With Locate X, an agency like the Secret Service could, for instance, create a geo-fence around a crime scene. It could then identify mobile devices that were in that area prior to the crime and see where those devices traveled before or after the incident. Police took that approach following a burglary in 2019, and they ended up investigating an innocent cyclist based on his RunKeeper data.

In March, Protocol reported that US Customs and Border Protection purchased Locate X, and a former Babel Street employee told Protocol that the Secret Service and US Immigration and Customs Enforcement (ICE) were using the location-tracking tech. But Motherboard has the first confirmation that the Secret Service did in fact purchase Locate X. 

This isn’t a new issue. Federal agents have reportedly been buying commercially-available cell phone location data to track immigrants for years. A recent report on Black Lives Matter protestors released by Mobilewalla shows just how much info private companies can glean from smartphone apps.

It’s unclear how federal agencies get away with obtaining this info without a warrant. In 2018, the US Supreme Court ruled that law enforcement need a warrant to perform cell phone tower searches. But why bother when you have app data?

Senator Ron Wyden is reportedly planning legislation to block law enforcement from purchasing products like Locate X.

“It is clear that multiple federal agencies have turned to purchasing Americans’ data to buy their way around Americans’ Fourth Amendment Rights. I’m drafting legislation to close this loophole, and ensure the Fourth Amendment isn’t for sale,” Wyden said in a statement provided to Motherboard.

In April, the Secret Service seized 100 Bitcoins from Clark, NYT reports. Weeks later, Bennett received a letter explaining that the Secret Service had recovered 100 of his Bitcoins. The letter cited the same code assigned to the coins seized from Clark. A Secret Service agent told Bennett that the person with the stolen Bitcoins was not arrested because he was a minor.

According to the NYT, less than two weeks after the Secret Service seized the 100 Bitcoins from Clark, he began working on the Twitter heist.

It appears Clark got his start as a cybercriminal by duping fellow Minecraft players into buying names or digital capes that he never provided. His interests then expanded to Fortnite, cryptocurrency and online hacker forums. By the time Clark was arrested for last month’s Twitter hack, he was living in his own Tampa apartment, complete with an expensive gaming setup. Neighbors said he drove a white BMW 3 Series, and he appeared on Instagram with items like designer sneakers and a gem-encrusted Rolodex.

The full profile by the New York Times can be found here.