FBI, DIA pressed on purchases of Americans’ phone location data

A long-running fight over the government’s purchase of Americans’ phone location data resurfaced Wednesday at the Senate Select Committee on Intelligence’s annual worldwide threats hearing.

Senator Ron Wyden pressed Federal Bureau of Investigation (FBI) Director Kash Patel and Defense Intelligence Agency (DIA) Director U.S. Army Lt. Gen. James H. Adams III on whether their agencies are still buying commercially available location information.

Wyden used his time to force into the open a surveillance practice that privacy advocates have spent years arguing amounts to a warrantless shortcut around the Fourth Amendment.

Patel’s answer was notable because it was more direct than some earlier public FBI statements. He told Wyden “we do purchase commercially available information consistent with the Constitution and the law under the electronic communications privacy act, and it has led to some valuable intelligence for us to be utilized with our private partner sector.”

Wyden immediately framed Patel’s answer as an admission that the FBI buys Americans’ location data without first going to a judge, calling it “an outrageous end-run around the Fourth Amendment,” and warning that the stakes are even higher in an era when AI can comb through vast stores of personal information.

Wyden tied the issue to the newly introduced Government Surveillance Reform Act, a bipartisan bill that its sponsors say would close the “data broker loophole” by blocking the government from purchasing sensitive private data it would otherwise need legal process to obtain.

Wyden then turned to Adams and reminded the committee that DIA had already confirmed in 2021 that it purchased and searched domestic location data. He asked whether DIA’s position remains that it can buy Americans’ location data without a warrant and whether it is still doing so.

Adams did not give a yes-or-no answer on current purchasing, instead saying that DIA’s acquisition of commercially available and publicly available information is aligned with the Constitution and protects U.S. persons’ information.

When Wyden pressed again, Adams answered in process terms, saying all of DIA’s purchases of commercially available information go through legal channels and are following the law.

That exchange matters because unlike many surveillance controversies, this one is not speculative. DIA’s use of commercially available smartphone location data is already part of the public record.

A declassified 48-page report prepared for the Office of the Director of National Intelligence (ODNI) dated January 2022, quoted an unclassified paper that DIA sent Congress on January 15, 2021.

According to the report, DIA said it “currently provides funding to another agency that purchases commercially available geolocation metadata aggregated from smartphones.”

The data received, the report said, was global and not labeled by the vendor as U.S. or foreign at the time it was provided to DIA.

DIA then processed the stream to identify U.S. location points, segregated those into a separate database, and required specific approvals from its general counsel, oversight office, and senior leadership before personnel could query the U.S. database.

The report adds that permission to query U.S. device location data had been granted five times in the prior two and a half years.

The same ODNI report also memorialized DIA’s legal position on Carpenter v. United States, the 2018 Supreme Court decision holding that the government’s acquisition of historical cell-site location records is a Fourth Amendment search that generally requires a warrant.

ODNI said DIA had advised Congress in writing that as of January 15, 2021, it “does not construe the Carpenter decision to require a judicial warrant endorsing purchase or use of commercially available data for intelligence purposes.”

“Under Carpenter v. United States,” the report states, “acquisition of persistent location information (and perhaps other detailed information) concerning one person by law enforcement from communications providers is a Fourth Amendment ‘search’ that generally requires probable cause,” the report states.

“However,” the report continued, “the same type of information on millions of Americans is openly for sale to the general public. As such, Intelligence Community policies treat the information as publicly available information and IC elements can purchase it.”

The report did not endorse that position. Instead, it explicitly noted the uncertainty and described the broader privacy and civil liberties risks posed by commercially available information, including persistent location data that can reveal political, religious, travel, and associational activity.

It also warned that such data could be used to identify every person who attended a protest or rally based on smartphone location or ad-tracking records.

Wyden’s point is that the government should not be able to buy from a broker what it could not lawfully compel from a carrier or platform without judicial oversight.

That argument has become more forceful as intelligence agencies and law enforcement gain access not merely to raw location points but to increasingly sophisticated analytics that can organize, correlate, and search enormous datasets.

The ODNI report itself acknowledged that commercially available information can reveal intimate details about private behavior, social ties and speech, and that broad access to it can increase the government’s power in ways that may exceed constitutional traditions or public expectations.

The FBI’s public posture has been narrower and at times more carefully worded than DIA’s.

In March 2023, then FBI Director Christopher Wray acknowledged during a Senate hearing that the bureau had previously purchased some location data, but he described it as limited to information “derived from Internet advertising,” and said the practice had been tied to “a specific national security pilot project” that was no longer active.

Wray said at the time that the FBI did not currently purchase commercial database information that included such location data and instead relied on a “court-authorized process” to obtain it.

Even that did not fully settle the matter. In November 2025, the Privacy and Civil Liberties Oversight Board reported that the FBI does not purchase continuous or “real time” location data from any phone, Internet, or electronic service provider.

But the board’s finding was narrower than a blanket declaration that the bureau never buys location-linked commercial information. Its report makes clear that the board examined the FBI’s use of open source information, including data brokers, and specifically looked at whether the bureau was purchasing continuous location data.

It noted that the FBI distinguishes continuous location information from tagged or embedded location information contained in publicly available posts, and it cites FBI privacy documents involving commercial tools such as Babel Street and ZeroFox.

That is what made Patel’s answer Wednesday so striking. He did not simply repeat the narrower 2025 position that the FBI does not buy continuous or real-time location data. Instead, he said the bureau does purchase commercially available information and defended the practice as lawful and operationally useful.

Whether Patel was speaking generally about commercially available information or specifically conceding the current purchase of Americans’ location data is likely to become the next oversight fight. Wyden plainly treated it as the latter.

Committee Chairman Tom Cotton offered the clearest defense of the practice. He argued that the phrase “commercially available” is the key point and said that if anyone else can buy the data and the FBI can buy it to help locate a child molester or cartel leader, then the bureau should do so.

Cotton compared the issue to the long-standing rule that police may search trash left at the curb because, in that circumstance, a person no longer has a privacy interest in it. That analogy reflects the traditional third-party doctrine view that information exposed to others loses constitutional protection.

The larger significance of Wednesday’s clash is that it showed how unresolved the issue remains despite years of disclosures. DIA’s position was documented in writing years ago, and the FBI already admitted to at least one past purchase program.

ODNI has since adopted a formal policy framework for commercially available information, acknowledging that data from cell phones, cars, household devices, and other networked tools can reveal sensitive personal information and requires governance across the Intelligence Community.

Yet, Congress still has not imposed a clear statutory rule barring agencies from buying sensitive location data about Americans without a warrant.

What Wyden did at the threats hearing was pull that unresolved question back into public view and connect it to a live legislative vehicle. What Patel and Adams did, by contrast, was defend the legality of their agencies’ use of commercially available information without directly closing off the core civil liberties concern.

For surveillance critics, that left the central issue intact. If the government can purchase Americans’ movements from a broker, run those records through powerful analytic systems and avoid the kind of warrant requirement Carpenter imposed in other contexts, then the constitutional fight over location data is far from over.

Article Topics

FBI  |  legislation  |  location data  |  surveillance  |  U.S. Government