Consumers may be unaware that automakers and Original Equipment Manufacturers (OEMs) often include sensors in vehicle parts that collect information such as their airbag and seatbelt status, engine temperature, and current location, and then transmit that information either back to the automaker or to third parties. Aggregator companies also purchase or obtain this data, repackage it, and then sell that data or products based on it to their own clients."Vehicle telematics is data transmitted from the vehicle to the automaker or OEM through embedded communications systems in the car," the Ulysses document continues. "Among the thousands of other data points, vehicle location data is transmitted on a constant and near real time basis while the vehicle is operating."
Do you work for a company buying car location data? Does your company sell it? Do you know of any other companies offering telematics data to government agencies? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on email@example.com, or email firstname.lastname@example.org.
Image: AerialPerspective Images
A surveillance contractor that has previously sold services to the U.S. military is advertising a product that it says can locate the real-time locations of specific cars in nearly any country on Earth. It says it does this by using data collected and sent by the cars and their components themselves, according to a document obtained by Motherboard."Ulysses can provide our clients with the ability to remotely geolocate vehicles in nearly every country except for North Korea and Cuba on a near real time basis," the document, written by contractor The Ulysses Group, reads. "Currently, we can access over 15 billion vehicle locations around the world every month," the document adds.
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet.
Although the company told Motherboard it has not sold the product to the U.S. government at this time, the news highlights the scale and reach of car-tracking technology, and the fact that car location data is of interest not just to insurance companies and the finance sector, but to government contractors who explicitly say they want to source the data for intelligence and surveillance purposes.Ulysses previously had a contract with U.S. Special Operations Command (SOCOM), though for a different piece of technology.
The document specifically suggests that this technology could be used for military operations: "We believe that this one attribute will dramatically enhance military intelligence and operational capabilities, as well as reduce the costs and risk footprint of ISR [intelligence, surveillance, reconnaissance] assets currently used to search for and acquire mobile targets of interest," the document adds. It says that Ulysses has "existing access to bulk commercial telematics data."Included in the document is a map showing apparent vehicle locations spread across Russia, Ukraine, and Turkey, including along the border with Syria. A section of text next to the map says Ulysses' data access lets clients analyze targets "whether you want to geo-locate one vehicle or 25,000,000 as shown here." An image on the company’s LinkedIn page appears to show data related to Bulgaria.
The office of Senator Ron Wyden obtained and then provided the document to Motherboard. Wyden spokesperson Keith Chu told Motherboard in a statement that "Far too little is known about how private information is being bought and sold. Senator Wyden is conducting an ongoing investigation into the sale of personal data, particularly via data brokers, to put some sunlight on this shady industry. Our office is continuing to perform oversight into where data brokers are acquiring Americans’ information, and who they’re selling it to."
Ulysses is a small surveillance contractor based in Charleston, South Carolina, that also claims to offer cellular interception and jamming technology, hidden video recorders, and military training such as tactical driving, according to the company's website. The company paid former Trump National Security Advisor and conspiracy theorist Michael Flynn as an advisor, financial disclosure records show.Ulysses has worked with U.S. Special Operations Command (SOCOM), a branch of the military tasked with counterinsurgency, counterterrorism, and special reconnaissance, according to public procurement records unearthed by Motherboard. Navy Lt. Cmd. Timothy Hawkins told Motherboard in an email that a 2016 contract related to Ulysses "using publicly available information to analyze how peer and near-peer competitor countries were making economic and financial investments in Africa and Central and South America. SOCOM used this analysis to deepen our understanding on how foreign competitors used economic and financial tools against U.S. interests in those regions. The contract’s period of work lasted around one year and concluded in 2017."On its website, Ulysses said it has spoken at the Counter Terror Expo in the United Kingdom, and on its LinkedIn page claims it took part in a recent event with the U.S. Navy.
"Ulysses participates in the Navy's Joint Interagency Field Experimentation 21-2 event," the post reads, alongside an image of vehicles driving along a highway. "Telematics based intelligence; the next revolution in data," the image adds. On its website, Ulysses also says it has worked on four contracts with the National Geospatial-Intelligence Agency (NGA).
