Skip to main content

Home/ Socialism and the End of the American Dream/ Group items tagged cellphone-tracking

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

Operation AURORAGOLD: How the NSA Hacks Cellphone Networks Worldwide - 0 views

firstlook.org/...nsa-auroragold-hack-cellphones

surveillance state NSA NSA-methods cell-network-penetration AURORAGOLD

shared by Paul Merrell on 06 Dec 14 - No Cached
  • In March 2011, two weeks before the Western intervention in Libya, a secret message was delivered to the National Security Agency. An intelligence unit within the U.S. military’s Africa Command needed help to hack into Libya’s cellphone networks and monitor text messages. For the NSA, the task was easy. The agency had already obtained technical information about the cellphone carriers’ internal systems by spying on documents sent among company employees, and these details would provide the perfect blueprint to help the military break into the networks. The NSA’s assistance in the Libya operation, however, was not an isolated case. It was part of a much larger surveillance program—global in its scope and ramifications—targeted not just at hostile countries.
  • According to documents contained in the archive of material provided to The Intercept by whistleblower Edward Snowden, the NSA has spied on hundreds of companies and organizations internationally, including in countries closely allied to the United States, in an effort to find security weaknesses in cellphone technology that it can exploit for surveillance. The documents also reveal how the NSA plans to secretly introduce new flaws into communication systems so that they can be tapped into—a controversial tactic that security experts say could be exposing the general population to criminal hackers. Codenamed AURORAGOLD, the covert operation has monitored the content of messages sent and received by more than 1,200 email accounts associated with major cellphone network operators, intercepting confidential company planning papers that help the NSA hack into phone networks.
  • Karsten Nohl, a leading cellphone security expert and cryptographer who was consulted by The Intercept about details contained in the AURORAGOLD documents, said that the broad scope of information swept up in the operation appears aimed at ensuring virtually every cellphone network in the world is NSA accessible.
  • ...11 more annotations...
  • “Collecting an inventory [like this] on world networks has big ramifications,” Nohl said, because it allows the NSA to track and circumvent upgrades in encryption technology used by cellphone companies to shield calls and texts from eavesdropping. Evidence that the agency has deliberately plotted to weaken the security of communication infrastructure, he added, was particularly alarming. “Even if you love the NSA and you say you have nothing to hide, you should be against a policy that introduces security vulnerabilities,” Nohl said, “because once NSA introduces a weakness, a vulnerability, it’s not only the NSA that can exploit it.”
  • The AURORAGOLD operation is carried out by specialist NSA surveillance units whose existence has not been publicly disclosed: the Wireless Portfolio Management Office, which defines and carries out the NSA’s strategy for exploiting wireless communications, and the Target Technology Trends Center, which monitors the development of new communication technology to ensure that the NSA isn’t blindsided by innovations that could evade its surveillance reach. The center’s logo is a picture of the Earth overshadowed by a large telescope; its motto is “Predict – Plan – Prevent.”
  • The NSA documents reveal that, as of May 2012, the agency had collected technical information on about 70 percent of cellphone networks worldwide—701 of an estimated 985—and was maintaining a list of 1,201 email “selectors” used to intercept internal company details from employees. (“Selector” is an agency term for a unique identifier like an email address or phone number.) From November 2011 to April 2012, between 363 and 1,354 selectors were “tasked” by the NSA for surveillance each month as part of AURORAGOLD, according to the documents. The secret operation appears to have been active since at least 2010.
  • By covertly monitoring GSMA working groups in a bid to identify and exploit security vulnerabilities, the NSA has placed itself into direct conflict with the mission of the National Institute for Standards and Technology, or NIST, the U.S. government agency responsible for recommending cybersecurity standards in the United States. NIST recently handed out a grant of more than $800,000 to GSMA so that the organization could research ways to address “security and privacy challenges” faced by users of mobile devices. The revelation that the trade group has been targeted for surveillance may reignite deep-seated tensions between NIST and NSA that came to the fore following earlier Snowden disclosures. Last year, NIST was forced to urge people not to use an encryption standard it had previously approved after it emerged NSA had apparently covertly worked to deliberately weaken it.
  • The NSA focuses on intercepting obscure but important technical documents circulated among the GSMA’s members known as “IR.21s.” Most cellphone network operators share IR.21 documents among each other as part of agreements that allow their customers to connect to foreign networks when they are “roaming” overseas on a vacation or a business trip. An IR.21, according to the NSA documents, contains information “necessary for targeting and exploitation.” The details in the IR.21s serve as a “warning mechanism” that flag new technology used by network operators, the NSA’s documents state. This allows the agency to identify security vulnerabilities in the latest communication systems that can be exploited, and helps efforts to introduce new vulnerabilities “where they do not yet exist.” The IR.21s also contain details about the encryption used by cellphone companies to protect the privacy of their customers’ communications as they are transmitted across networks. These details are highly sought after by the NSA, as they can aid its efforts to crack the encryption and eavesdrop on conversations.
  • One of the prime targets monitored under the AURORAGOLD program is the London-headquartered trade group, the GSM Association, or the GSMA, which represents the interests of more than 800 major cellphone, software, and internet companies from 220 countries. The GSMA’s members include U.S.-based companies such as Verizon, AT&T, Sprint, Microsoft, Facebook, Intel, Cisco, and Oracle, as well as large international firms including Sony, Nokia, Samsung, Ericsson, and Vodafone. The trade organization brings together its members for regular meetings at which new technologies and policies are discussed among various “working groups.” The Snowden files reveal that the NSA specifically targeted the GSMA’s working groups for surveillance.
  • Last year, the Washington Post reported that the NSA had already managed to break the most commonly used cellphone encryption algorithm in the world, known as A5/1. But the information collected under AURORAGOLD allows the agency to focus on circumventing newer and stronger versions of A5 cellphone encryption, such as A5/3. The documents note that the agency intercepts information from cellphone operators about “the type of A5 cipher algorithm version” they use, and monitors the development of new algorithms in order to find ways to bypass the encryption. In 2009, the British surveillance agency Government Communications Headquarters conducted a similar effort to subvert phone encryption under a project called OPULENT PUP, using powerful computers to perform a “crypt attack” to penetrate the A5/3 algorithm, secret memos reveal. By 2011, GCHQ was collaborating with the NSA on another operation, called WOLFRAMITE, to attack A5/3 encryption. (GCHQ declined to comment for this story, other than to say that it operates within legal parameters.)
  • The extensive attempts to attack cellphone encryption have been replicated across the Five Eyes surveillance alliance. Australia’s top spy agency, for instance, infiltrated an Indonesian cellphone company and stole nearly 1.8 million encryption keys used to protect communications, the New York Times reported in February.
  • The NSA’s documents show that it focuses on collecting details about virtually all technical standards used by cellphone operators, and the agency’s efforts to stay ahead of the technology curve occasionally yield significant results. In early 2010, for instance, its operatives had already found ways to penetrate a variant of the newest “fourth generation” smartphone-era technology for surveillance, years before it became widely adopted by millions of people in dozens of countries. The NSA says that its efforts are targeted at terrorists, weapons proliferators, and other foreign targets, not “ordinary people.” But the methods used by the agency and its partners to gain access to cellphone communications risk significant blowback. According to Mikko Hypponen, a security expert at Finland-based F-Secure, criminal hackers and foreign government adversaries could be among the inadvertent beneficiaries of any security vulnerabilities or encryption weaknesses inserted by the NSA into communication systems using data collected by the AURORAGOLD project.
  • Vines, the NSA spokeswoman, told The Intercept that the agency was committed to ensuring an “open, interoperable, and secure global internet.” “NSA deeply values these principles and takes great care to honor them in the performance of its lawful foreign-intelligence mission,” Vines said.
  • Documents published with this article: AURORAGOLD – Project Overview AURORAGOLD Working Group IR.21 – A Technology Warning Mechanism AURORAGOLD – Target Technology Trends Center support to WPMO NSA First-Ever Collect of High-Interest 4G Cellular Signal AURORAGOLD Working Aid WOLFRAMITE Encryption Attack OPULENT PUP Encryption Attack NSA/GCHQ/CSEC Network Tradecraft Advancement Team
  • Paul Merrell on 06 Dec 14
     
