EU officials have become the latest victims of digital surveillance, as a new investigation reveals that their phone location data was being openly sold by commercial data brokers.
Despite the European Union’s reputation for having some of the world’s toughest privacy laws, journalists found that the movements of senior EU leaders could be tracked and purchased with ease, exposing alarming gaps in Europe’s data protection enforcement.
According to a report from Netzpolitik, a coalition of European journalists discovered that it was “surprisingly easy” to track senior EU officials using datasets freely offered by a data broker. The sample included an enormous 278 million location points collected from mobile phones across Belgium, home to key EU institutions like the European Commission and European Parliament.
The data, often gathered through everyday apps installed on smartphones, is quietly funneled to data brokers who then sell it to governments, intelligence agencies, and private companies. In this case, the dataset exposed the detailed movement histories of high-level officials, including those directly employed by the European Commission in Brussels.
Investigators were able to pinpoint hundreds of devices used by EU staff, identifying nearly 2,000 location markers from 264 officials’ phones and more than 5,800 markers from 750 devices linked to the European Parliament. These records could reveal sensitive information about officials’ workplaces, commutes, and private routines.
The European Commission confirmed that it is “concerned” about the ease with which such phone location data is being traded. Officials have reportedly issued new internal guidance to help staff reduce their exposure to tracking.
This revelation underscores a growing tension between Europe’s tough privacy regulations and the thriving underground data broker industry, now worth billions. While the EU’s GDPR law was designed to protect personal information, enforcement has often lagged behind the rapid expansion of the data trade.
Experts say both regulators and consumers remain vulnerable as long as apps continue to harvest precise location data. Though users can take small steps—such as anonymizing device identifiers on iPhones or regularly resetting them on Android devices, the fundamental problem lies in unchecked commercial surveillance.
The issue isn’t theoretical. Just last year, Gravy Analytics, a major data broker, suffered a breach that exposed the movements of tens of millions of people. Researchers found that the leaked information could be used to map out where individuals live, work, and travel, illustrating how dangerously revealing such datasets can be.
Europe’s latest data leak highlights a disturbing reality: even in regions with strong privacy laws, phone location data remains a lucrative and weakly regulated commodity, one that can turn anyone, including senior officials, into an unwitting surveillance target.
