US and British spy agencies routinely try to gain access to personal data from Angry Birds and other mobile applications, a report says.
A National Security Agency (NSA) document shows location, website visited and contacts are among the data targeted from mobile applications.
They are the latest report from documents leaked by Edward Snowden.
In a statement, the NSA said it was not interested in data beyond “valid foreign intelligence targets”.
“Any implication that NSA’s foreign intelligence collection is focused on the smartphone or social media communications of everyday Americans is not true,” the statement said.
The report, published by the New York Times, ProPublica and the Guardian, says the NSA and Britain’s GCHQ have worked together since 2007 to develop ways to gain access to information from applications for mobile phones and tablets.
The scale of data gathering is unclear.
But the reports suggest data is gained from variety of mapping, gaming and social networking applications, using techniques similar to the ones used to intercept mobile internet traffic and text message data.
The documents also reveal two agencies increasingly convinced of the importance of mobile applications data.
The joint spying programme “effectively means that anyone using Google Maps on a smartphone is working in support of a GCHQ system” one 2008 document from the British intelligence agency is quoted as saying.
Another GCHQ report, in 2012, laid out how to extract information from Angry Birds user information from phones on the Android operating system. The game has been download 1.7 billion times across the world.
The British spy agency said it would not comment on intelligence matters, but insisted that all of its activity was “authorised, necessary and proportionate”.
Another NSA document described a “golden nugget” – a perfect scenario where NSA analysts could get broad selections of information from the applications, including networks the phone had connected to, documents downloaded, websites visited and “buddy lists”.
Other applications mentioned by the documents include the photo-sharing site Flickr, movie-based social network Flixster and applications that connect to Facebook.
Developers are responsible for the information generated from each application, but there was no suggestion firms were actively agreeing to give the spy agencies data.
On Monday, the justice department announced it had reached had agreement with five major internet firms over their request to share information about how they responded to orders from the NSA and other agencies.
Google, Microsoft, Yahoo, Facebook and LinkedIn had previously sued the US government over making more information on what they released to intelligence agencies public.
Under the compromise announced, the firms will be able to release:
- report the number of criminal-related orders from the government
- the number of secret national security-related orders from government investigators, rounded to the nearest thousand
- how many national security-related orders came from the foreign service intelligence and the number of customers those orders affected
- whether those orders were for just email addresses or covered additional information
As part of the deal, the firms will delay releases of the number of national security orders by six months and promise if they cannot reveal government surveillance of new technology or forms of communications they create for two years.