    Notice that they've cracked even 4G.
Paul Merrell

For sale: Systems that can secretly track where cellphone users go around the globe - T... - 0 views

www.washingtonpost.com/...3-bf76-447a5df6411f_story.html

surveillance-state Verint cellphone-tracking SS7 IMSI surveillance-proliferation

shared by Paul Merrell on 26 Aug 14 - No Cached
  • Makers of surveillance systems are offering governments across the world the ability to track the movements of almost anybody who carries a cellphone, whether they are blocks away or on another continent. The technology works by exploiting an essential fact of all cellular networks: They must keep detailed, up-to-the-minute records on the locations of their customers to deliver calls and other services to them. Surveillance systems are secretly collecting these records to map people’s travels over days, weeks or longer, according to company marketing documents and experts in surveillance technology.
  • The world’s most powerful intelligence services, such as the National Security Agency and Britain’s GCHQ, long have used cellphone data to track targets around the globe. But experts say these new systems allow less technically advanced governments to track people in any nation — including the United States — with relative ease and precision.
  • It is unclear which governments have acquired these tracking systems, but one industry official, speaking on the condition of anonymity to share sensitive trade information, said that dozens of countries have bought or leased such technology in recent years. This rapid spread underscores how the burgeoning, multibillion-dollar surveillance industry makes advanced spying technology available worldwide. “Any tin-pot dictator with enough money to buy the system could spy on people anywhere in the world,” said Eric King, deputy director of Privacy International, a London-based activist group that warns about the abuse of surveillance technology. “This is a huge problem.”
  • ...9 more annotations...
  • Yet marketing documents obtained by The Washington Post show that companies are offering powerful systems that are designed to evade detection while plotting movements of surveillance targets on computerized maps. The documents claim system success rates of more than 70 percent. A 24-page marketing brochure for SkyLock, a cellular tracking system sold by Verint, a maker of analytics systems based in Melville, N.Y., carries the subtitle “Locate. Track. Manipulate.” The document, dated January 2013 and labeled “Commercially Confidential,” says the system offers government agencies “a cost-effective, new approach to obtaining global location information concerning known targets.”
  • tracking systems that access carrier location databases are unusual in their ability to allow virtually any government to track people across borders, with any type of cellular phone, across a wide range of carriers — without the carriers even knowing. These systems also can be used in tandem with other technologies that, when the general location of a person is already known, can intercept calls and Internet traffic, activate microphones, and access contact lists, photos and other documents. Companies that make and sell surveillance technology seek to limit public information about their systems’ capabilities and client lists, typically marketing their technology directly to law enforcement and intelligence services through international conferences that are closed to journalists and other members of the public.
  • Security experts say hackers, sophisticated criminal gangs and nations under sanctions also could use this tracking technology, which operates in a legal gray area. It is illegal in many countries to track people without their consent or a court order, but there is no clear international legal standard for secretly tracking people in other countries, nor is there a global entity with the authority to police potential abuses.
  • (Privacy International has collected several marketing brochures on cellular surveillance systems, including one that refers briefly to SkyLock, and posted them on its Web site. The 24-page SkyLock brochure and other material was independently provided to The Post by people concerned that such systems are being abused.)
  • Verint, which also has substantial operations in Israel, declined to comment for this story. It says in the marketing brochure that it does not use SkyLock against U.S. or Israeli phones, which could violate national laws. But several similar systems, marketed in recent years by companies based in Switzerland, Ukraine and elsewhere, likely are free of such limitations.
  • The tracking technology takes advantage of the lax security of SS7, a global network that cellular carriers use to communicate with one another when directing calls, texts and Internet data. The system was built decades ago, when only a few large carriers controlled the bulk of global phone traffic. Now thousands of companies use SS7 to provide services to billions of phones and other mobile devices, security experts say. All of these companies have access to the network and can send queries to other companies on the SS7 system, making the entire network more vulnerable to exploitation. Any one of these companies could share its access with others, including makers of surveillance systems.
  • Companies that market SS7 tracking systems recommend using them in tandem with “IMSI catchers,” increasingly common surveillance devices that use cellular signals collected directly from the air to intercept calls and Internet traffic, send fake texts, install spyware on a phone, and determine precise locations. IMSI catchers — also known by one popular trade name, StingRay — can home in on somebody a mile or two away but are useless if a target’s general location is not known. SS7 tracking systems solve that problem by locating the general area of a target so that IMSI catchers can be deployed effectively. (The term “IMSI” refers to a unique identifying code on a cellular phone.)
  • Verint can install SkyLock on the networks of cellular carriers if they are cooperative — something that telecommunications experts say is common in countries where carriers have close relationships with their national governments. Verint also has its own “worldwide SS7 hubs” that “are spread in various locations around the world,” says the brochure. It does not list prices for the services, though it says that Verint charges more for the ability to track targets in many far-flung countries, as opposed to only a few nearby ones. Among the most appealing features of the system, the brochure says, is its ability to sidestep the cellular operators that sometimes protect their users’ personal information by refusing government requests or insisting on formal court orders before releasing information.
  • Another company, Defentek, markets a similar system called Infiltrator Global Real-Time Tracking System on its Web site, claiming to “locate and track any phone number in the world.” The site adds: “It is a strategic solution that infiltrates and is undetected and unknown by the network, carrier, or the target.”
  • Paul Merrell on 26 Aug 14
     
