Companies Claim Ability to Track Starlink Users—Raising Privacy and Security Concerns

Newly revealed documents indicate that several technology companies claim they can track and identify users of Starlink, the satellite internet service operated by SpaceX. The disclosures, highlighted by the Israeli newspaper Haaretz, raise significant privacy and security concerns for both consumers and government agencies that rely on the service.

Sales documents obtained by Haaretz detail how software tools could be used to monitor terminals accessing the SpaceX internet network. At least two companies, TechTarget and Rayzone, are reportedly marketing these tools, which aggregate data from multiple sources to pinpoint the locations of Starlink terminals. While these tools are not designed to directly exploit SpaceX systems, they are marketed primarily to government clients, according to Haaretz.

Fast Company also identified a third company, Shoghi, advertising services to identify Starlink users for government clients. Neither SpaceX nor multiple resellers providing Starlink services to U.S. government agencies responded to requests for comment.

Rayzone’s Response and Compliance

Rayzone, one of the companies named in the Haaretz report, stated in a response to Fast Company that it operates under the Israeli Ministry of Defense’s Defense Export Control Agency. The company emphasized that the export of its products and technologies requires government approval and strict internal compliance procedures. Rayzone declined to comment on media reports or its specific capabilities but asserted that its products are intended to assist government agencies in addressing terrorism and criminal activity.

Who Uses Starlink—and Why Tracking Matters

A wide range of users depend on satellite internet services like Starlink, including activist groups, drug smugglers, and military vessels. Governments may seek to purchase Starlink identification data from these firms for various reasons, such as national security or law enforcement. While the ability to identify satellite terminals is not new, the emergence of commercial tools capable of cataloging them at scale introduces fresh concerns.

Government Agencies Respond to Tracking Capabilities

The existence of these tracking tools has prompted questions about whether government agencies using Starlink have adequately protected their communications. A spokesperson for the U.S. Space Force Space Systems Command, which procures Starlink services for the military, stated:

“The U.S. Space Force takes the cybersecurity of our satellite communications and data networks extremely seriously. While we do not discuss specific operational security measures, threat assessments, or potential vulnerabilities due to OPSEC [operations security], we continuously monitor all integrated commercial systems to ensure they meet our rigorous security standards. We work closely with our commercial partners to identify, assess, and mitigate potential risks to our networks.”

A spokesperson for the U.S. State Department similarly declined to comment on alleged vulnerabilities or specific protective measures, stating:

“The State Department does not comment on alleged vulnerabilities, specific communications capabilities, or protective measures associated with systems used by our personnel.”

Despite these concerns, an increasing number of U.S. government agencies, including the State Department, are adopting Starlink or Starshield—a military-focused version of the service that operates on Starlink’s network.