Image: Marek Brew / Shutterstock.com

As reported by Austrian news portal Der Standard, Austria's Ministry of the Interior spent nearly €900,000 on a surveillance tool at the end of 2024. Its name: Tangles. The purchase was not announced at a press conference, but rather through an entry in an EU database. Since then, an uncomfortable question has been hanging in the air: What exactly can this software do – and how far does its use go?

What can Tangles do—and what's behind it?

Tangles belongs to the field of so-called "open source intelligence." This involves the systematic evaluation of data from social networks, forums, and even the darknet. Authorities have been arguing for years that such tools are necessary to detect extremism and terrorism at an early stage.

The tool was originally developed by the Israeli company Cobwebs. In 2021, Meta labeled the company a "cyber mercenary of the surveillance industry" and blocked numerous associated accounts. Cobwebs was later acquired by a US investor and merged with Penlink.

However, the company has been facing criticism for years—among other things, because of its involvement in politically sensitive contexts.

The delicate connection to ICE

Particularly explosive: Penlink tools are used by the US Immigration and Customs Enforcement (ICE). This involves not only social media analysis, but also location data from smartphones. A module called Webloc enables precisely that.

It is unclear whether this module is also used in Austria. This is precisely where the silence begins. Enquiries from researchers and members of parliament have gone unanswered. The reason given is that they do not want to allow any conclusions to be drawn about "equipment and strategies."

Der Standard quotes Vienna-based researcher Wolfie Christl, who criticizes: "It is extremely worrying from a democratic point of view that the Ministry of the Interior refuses to answer Parliament's question as to whether the police or intelligence services are misusing behavior data collected from digital advertising for surveillance purposes, even if this data has been collected in a problematic or even illegal manner."

Location data: Harmless or highly sensitive?

Location data is anything but neutral. It reveals where someone lives, works, or spends their free time. Anyone who regularly visits a particular clinic or frequently stays in a certain place reveals more than they may realize.

Christl warns: "If Webloc were to be used in Austria, it would enable a kind of uncontrolled mass surveillance—based on large amounts of purchased personal behavioral data on millions of people in Austria."

What's more, such data often comes from apps that require location access—from weather services to mobile games. The data is often shared via advertising networks. There is no such thing as true anonymity.

We say: Democracy needs clarity

The only thing that is certain so far is that €847,000 was spent on "10 licenses + admin users." Whether the contract was extended or which specific functions are being used remains unclear.

National security is important. But security without transparency breeds mistrust. When even basic questions go unanswered, it creates the impression that control is more of a nuisance than a matter of course.

We consider this development dangerous. Not because security agencies are using modern technology, but because they are doing so in secret. Those who want to protect democratic values must not operate in gray areas when choosing their tools and partners. Technology must not be a carte blanche to quietly undermine fundamental rights.

Source: derstandard.de