    The Verint company has very close ties to the Iraeli government. Its former parent company Comverse, was heavily subsidized by Israel and the bulk of its manufacturing and code development was done in Israel. See https://en.wikipedia.org/wiki/Comverse_Technology "In December 2001, a Fox News report raised the concern that wiretapping equipment provided by Comverse Infosys to the U.S. government for electronic eavesdropping may have been vulnerable, as these systems allegedly had a back door through which the wiretaps could be intercepted by unauthorized parties.[55] Fox News reporter Carl Cameron said there was no reason to believe the Israeli government was implicated, but that "a classified top-secret investigation is underway".[55] A March 2002 story by Le Monde recapped the Fox report and concluded: "Comverse is suspected of having introduced into its systems of the 'catch gates' in order to 'intercept, record and store' these wire-taps. This hardware would render the 'listener' himself 'listened to'."[56] Fox News did not pursue the allegations, and in the years since, there have been no legal or commercial actions of any type taken against Comverse by the FBI or any other branch of the US Government related to data access and security issues. While no real evidence has been presented against Comverse or Verint, the allegations have become a favorite topic of conspiracy theorists.[57] By 2005, the company had $959 million in sales and employed over 5,000 people, of whom about half were located in Israel.[16]" Verint is also the company that got the Dept. of Homeland Security contract to provide and install an electronic and video surveillance system across the entire U.S. border with Mexico.  One need not be much of a conspiracy theorist to have concerns about Verint's likely interactions and data sharing with the NSA and its Israeli equivalent, Unit 8200. 
Paul Merrell

The US government doesn't want you to know the cops are tracking you | Trevor Timm | Co... - 0 views

