Europe’s operational security is seriously compromised. Journalists easily tracked top European Union officials using commercially available location data, underscoring a critical security gap that existing GDPR laws have failed to close.

Despite Europe having the world’s strongest data protection rules, reporters obtained 278 million location data points originally collected by ordinary mobile apps that enabled them to trace the movement of EU officials.

This data included granular location histories for employees of the European Commission and European Parliament, demonstrating that anonymised mobile data can be easily be de-anonymised to expose the routines of high-value targets.

The billion-dollar location data brokering industry continues to operate with slow enforcement from European watchdogs, creating a permanent, systemic risk to operational security for all organisations, not just government bodies.

This incident is a clear warning that companies must move beyond regulatory compliance and implement advanced Mobile Threat Defense (MTD) solutions. Zero-Trust principles and comprehensive Data Leak Prevention (DLP) are essential to secure employee devices and prevent the exploitation of commercially available location data for corporate espionage or physical security threats.