The Navy acknowledged a request for comment, but did not answer specific questions on whether Ulysses demoed the vehicle location data product to the Navy or not, or what the purpose of Ulysses' attendance was. The NGA did provide a statement in time for publication.Andrew Lewis, president of The Ulysses Group, told Motherboard in an email that "any proprietary promotional material we may have produced is aspirational and developed based on publicly available information about modern telematics equipment.""We do not have any contracts with the government or any of its agencies related to our work in the field and we have never received any funding whatsoever from the government related to telematics," Lewis added.
The document does not explain exactly how Ulysses sources its data, be that directly from automakers or OEMs, or via an aggregator company. But there are plenty of companies that could be contributing.With a consumer using a GPS navigation tool, for instance, "The OEM will have first dibs to the data, because they made the car and have access to the telematics," Andrea Amico, the founder of Privacy4Cars, which, among other things, sells tools to help dealerships remove data from vehicles, told Motherboard in a phone call. "But the company that provides the map itself, for instance, would have access to it; the company that provides the infotainment system may have access to it; the company that provides the traffic data may have access to it; the company that provides the parking data may have access to it. Right there and then you've got five companies that are getting your location."
With mobile phones, consumers can generally see what data an app may be requesting, and Apple recently told developers to add extra information about whether the data is used to track a user too."We have not entered that era yet with cars," Amico said.
One company acting as a middleman for a wealth of this sort of car data is Otonomo, based in Israel. Motherboard has no evidence that Otonomo is involved with Ulysses in any way, but Otonomo is an example of how the car location data industry functions.Otonomo says it has partnerships with 16 OEMs, with an installed base of over 40 million vehicles, according to an Otonomo presentation made for investors. The presentation adds that "thousands of organizations" in turn have access to Otonomo's data, and that it collects 4.3 billion data points a day.Otonomo describes itself as "uniquely positioned at the heart of the automotive data ecosystem." The presentation suggests Otonomo has relationships with major car companies and car part companies. In another slide, Otonomo says the geography of BMW Group, for example, is "global," with 12 million vehicles available. "Commercial use cases" mentioned in the Otonomo presentation include smart cities, dealerships, fleet services, as well as insurance and financial firms.BMW Product & Technology spokesperson Oleg Satanovsky told Motherboard in an email that BMW sends "traffic signs, traffic hazard warnings and traffic flow information" to Otonomo.
When asked if Ulysses is a client of Otonomo, Jodie Joseph Asiag, head of content and communications at Otonomo, told Motherboard in an email that "It is our policy not to comment on the status of any commercial relationship unless there has been a public announcement to the fact." Asiag added that "We are not actively pursuing or plan to pursue the use cases you mention" when Motherboard asked about selling location data for intelligence or surveillance purposes.The investor slides add that connected cars are expected to make up 95% of new cars sold in the United States by 2022. Ulysses, for its part, is aware of this ballooning growth."When one considers that there are approximately 100,000,000 vehicles manufactured around the world every year which are increasingly connected to the manufacturer, other vehicles, infrastructure and their owners it becomes apparent that telematics will revolutionize intelligence and create new fields of study within the community. By 2025 it is estimated that 100% of new cars will be connected at some level—each transmitted more than 25 gigabytes of data per hour," the document adds.The role of data that cars collect and who has access to it was a flashpoint in the November elections in Massachusetts. A "right to repair" ballot measure there sought to give independent manufacturers and owners greater ability to access repair information on vehicles; car manufacturers spent $25 million lobbying against it, claiming that passing the law would also give access to telematics data collected by various sensors. Manufacturers said this data was highly sensitive, and that wider access to it could be used by "sexual predators" to stalk innocent people (there was no specific provision in the measure that allowed this, and the measure overwhelmingly passed). Meanwhile, car companies are sharing this type of data with third-parties themselves.Subscribe to our cybersecurity podcast CYBER, here.