www.theguardian.com/...ng-calls-stingray-surveillance

surveillance state local-law-enforcement location-data stingrays

shared by Paul Merrell on 15 Jun 14 - No Cached
  • All across America, from Florida to Colorado and back again, the country's increasingly militarized local police forces are using a secretive technology to vacuum up cellphone data from entire neighborhoods – including from people inside their own homes – almost always without a warrant. This week, numerous investigations by major news agencies revealed the US government is now taking unbelievable measures to make sure you never find out about it. But a landmark court ruling for privacy could soon force the cops to stop, even as the Obama administration fights to keep its latest tool for mass surveillance a secret.So-called International Mobile Subscriber Identity (IMSI) catchers – more often called their popular brand name, "Stingray" – have long been the talk of the civil liberties crowd, for the indiscriminate and invasive way these roving devices conduct surveillance. Essentially, Stingrays act as fake cellphone towers (usually mounted in a mobile police truck) that police can point toward any given area and force every phone in the area to connect to it. So even if you're not making a call, police can find out who you've been calling, and for how long, as well as your precise location. As Nathan Freed Wessler of the ACLU explained on Thursday, "In one Florida case, a police officer explained in court that he 'quite literally stood in front of every door and window' with his stingray to track the phones inside a large apartment complex."
  • Yet these mass surveillance devices have largely stayed out of the public eye, thanks to the federal government and local police refusing to disclose they're using them in the first place – sometimes, shockingly, even to judges. As the Associated Press reported this week, the Obama administration has been telling local cops to keep information on Stingrays secret from members of the news media, even when it seems like local public records laws would mandate their disclosure. The AP noted:Federal involvement in local open records proceedings is unusual. It comes at a time when President Barack Obama has said he welcomes a debate on government surveillance and called for more transparency about spying in the wake of disclosures about classified federal surveillance programs.
  • Some of the government's tactics to hide Stingray from journalists and the public have been downright disturbing. After the ACLU had filed a records request for information on Stingrays, the local police force initially told them that, yes, they had the documents and to come on down to the station to look at them. But just before an ACLU rep was due to arrive, US Marshals seized the records and hid them away at another location, in what Wessler describes as "a blatant violation of state open-records laws".The federal government has used various other tactics around the country to prevent disclosure of similar information.USA Today also published a significant nationwide investigation about the Stingray problem, as well as what are known as "cellphone tower dumps". When police agencies don't have Stingrays at their disposal, they can go to cell phone providers to get the cellphone location information of everyone who has connected to a specific cell tower (which inevitably includes thousands of innocent people). The paper's John Kelly reported that one Colorado case shows cellphone tower dumps got police "'cellular telephone numbers, including the date, time and duration of any calls,' as well as numbers and location data for all phones that connected to the towers searched, whether calls were being made or not."
  • ...3 more annotations...
  • It's scary enough to think that the NSA is collecting so much information, but this mass location and metadata tracking at the local level all may be about to change. This week, the ACLU won a historic victory in the 11th Circuit Court of Appeals (serving Florida, Alabama and Georgia), which ruled that police need to get a warrant from a judge before extracting from your cellphone the location data obtained by way of a cell tower. This ruling will apply whether cops are going after one person, the whole tower and, one can assume, Stingrays. (The case was also argued by the aforementioned Wessler, who clearly is this month’s civil liberties Most Valuable Player.)This case has huge implications, and not just for the Stingrays secretly being used in Florida. It virtually guarantees the US supreme court will soon have to tackle the larger cellphone location question in some form – and whether police across the country have to finally start getting a warrant to find out where your precise location for days or weeks at a time. But as Stanford law professor Jennifer Granick wrote on Friday, it could also have an impact on NSA spying, which relies on the theory that indiscriminately collecting metadata is fair game until a court says otherwise.
  • You may be asking: how, exactly, are the local cops getting their hands on such advanced military technology? Well, the feds are, in many cases, giving away the technology for free. When the US government is not loaning police agencies their own Stingrays, the Defense Department and Homeland Security are giving federal grants to cops, which allow departments to purchase the gear at the cost of $400,000 a pop from defense contractors like Harris Corporation, which makes the Stingray brand.
  • Like Stingrays, and the NSA's phone dragnet before them, the militarization of America's local cops is a phenomenon that's only now getting widespread attention. As journalist Radley Balko, who wrote a seminal book on the subject two years ago, said this week, the Obama administration could easily limit these tactics to "cases of legitimate national security" – but has clearly chosen not to.No matter how much President Obama talks about how he has "maintained a healthy skepticism toward our surveillance programs", it seems the Most Transparent Administration in American History™ remains much more interested in maintaining a healthy, top-secret surveillance state.
Paul Merrell

Ed Markey letters from cellphone companies: How often AT&T, T-mobile give the governmen... - 0 views

www.slate.com/..._often_at_t_t_mobile_give.html

surveillance state Cell-phone-tracking law-enforcement

shared by Paul Merrell on 11 Dec 13 - No Cached
  • Cellphones are the spies in our pockets, gathering information about whom we befriend, what we say, where we go, and what we read. That’s why Sen. Edward Markey, D-Mass., recently asked the nation’s major cellphone companies to disclose how frequently they receive requests from law enforcement for customer call records—including the content of communications, numbers dialed, websites visited, and location data. Sometimes police have a warrant, sometimes they don’t. Seven companies provided information in response to the inqury. The letters Markey received, which were covered today in the Boston Globe, Washington Post, and New York Times, show that the quantity of requests for these records is staggering. T-Mobile and AT&T together received nearly 600,000 requests for customer information in 2012. AT&T has to employ more than 100 full-time workers to process them. And police demand for our call records is growing rapidly, with requests to Verizon doubling in the last five years.
  • he companies keep records of where you have traveled in the past and can track you in real time—so law enforcement can do it, too. In some ways having a police officer track you in real time electronically is even worse, because you never know when it’s happening. Historical records can be even more sensitive than real-time tracking, stretching back for months or even years, and reveal your daily routine and every deviation from it.
  • Unfortunately, according to the companies’ letters, some of them appear to be handing over the content of our digital communications without a warrant. AT&T discloses stored texts or voicemails that are older than 180 days old with a subpoena—no court supervision or probable cause required. In one bright spot, T-Mobile requires a warrant for texts and voicemails. The letters also show that in its search for evidence about a handful of guilty people, law enforcement often obtains the data of hundreds or thousands of innocent people. For example, through a technique known as “tower dumps,” law enforcement agents can see all of the cellphones using a particular tower in a given time range. There were approximately 9,000 tower dumps reported in 2012 (with not all companies reporting). What happens to that data? Could it be used for future investigations? No one really knows, because there are no clear policies in place, and the people whose data is turned over are never notified.
  • Paul Merrell on 11 Dec 13
     
    Note that this is about requests from *law enforcement," not from the federal spy agencies. 
Paul Merrell

Missouri house bans cellphone tracking without a warrant, 134-13 | Tenth Amendment Cent... - 0 views

