Hack Latino is an artificial intelligence-powered app for Latinos in the U.S., made by the Georgia-based entrepreneur Adrian Lozano Jr. It offers restaurant suggestions and consular information to more than 30,000 users, along with a key feature to keep them safe: a map of ICE sightings, launched in April.
It is one of a slew of mobile platforms created by nonprofit organizations, independent developers, and foreign governments, which have cropped up amid a surge in immigration raids in the U.S. The Donald Trump administration has vowed to enact mass deportations from the U.S., home to some 13.7 million undocumented individuals. The digital tools provide services such as “Know Your Rights” guides, legal information, and emergency resources to help the community prepare for potential encounters with immigration authorities.
Apps such as Hack Latino or digital tools like Stop ICE Alerts function much like the community patrols of the 1990s, when neighbors and activists in neighborhoods with a large Hispanic presence would warn others about the arrival of authorities — except these apps have the added benefit of real-time technology, said Pedro Rios, director of the American Friends Service Committee, a Quaker organization that supports migrants and refugees.
If they’re operating in the US, it doesn’t matter whether the app is intentionally pulling unnecessary information, there are still server logs showing the IP of each request being made for the real-time updates (ISPs also will have logs of the connections, even if they can’t see the SSL traffic directly). That IP + timestamp would let the government know (with the help of your ISP, who we know from the NSA leaks are all sharing info without asking for warrants) exactly who you are.
If you are routing all your traffic through a VPN, you can make that much harder to correlate, but unless you validate on the wire or in the code that the app isn’t sending e.g. a device ID or any other kind of unique identifier, it could still end up compromising you. A webpage just intrinsically doesn’t carry the same level of risk as a local app.
That’s why, as the article notes, many of these have been shutting down preemptively; they know they could be putting their users at risk.
thanks for taking the time explain the details. I guess when working against gov level tracking you need Tor/VPN/etc to stay safe.