Online Activity and Location Data Bought from Data Broker and Linked to Real Identity Sparks Bishop’s Resignation

According to a report by the Washington Post, top ranked US Catholic church administrator Jeffrey Burrill resigned in the wake of a story by Catholic News site The Pillar who used personal mobile data collected by a data broker to track Burrill's activities on Grindr (a gay dating app) and his location to specific gay bars.

Disconnect CTO Patrick Jackson, who spoke to the Washington Post for this report, expects these types of cases where mobile data is de-anonymized, used, and publicly reported to become more frequent. “[Mass data surveillance] unleashes this chain that a user cannot stop because they don’t even know that [their data] was collected in the first place and they have no idea where this data actually lives, but it’s out there, and it’s for sale.”

The detailed and personal data The Pillar received allegedly was correlated to Burrill’s phone and confirmed his location at bars visited while on work trips for the Catholic Church. The Pillar reported “A mobile device correlated to Burrill emitted app data signals from the location-based hookup app Grindr on a near-daily basis during parts of 2018, 2019, and 2020 — at both his USCCB [U.S. Conference of Catholic Bishops] office and his USCCB-owned residence, as well as during USCCB meetings and events in other cities.”

This case illustrates the reality that these extremely detailed and sensitive profiles are capable of being correlated back to our real identities despite data brokers' claims that the massive amount of personal data they collect about us is "anonymized". Even without a phone number or a name, device IDs and other identifiable data points can be used to tie online activity to specific individuals, including their real name, location, employer, etc.