blog.tenthamendmentcenter.com/...cking-without-a-warrant-134-13

surveillance state Missouri NSA-blowback NSA-reform legislation

shared by Paul Merrell on 16 Mar 14 - No Cached
  • Yesterday, the Missouri house overwhelmingly approved a bill to ban the obtaining of cellphone location tracking information without a warrant. House Bill 1388 (HB1388) prohibits use of such information in civil or criminal proceedings, and even bans its use as “an affidavit of probable cause in an effort to obtain a search warrant.” Introduced by Rep. Robert Cornejo, the measure passed by a vote of 134-13. HB1388 will not only add a key protection to bolster the privacy rights of Missourians from potential local abuse, it will also end some practical effects of unconstitutional data gathering by the federal government. NSA collects, stores, and analyzes data on countless millions of people without a warrant, and without even the mere suspicion of criminal activity. The NSA tracks the physical location of people through their cellphones. In late 2013, the Washington Post reported that NSA is “gathering nearly 5 billion records a day on the whereabouts of cellphones around the world.” This includes location data on “tens of millions” of Americans each year – without a warrant. Through fusion centers, state and local law enforcement act as “information recipients” to various federal departments under Information Sharing Environment (ISE). ISE partners include the Office of Director of National Intelligence, which is an umbrella covering 17 federal agencies and organizations, including the NSA.
  • The NSA expressly shares warrantless data with state and local law enforcement through a super-secret DEA unit known as the Special Operations Division (SOD). That information is being used for criminal prosecutions. Reuters reported that most of this shared data has absolutely nothing to do with national security issues. Most of it involves routine criminal investigations. In short – banning state government entities in Missouri from obtaining phone location tracking information without a warrant will block them from receiving that kind of information from federal agencies who routinely collect it without warrant. HB1388 is part of a package of bills designed to thwart the surveillance state being considered in the Missouri legislature this year.  SB819 would deny compliance and material support from the state to the NSA as long as they continue their unconstitutional spying programs. SJR27 would amend the Missouri State Constitution to protect residents’ electronic data from warrantless searches. HB1388 now moves to the State Senate where it will first be assigned to a committee for approval before the full senate has an opportunity to send it to Gov. Nixon’s desk for a signature.
Paul Merrell

Justice Dept. to Require Warrants for Some Cellphone Tracking - The New York Times - 0 views

www.nytimes.com/...r-some-cellphone-tracking.html

surveillance state DoJ-policy Stingray-surveillance warrants

shared by Paul Merrell on 05 Sep 15 - No Cached
  • The Justice Department will regularly require federal agents to seek warrants before using secretive equipment that can locate and track cellphones, the agency announced Thursday, the first regulations on an increasingly controversial technology.The new policy, which also limits what information may be collected and how long it can be stored, puts a measure of judicial oversight on a technology that was designed to hunt terrorists overseas but has become a popular tool among federal agents and local police officers for fighting crime.Civil libertarians have expressed grave privacy concerns about the technology’s proliferation, but the new Justice Department policies do not apply to local police forces.
  • The device, commonly called a cell-site simulator or StingRay, tricks cellphones into connecting with it by acting like a cell tower, allowing the authorities to determine the location of a tracked phone. In doing so, however, the equipment also connects with all other phones in the area, allowing investigators to collect information on people not suspected of any crime.The device is also capable of capturing calls, text messages, emails and other data. Until Thursday’s regulations, the rules for the use of that information and the duration it could be kept had not been detailed and varied across the department’s offices and agencies.
  • Paul Merrell on 05 Sep 15
     
    A policy is not a law. DoJ is trying to spread some tanglefoot for civil liberties organizations that are prepping litigation over unfettered abuse of Stingray devices by federal, state, and local officials. Warrantless use of Stingrays has been severely undermined by recent Supreme Court rulings, notably U.S. v. Jones and Riley v. California.
Paul Merrell

Tacoma, Wash. police use 'Stingray' system to sweep cellphone data | Al Jazeera America - 0 views

america.aljazeera.com/...tacoma-cell-surveillance.html

surveillance state stingrays IMSI ACLU-report

shared by Paul Merrell on 30 Aug 14 - No Cached
  • A Washington state police department just south of Seattle has for years been quietly using controversial surveillance equipment that can collect records of all cellphone calls, text messages and data transfers within a half-mile radius, according to local media. The Stingray surveillance system, deployed by the Tacoma Police Department since 2009, “tricks cellphones into thinking it’s a cell tower and draws in their information,” local news website The Olympian reported Wednesday. The device is reportedly capable of indiscriminate data collection, which worries civil rights advocates. The American Civil Liberties Union (ACLU) said it has identified at least 43 police departments in 18 states that use Stingray equipment. The rights group said on its website that police use of such a device may violate the U.S. Constitution's Fourth Amendment, and with taxpayers’ money.
  • "The result is that police gather the electronic serial numbers and other information about phones, as well as the direction and strength of each phone's signal, allowing precise location tracking,” the ACLU said. “Stingrays can also gather information about people's communications, such as which phone numbers they call. Because we carry our cellphones with us virtually everywhere we go, Stingrays can paint a precise picture of where we are and who we spend time with, including our location in a lover's house, in a psychologist's office or at a political protest." Tacoma Police Department’s Assistant Police Chief Kathy McAlpine said that officers only use Stingray with permission from a judge, and that they do not collect data. “It is used in felony-level crimes to locate suspects wanted for crimes such as homicide, rape, robbery, kidnapping, and narcotics trafficking,” McAlpine said. The department said the device has been used nearly 200 times since June.
  • The Tacoma City Council approved buying an updated version of the equipment in March 2013 on the grounds that it would be used to find improvised explosive devices. McAlpine said they have never used the Stingray to locate such a device. Civil rights groups said they are concerned about the possibility of indiscriminate data collection, and worry that police could store the data of innocent citizens. “They are essentially searching the homes of innocent Americans to find one phone used by one person,” said Christopher Soghoian, principal technologist with the ACLU in Washington, D.C. “It’s like they’re kicking down the doors of 50 homes and searching 50 homes because they don’t know where the bad guy is.” A similar controversy erupted in nearby Seattle last November, when  alternative news website The Stranger reported that a new apparatus capable of geo-locating and tracking the movement of any wireless device that passes it was quietly installed in a Seattle neighborhood.
  • ...1 more annotation...
  • The U.S. Supreme Court unanimously ruled in June that warrantless searches of cellphone data were illegal in most cases. It is unclear how the ruling would apply to such a device that is capable of indiscriminate data collection, but police say it is not used for that purpose.
Paul Merrell

