The FBI is buying your location data and it doesn't need a warrant to do it
By Daily Direct Team · 19 March 2026
There is a version of this story that sounds like a conspiracy theory.
The federal government is purchasing detailed records of where Americans go — their movements, routines, patterns of life — from private data brokers. No warrant. No court order. No legal process of any kind. FBI Director Kash Patel confirmed it before Congress this week, and the most remarkable thing about the moment was how unremarkable it was treated.
It is not a conspiracy theory. It is a business transaction.
What Patel confirmed
Appearing before Congress, Patel acknowledged that the FBI purchases commercially available location data to track the movements of Americans. The distinction he was asked to explain — and did not effectively dispute — is a critical one.
When law enforcement obtains location data through a carrier like Verizon or AT&T, it must go through legal process: a warrant, a court order, a subpoena. A judge must find probable cause. There is a paper trail. There are constitutional guardrails, however imperfect.
When law enforcement buys the same data from a commercial data broker, none of that applies. The data is simply purchased, like a subscription. The warrant requirement — the Fourth Amendment protection against unreasonable searches — is bypassed entirely, not because it has been overruled, but because the government has found a way around it that the courts have not yet definitively closed.
The legal theory the government relies on is called the third-party doctrine: once you share information with a third party, you lose your constitutional expectation of privacy in it. You shared your location with your phone's apps. The apps sold it to brokers. The brokers sold it to the FBI. At no point, the argument goes, did the government search you.
Where your location data actually comes from
Most people have a vague awareness that their phone tracks them. Fewer understand the industrial scale of what happens to that data.
Every app that requests location access — weather apps, retail apps, navigation apps, games — is a potential data source. Many of these apps, buried in terms of service that nobody reads, sell precise GPS coordinates to data brokers. These brokers aggregate location pings from hundreds of millions of devices into detailed movement profiles: where you sleep, where you work, which medical clinics you visit, which political events you attend, which houses of worship you enter, who you meet and when.
This data is sold to marketers, insurers, employers — and, it turns out, federal law enforcement agencies. The FBI is not the only buyer. Immigration enforcement, the military, and other federal agencies have all been documented purchasing commercial location data in recent years. The FBI confirmation is notable not because it is new, but because it is rare candour about a practice that has largely operated in the shadows.
The data is precise enough to be genuinely revealing. A broker dataset does not just tell you that someone was in a particular suburb — it places them within metres of a specific address, at a specific time, cross-referenced against hundreds of other data points. It can reconstruct weeks of daily movement from a single purchase.
The car surveillance connection
This confirmation lands in the same week that details continue to circulate about the federal mandate requiring surveillance technology in all new US vehicles by 2027.
The two stories are not unrelated. The car mandate requires continuous biometric monitoring of drivers — cameras, sensors, physiological readers — ostensibly for impaired driving detection. The data those systems generate will exist somewhere. It will be stored by manufacturers, processed by software platforms, potentially sold to the same data broker ecosystem that the FBI is already tapping.
A future in which the FBI can purchase your location history from your phone, your movement patterns from your car's onboard systems, and your biometric baseline from your vehicle's impairment detection sensors — without obtaining a single warrant — is not a dystopian hypothetical. It is the logical extension of the framework Patel described before Congress this week.
Why the legal gap exists and why it hasn't been closed
The Supreme Court has nudged toward recognising limits on the third-party doctrine. In Carpenter v. United States (2018), the Court held that accessing historical cell-site location data — the tower pings that reconstruct a phone's movements — requires a warrant. Chief Justice Roberts, writing for the majority, acknowledged that the digital age had rendered the old third-party doctrine inadequate for the scale of information now routinely collected.
But Carpenter was narrow. It applied to cell-site records obtained from carriers, not to data purchased from brokers. The Court explicitly declined to resolve the broker question. And Congress, despite years of proposals for comprehensive data privacy legislation, has not passed a federal law closing the gap.
The result is a patchwork: some location data requires a warrant, some does not, and the line between them is drawn by what type of company holds it rather than by any principled assessment of how revealing it is. The FBI knows this, and acts accordingly.
Privacy advocates have argued for years that this gap would eventually be exploited at scale. This week's confirmation suggests it has been, routinely, for some time.
The chilling effect nobody is measuring
There is a harm from mass location surveillance that does not show up in any court record, because it never reaches a court.
When people know — or suspect — that their movements are being monitored, they change their behaviour. They don't attend the protest. They don't visit the clinic. They don't go to the meeting. This is the chilling effect: not the prosecution that happens, but the participation that doesn't.
The FBI's purchase of commercial location data is not being used, as far as anyone has confirmed, to prosecute ordinary Americans for ordinary activities. The stated use cases involve counterterrorism and serious criminal investigation. Patel would say — and likely did say — that the program is lawful and targeted.
But the architecture of that capability does not stay targeted. It expands to fit the priorities of whoever runs the agency. What is used for counterterrorism under one administration can be redirected under the next. The data infrastructure, once built, does not get dismantled. The broker relationships, once established, continue. The question of what the FBI does with location data depends entirely on who is directing it — and that changes every four years.
What you can actually do
The honest answer is: not much, within the current system. Opting out of location tracking requires a level of digital discipline that most people cannot sustain — disabling location services across all apps, using a VPN consistently, avoiding the devices that generate the data in the first place.
What is more tractable is political. The gap that allows warrantless purchase of commercial location data exists because Congress has not closed it. Comprehensive federal privacy legislation — the kind that would require a warrant for government purchase of commercial data, impose limits on what brokers can collect and sell, and give individuals meaningful rights over their own information — has been proposed repeatedly and has not passed.
The reason it has not passed is not technical. The data broker industry is large, well-funded, and politically connected. Its clients include not just law enforcement but the advertising industry, the insurance industry, and political campaigns. The incentives against closing the gap are substantial and distributed across many powerful interests.
That is the story underneath the story. The FBI buying your location data is the symptom. The unregulated data broker ecosystem is the condition.
Daily Direct covers the stories that connect — across technology, privacy, politics, and more — every morning. Subscribe here.