U.S. lawmakers have written to Defense Department Chief Information Officer Kirsten Davies, warning that foreign adversaries are exploiting commercial location data to pinpoint American service members deployed abroad. The officials claim the DoD has not taken sufficient steps to shield troops from attacks that could be guided by this readily available information.

Letter to Kirsten Davies Cites First DoD Confirmation of Data Abuse

In a bipartisan letter , members of Congress highlighted that this is the first public acknowledgment by the Department of Defense that hostile actors are leveraging commercial location data to target U.S. personnel in an active war zone. The lawmakers argue that the DoD’s response has been inadequate,despite the clear risk to force protection.

Commercial Phone Data Traced to a Syrian Cement Factory in 2016

According to the report,a contractor demonstrated in 2016 that publicly sold location data could map the movements of phones linked to U.S. special‑operations units , ultimately leading to an abandoned cement plant in Syria that was being used as a staging area. This historic example underscores how easily adversaries can create patterns‑of‑life analyses for targeting purposes.

Younger Service Members Face Heightened Digital Exposure

The letter points out that the modern, digitally‑savvy generation of service members is especially vulnerable because they generate more location signals through apps and devices. as data brokers aggregate these signals for advertising, the same datasets become a potential intelligence source for hostile nations.

Unanswered: Why Has the DoD Not Treated This as a "Five‑Alarm Fire"?

Lawmakers criticize the Pentagon for not elevating the threat to a five‑alarm fire, a term used for the most severe security incidents.. They note that federal cybersecurity experts have long recommended basic defenses—such as stricter data‑sharing policies and hardened device controls—that the DoD has yet to adopt .

What Remediation Steps Are Being Proposed?

While the letter does not detal a full remediation plan, it references recommended cyber‑defenses from federal experts, including limiting the sale of location data by U.S. companies, enforcing stricter vetting of contractors, and improving operational security protocols for troops in the field. The lawmakers urge immediate action to prevent adversaries from continuing to purchase and exploit this information.