New York Police Have Used Stingrays Widely, New Documents Show - 0 views

theintercept.com/...rays-widely-new-documents-show

surveillance state NYPD stingrays ACLU

shared by Paul Merrell on 13 Feb 16 - No Cached
  • The NYPD has used cell-site simulators, commonly known as Stingrays, more than 1,000 times since 2008, according to documents turned over to the New York Civil Liberties Union. The documents represent the first time the department has acknowledged using the devices. The NYPD also disclosed that it does not get a warrant before using a Stingray, which sweeps up massive amounts of data. Instead, the police obtain a “pen register order” from a court, more typically used to collect call data for a specific phone. Those orders do not require the police to establish probable cause. Additionally, the NYPD has no written policy guidelines on the use of Stingrays. Stingrays work by imitating cellphone towers. They force all nearby phones to connect to them, revealing the owners’ locations. That means they collect data on potentially hundreds of people. They are small enough to fit in a suitcase, or be mounted on a plane.
  • When they were originally developed in 2003, Stingrays were designed for military use. But in the past decade, they have increasingly been purchased by law enforcement agencies. According to the ACLU, Stingrays are used by at least 59 police departments in 23 states, and at least 13 federal agencies, including the DEA, FBI, and the IRS. Because most departments withhold information about Stingrays, these numbers likely underrepresent the total.
  • Stingrays have long been a topic of concern for privacy activists. “Cell-site simulators are powerful surveillance devices that can track people, including in their homes, and collect information on innocent bystanders,” said Mariko Hirose, a senior staff attorney at the NYCLU.  “If they are going to be used in communities the police should at minimum obtain a warrant and follow written policies.” Instead, law enforcement agencies have fought to keep Stingrays secret, even dropping criminal cases to avoid disclosing anything about them. The FBI has forced local police agencies to sign Stingray-related non-disclosure agreements, claiming that criminals and terrorists who know about Stingrays could take countermeasures against them. The increasing use of Stingrays, coupled with the lack of transparency, has alarmed civil liberties groups. “I think it’s critical to have transparency about the use of technology like Stingrays,” said Faiza Patel, an attorney with the Brennan Center for Justice. “That’s what allows courts, the public, and our elected officials to weigh in on the proper rules.”
  • ...1 more annotation...
  • In September, the Department of Justice issued guidelines requiring its officers to seek probable cause warrants before using a Stingray. But the guidelines only applied to federal law enforcement agencies, not to state and local police, who have fought such a change. In one ongoing court case, the state of Maryland has argued that anyone who turns on their phone consents to having his or her location tracked. In November, Senator Ron Wyden, D-Ore., and Rep. Jason Chaffetz, R-Utah, introduced the GPS Act, a bill that would extend the Department of Justice’s guidelines to all law enforcement agencies. “Buying a smartphone shouldn’t be interpreted as giving the government a free pass to track your movements,” Wyden said.
Paul Merrell

US pushing local cops to stay mum on surveillance - Yahoo News - 0 views

news.yahoo.com/;_ylt=AwrBJR4e65lTwmEAb7zQtDMD

surveillance state location-data public-records-acts litigation stingrays

shared by Paul Merrell on 13 Jun 14 - No Cached
  • WASHINGTON (AP) -- The Obama administration has been quietly advising local police not to disclose details about surveillance technology they are using to sweep up basic cellphone data from entire neighborhoods, The Associated Press has learned. Citing security reasons, the U.S. has intervened in routine state public records cases and criminal trials regarding use of the technology. This has resulted in police departments withholding materials or heavily censoring documents in rare instances when they disclose any about the purchase and use of such powerful surveillance equipment. Federal involvement in local open records proceedings is unusual. It comes at a time when President Barack Obama has said he welcomes a debate on government surveillance and called for more transparency about spying in the wake of disclosures about classified federal surveillance programs.
  • One well-known type of this surveillance equipment is known as a Stingray, an innovative way for law enforcement to track cellphones used by suspects and gather evidence. The equipment tricks cellphones into identifying some of their owners' account information, like a unique subscriber number, and transmitting data to police as if it were a phone company's tower. That allows police to obtain cellphone information without having to ask for help from service providers, such as Verizon or AT&T, and can locate a phone without the user even making a call or sending a text message. But without more details about how the technology works and under what circumstances it's used, it's unclear whether the technology might violate a person's constitutional rights or whether it's a good investment of taxpayer dollars. Interviews, court records and public-records requests show the Obama administration is asking agencies to withhold common information about the equipment, such as how the technology is used and how to turn it on. That pushback has come in the form of FBI affidavits and consultation in local criminal cases.
  • "These extreme secrecy efforts are in relation to very controversial, local government surveillance practices using highly invasive technology," said Nathan Freed Wessler, a staff attorney with the American Civil Liberties Union, which has fought for the release of these types of records. "If public participation means anything, people should have the facts about what the government is doing to them." Harris Corp., a key manufacturer of this equipment, built a secrecy element into its authorization agreement with the Federal Communications Commission in 2011. That authorization has an unusual requirement: that local law enforcement "coordinate with the FBI the acquisition and use of the equipment." Companies like Harris need FCC authorization in order to sell wireless equipment that could interfere with radio frequencies. A spokesman from Harris Corp. said the company will not discuss its products for the Defense Department and law enforcement agencies, although public filings showed government sales of communications systems such as the Stingray accounted for nearly one-third of its $5 billion in revenue. "As a government contractor, our solutions are regulated and their use is restricted," spokesman Jim Burke said.
  • ...4 more annotations...
  • Local police agencies have been denying access to records about this surveillance equipment under state public records laws. Agencies in San Diego, Chicago and Oakland County, Michigan, for instance, declined to tell the AP what devices they purchased, how much they cost and with whom they shared information. San Diego police released a heavily censored purchasing document. Oakland officials said police-secrecy exemptions and attorney-client privilege keep their hands tied. It was unclear whether the Obama administration interfered in the AP requests. "It's troubling to think the FBI can just trump the state's open records law," said Ginger McCall, director of the open government project at the Electronic Privacy Information Center. McCall suspects the surveillance would not pass constitutional muster. "The vast amount of information it sweeps in is totally irrelevant to the investigation," she said.
  • A court case challenging the public release of information from the Tucson Police Department includes an affidavit from an FBI special agent, Bradley Morrison, who said the disclosure would "result in the FBI's inability to protect the public from terrorism and other criminal activity because through public disclosures, this technology has been rendered essentially useless for future investigations." Morrison said revealing any information about the technology would violate a federal homeland security law about information-sharing and arms-control laws — legal arguments that that outside lawyers and transparency experts said are specious and don't comport with court cases on the U.S. Freedom of Information Act. The FBI did not answer questions about its role in states' open records proceedings.
  • But a former Justice Department official said the federal government should be making this argument in federal court, not a state level where different public records laws apply. "The federal government appears to be attempting to assert a federal interest in the information being sought, but it's going about it the wrong way," said Dan Metcalfe, the former director of the Justice Department's office of information and privacy. Currently Metcalfe is the executive director of American University's law school Collaboration on Government Secrecy project. A criminal case in Tallahassee cites the same homeland security laws in Morrison's affidavit, court records show, and prosecutors told the court they consulted with the FBI to keep portions of a transcript sealed. That transcript, released earlier this month, revealed that Stingrays "force" cellphones to register their location and identifying information with the police device and enables officers to track calls whenever the phone is on.
  • One law enforcement official familiar with the Tucson lawsuit, who spoke on condition of anonymity because the official was not authorized to speak about internal discussions, said federal lawyers told Tucson police they couldn't hand over a PowerPoint presentation made by local officers about how to operate the Stingray device. Federal officials forwarded Morrison's affidavit for use in the Tucson police department's reply to the lawsuit, rather than requesting the case be moved to federal court. In Sarasota, Florida, the U.S. Marshals Service confiscated local records on the use of the surveillance equipment, removing the documents from the reach of Florida's expansive open-records law after the ACLU asked under Florida law to see the documents. The ACLU has asked a judge to intervene. The Marshals Service said it deputized the officer as a federal agent and therefore the records weren't accessible under Florida law.
  • Paul Merrell on 13 Jun 14
     
