Tracking Nation States (That are Tracking Your Audience)


Data leakage has been a topic of industry discussion for several years (and several more news cycles). These discussions are almost always centered on the economic impact of publishers giving away unique audience intelligence that they could otherwise be monetizing. At DEVCON, we’ve noticed another troubling side of data leakage - letting data slip to nation states with loose or outright authoritarian policies about information security.

Foreign Nations Cast Wide Nets

Michael F. D. Anaya, DEVCON’s Head of Global Cyber Investigations and Government Relations, says the risk is clear. When asked if a government like Russia could monitor communications, he answered emphatically. “Absolutely! Russian law empowers Russia’s security service, the Federalnaya Sluzhba Bezopasnosti (FSB), to use SORM (the acronym translates to “System for Operative Investigative Activities”) to collect, analyze and store all data transmitted or received on Russian networks.” Michael continued, “The FSB does this by installing monitoring devices with Russian internet service providers, allowing them to collect all the data flowing through - telephone calls, emails, website traffic, and credit card transactions.”

This isn’t secret clandestine monitoring, and it doesn’t just exist in Russia. Data sharing between ISPs and the government is a matter of public policy in China. “In November 2018, a new set of rules from Chinese Internet authorities were placed on the country’s largest app providers like Alibaba, Baidu and Tencent,” Michael points out. “These companies will be required to log all of their users’ activities, such as posting in blogs, microblogs, chat rooms, short video platforms and webcasts.”


How Nation States End Up on Your Site

In order to find every possible opportunity to place on your site, many networks look far and wide for demand partners. The actual ad calls get passed from server to server, and sometimes that means they travel all the way across the globe. As a result, all sorts of code from unprotected data environments can find its way to your audience. These might be legitimate ad networks with servers in other countries, or pixels from data miners looking to make their disinformation more effective. No matter how clear the stated purpose, any of this data becomes available to the governments of these nations, meaning your audience could be building foreign intelligence simply by visiting your site.

Your Ad Ops team may already be aware of this. Mishunda Mathis, DEVCON’s Head of Ad Operations, says that it’s easy to dismiss foreign trackers as insignificant oddities. “I think we have a tendency to write off marginal traffic from other countries as part of the beast,” Mai says. ”It seems like part of the cost of doing business on the internet. But in fact, this is a really easy way for countries to gather information for nefarious reasons.”

Get Some Intel on Intelligence Gathering

DEVCON customers will be glad to learn that our tools can now detect code from several nation states. We’ve set these to warning only by default - you can check your site for this activity by logging into our platform and checking your Alerts Manager. If you’d like to block this activity, let us know. We’ll be happy to discuss the source of these trackers and help you build a data protection strategy.

Not a DEVCON customer? You should consider joining our Freedom for Media study. We’ll monitor your site for free and you can help us paint a picture of the actions of foreign governments, hackers, and scammers across the web.

Andy Kahl