According to CDC documents from 2021 obtained by Motherboard via a Freedom of Information Act (FOIA) request, the program tracked patterns of people visiting K-12 schools - and in one case, monitored "the effectiveness of policy in the Navajo Nation." The documents reveal that while the CDC used the pandemic to justify purchasing the data more quickly, it actually intended to use it for general agency purposes.
The documents reveal the expansive plan the CDC had last year to use location data from a highly controversial data broker. SafeGraph, the company the CDC paid $420,000 for access to one year of data to, includes Peter Thiel and the former head of Saudi intelligence among its investors. Google banned the company from the Play Store in June. -Motherboard
The data which was purchased comes from cell phones - meaning SafeGraph can track where a person lives, works, and where they've been, and then sell that data to various entities. The data which the CDC bought was aggregated - which is designed to follow broad trends in how people are moving around, however researchers have raised concerns over how location data can be deanonymized to track specific individuals.
According to the CDC documents, SafeGraph's data "has been critical for ongoing response efforts, such as hourly monitoring of activity in curfew zones or detailed counts of visits to participating pharmacies for vaccine monitoring."
"The CDC seems to have purposefully created an open-ended list of use cases, which included monitoring curfews, neighbor to neighbor visits, visits to churches, schools and pharmacies, and also a variety of analysis with this data specifically focused on 'violence,'" said Zach Edwards, a cybersecurity researcher who closely follows the data marketplace.