    The Florida case is particularly interesting because Florida is within the jurisdiction of the U.S. Eleventh Circuit Court of Appeals, which has just ruled that law enforcement must obtain a search warrant from a court before using equipment to determine a cell phone's location.  
Paul Merrell

FBI says search warrants not needed to use "stingrays" in public places | Ars Technica - 0 views

arstechnica.com/...se-stringrays-in-public-places

surveillance state stingrays DoJ privacy 4th Amendment

shared by Paul Merrell on 08 Jan 15 - No Cached
  • The Federal Bureau of Investigation is taking the position that court warrants are not required when deploying cell-site simulators in public places. Nicknamed "stingrays," the devices are decoy cell towers that capture locations and identities of mobile phone users and can intercept calls and texts. The FBI made its position known during private briefings with staff members of Senate Judiciary Committee Chairman Patrick Leahy (D-Vt.) and Sen. Chuck Grassley (R-Iowa). In response, the two lawmakers wrote Attorney General Eric Holder and Homeland Security chief Jeh Johnson, maintaining they were "concerned about whether the FBI and other law enforcement agencies have adequately considered the privacy interests" of Americans. According to the letter, which was released last week: For example, we understand that the FBI’s new policy requires FBI agents to obtain a search warrant whenever a cell-site simulator is used as part of a FBI investigation or operation, unless one of several exceptions apply, including (among others): (1) cases that pose an imminent danger to public safety, (2) cases that involve a fugitive, or (3) cases in which the technology is used in public places or other locations at which the FBI deems there is no reasonable expectation of privacy.
  • The letter was prompted in part by a Wall Street Journal report in November that said the Justice Department was deploying small airplanes equipped with cell-site simulators that enabled "investigators to scoop data from tens of thousands of cellphones in a single flight, collecting their identifying information and general location." The bureau's position on Americans' privacy isn't surprising. The Obama Administration has repeatedly maintained that the public has no privacy in public places. It began making that argument as early as 2010, when it told a federal appeals court that the authorities should be allowed to affix GPS devices on vehicles and track a suspect's every move without court authorization. The Supreme Court, however, eventually ruled that warrants are required. What's more, the administration has argued that placing a webcam with pan-and-zoom capabilities on a utility pole to spy on a suspect at his or her residence was no different from a police officer's observation from the public right-of-way. A federal judge last month disagreed with the government's position, tossing evidence gathered by the webcam that was operated from afar.
  • In their letter, Leahy and Grassley complained that little is known about how stingrays, also known as ISMI catchers, are used by law enforcement agencies. The Harris Corp., a maker of the devices from Florida, includes non-disclosure clauses with buyers. Baltimore authorities cited a non-disclosure agreement to a judge in November as their grounds for refusing to say how they tracked a suspect's mobile phone. They eventually dropped charges rather than disclose their techniques. Further, sometimes the authorities simply lie to judges about their use or undertake other underhanded methods to prevent the public from knowing that the cell-site simulators are being used.
  • ...1 more annotation...
  • Hanni Fakhoury, an attorney for the Electronic Frontier Foundation, said some states and judges are pushing back against stingrays. "In Tacoma, judges now require police (to) specifically note they plan to use an IMSI catcher and promise not to store data collected from people who are not investigation targets," he said. "The Florida and Massachusetts state supreme courts ruled warrants were necessary for real-time cell phone tracking. Nine states—Colorado, Illinois, Indiana, Maryland, Minnesota, Tennessee, Utah, Virginia, and Wisconsin—passed laws specifically requiring police to use a warrant to track a cell phone in real time."
  • Paul Merrell on 08 Jan 15
     
