individuals behind devices by collecting their home addresses and workplaces.
Interestingly, Cobwebs Technologies was one of the seven cyber mercenaries that were taken down by Meta in December 2021 for operating around 200 accounts to conduct reconnaissance on targets and even engage in social engineering to join closed communities and forums and trick people into revealing personal information.
The social media giant had revealed at the time that it had identified Cobwebs Technologies customers in Bangladesh, Hong Kong, the United States, New Zealand, Mexico, Saudi Arabia and Poland. “In addition to targeting related to law enforcement activities, we have also seen continued targeting of activists, opposition politicians, and government officials in Hong Kong and Mexico,” Meta said.
Reports from 404 Media, Forbes and the Texas Observer revealed that WeBlock could be used to track phones without a warrant, with a purchase notice highlighting the tool’s “ability to automatically and continuously monitor unique mobile advertising IDs, geolocated IP addresses and connected device analytics.”
Analysis of corporate records and other public information revealed that Cobwebs Technologies shares links with Israeli spyware vendor Quadrim through Cobwebs Technologies founder and former president Omri Timianker, who now oversees PennLink’s international operations. It is suspected that the company will cease operations in 2023.
At least 219 active servers associated with Cobwebs product deployments have been identified, the majority of which are located in the US (126), the Netherlands (32), Singapore (17), Germany (8), Hong Kong (8), and the UK (7). Potential product servers have also been explored in various countries in Africa, Asia, and Europe.
Responding to the report, PenLink said the findings “appear to rely on misinformation or misunderstandings about the way we operate, which does not include PenLink following our acquisition of Cobwebs Technologies in 2023.” It also said it complied with US state privacy laws.
Citizen Lab said, “Our research shows that intrusive and legally questionable ad-based surveillance (i.e., without a warrant or adequate oversight) is being used by military, intelligence, and law enforcement agencies to local police units in many countries around the world.”
