Some years ago, when Russia first invaded Ukraine, I saw a story about a Russian soldier who was found to be in Ukraine. This matters because it was during the active conflict in that country, and Russia was denying that any of its troops were within Ukrainian borders. I'm not sure how many people actually believed this to begin with, but the denials became much harder to take seriously when a reporter found the Instagram account of a 24-year-old Russian soldier. The photos themselves were unremarkable, but unfortunately for him and his superiors, his phone tagged the photos with his GPS coordinates, which showed quite clearly that he was located in Ukraine rather than Russia. (The Russian government has since banned smartphone use while soldiers are on duty.)
Related to this, it came out last year that a fitness app had revealed the location and internal layout of some secret U.S. military bases around the world. By looking at where soldiers using the app had run, it was possible to see where the roads were.
One part of dealing with secret information is blackmail. Homosexuals were long barred from receiving security clearances due to fears that they could be blackmailed. Of course, this only made blackmail all the more powerful, since they risked loss of their careers in addition to social humiliation. (In the U.S., the ban was lifted by President Clinton in 1995.) But of course, this isn't the only source of potential leverage over someone with access to secret information. A friend of mine years ago had a high level security clearance, and she had to be incredibly careful about allowing new people into her life. How could she be sure who this person actually was?
And now that privacy is increasingly a memory, this has to be a concern for any organization focused on keeping data private. It has recently come out that NATO commissioned a study to look at the possibilities during a military exercise in Europe. In addition to looking up soldiers' existing information, the researchers created fake Facebook profiles and groups to catfish soldiers involved in the exercises. By doing so, they were able to identify about 150 soldiers participating in the maneuvers and several battalions, track troop movements, and were even able to induce some soldiers to leave their posts without permission. They also found information that could be used to gain leverage over service members, such as at least one instance of a soldier who was married but who also had a profile on a dating app. Said one of the researchers:
- Every person has a button. For somebody there's a financial issue, for somebody it's a very appealing date, for somebody it's a family thing. It's varied, but everybody has a button. The point is, what's openly available online is sufficient to know what that is.