WEBLOC SYSTEM TRACKS 500M DEVICES VIA AD DATA

What is Webloc? Webloc operates as an ad-based surveillance infrastructure that aggregates location data from mobile devices at scale. The system provides subscribers with constantly updated streams of geolocation records, enabling tracking of device movements across vast populations. How it works The system collects location information primarily through two channels: mobile applications and digital advertising ecosystems. Apps and ad networks routinely gather precise location data from users' devices, often with limited transparency about how that information will be used or shared. Scale and implications With potential access to 500 million devices, Webloc represents one of the largest documented location surveillance operations. Location data of this granularity can reveal detailed patterns about individuals' lives—where they work, worship, seek medical treatment, spend leisure time, and associate with others. Privacy concerns The investigation raises significant questions about data broker practices and the lack of oversight in location data markets. Users typically provide location permissions for specific app functions, unaware their data feeds into broader surveillance infrastructure. Location tracking at this scale enables various harms: discriminatory targeting, stalking, political profiling, and law enforcement abuse. The system's integration with advertising networks suggests commercial motivations drive its operation. Context The discovery adds to growing evidence that location data markets operate with minimal regulation. Previous research has documented how data brokers and ad networks monetize location information, often derived from users who have little awareness their data is being aggregated and resold. The Citizen Lab's findings underscore the tension between mobile app functionality and privacy. Even as regulators worldwide consider stricter data protection measures, surveillance capabilities continue expanding through opaque supply chains.