    Is there any problem here that couldn't be cured by discharge and public flogging for any government official caught using information derived from a stingray?
Paul Merrell

The NSA says it 'obviously' can track locations without a warrant. That's not so obvious. - 0 views

www.washingtonpost.com/...a-warrant-thats-not-so-obvious

surveillance state NSA NSA-targets location-data constitutional law

shared by Paul Merrell on 05 Dec 13 - No Cached
  • In conversations with The Washington Post over Barton Gellman and Ashkan Soltani's recent story on cellphone location tracking, an intelligence agency lawyer told Gellman, "obviously there is no Fourth Amendment expectation in communications metadata.” But some experts say it's far from obvious that the 1979 Supreme Court case on which the administration bases this view gives the government unfettered power to scoop up Americans' cellphone location data.
  • And there's some reason to believe that a majority of the current Supreme Court justices might agree with her on the location data aspect of metadata. The most recent Supreme Court case involving location tracking, United States v. Jones was settled on narrow trespassing grounds in 2012. But five Supreme Court justices signed on to concurring opinions that questioned whether Smith v. Maryland holds up in the face of modern technology.  An opinion concurring in judgment with the Jones decision written by Justice Samuel Alito, and joined by Justices Ruth Bader Ginsburg, Stephen Breyer and Elena Kagan specifically noted the prevalence of smartphones and argued that "the use of longer term GPS monitoring in investigations of most offenses impinges on expectations of privacy."
  • A separate concurring opinion from a fifth justice, Sonia Sotomayor made many of the same arguments, saying "fundamentally, it may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties" -- and even went further by arguing that "awareness that the Government may be watching chills associational and expressive freedoms."
  • Paul Merrell on 05 Dec 13
     
    A Supreme Court majority also specifically reserved judgment on whether the principles of Smith v. Maryland would apply in cases involving dragnet surveillance, specifically referring to Smith, in the case of Amnesty International v. Clapper, last year. Both Amnesty Int'l  and Jones were decided before revelations of widespread NSA surveillance broke beginning in June, 2013. Since then, the mood of the nation has changed enormously, from ignorant to informed and mostly objecting.  That factor will weigh heavily in the Supreme Court's inevitable decision on whether dragnet seizure of call metadata is constitutional.   So it takes some chutzpah for government lawyers to claim that Smith v. Maryland authorized warrantless gathering of telephone metadata in the dragnet context where no single person is suspected of a crime. The Supreme Court has never so held. At stake: whether we become an Orwellian state.
Paul Merrell

9 Calif. law enforcement agencies connected to cellphone spying technology - 0 views

www.news10.net/...6147381

surveillance state California police stingrays

shared by Paul Merrell on 16 Mar 14 - No Cached
  • News10 submitted numerous public records requests to every major law enforcement agency in Northern California to find out which departments are using StingRay technology. A StingRay is a device law enforcement uses to track people and collect real time data from every cellphone within a certain radius.
  • Some agencies provided documentation, but none would discuss how StingRays work, or even admit they have them. However, records show at least seven Northern California agencies have the technology and two more just received grants to buy it in 2014.
  • This graphic illustrates how a StingRay works. Signals from cellphones within the device's radius are bounced to law enforcement. The information relayed may include names, phone numbers, locations, call records and even text messages.
  • ...2 more annotations...
  • San Jose Police Department provided News10 with documentation that provided insight into what agencies have the technology and why they want it.A 2012 grant application submitted to the Bay Area Urban Area Shield Initiative (UASI), which was approved, said San Jose police requested feedback from numerous other agencies that already use StingRays."Research of the product included testing by San Jose Police and technology and equipment feedback from the U.S. Marshals Service, (REDACTED), the Oakland Police Department, the Sacramento Sheriff's Department, the San Diego Sheriff's Department, the Los Angeles Police Department, and the Los Angeles Sheriff's Department. This technology is in use at the law enforcement agencies listed [above]," the application states.They explain how the surveillance system would be used in conjunction with Oakland and San Francisco police in another section of the grant application."We will work with the Fusion Center to partner with San Francisco and Oakland to ensure we have the ability to cover all of the Bay Area in deploying cellphone tracking technology in any region of the Bay Area at a moment's notice."
  • Terrorism is used as the primary justification for purchasing StingRay technology in every grant application obtained by News10. San Jose police, Fremont police, the Alameda County District Attorney's Office and Oakland police say a StingRay could be used to track and disrupt terrorist networks and protect critical infrastructure.However, arrest records from Oakland and Los Angeles show that StingRays are being used for routine police work. Lye says the potential for "mission creep" is concerning."Mission creep is an unfortunate but extremely common phenomenon with surveillance technology," she said. "By 'mission creep,' I mean the phenomenon in which one purpose is offered to justify the collection of the data, but the data is ultimately used for many other entirely separate purposes."
Paul Merrell

NSA tracking cellphone locations worldwide, Snowden documents show - The Washington Post - 0 views

www.washingtonpost.com/...3-bc56-c6ca94801fac_story.html

surveillance state NSA NSA-targets location-data

shared by Paul Merrell on 05 Dec 13 - No Cached
  • The National Security Agency is gathering nearly 5 billion records a day on the whereabouts of cellphones around the world, according to top-secret documents and interviews with U.S. intelligence officials, enabling the agency to track the movements of individuals — and map their relationships — in ways that would have been previously unimaginable. The records feed a vast database that stores information about the locations of at least hundreds of millions of devices, according to the officials and the documents, which were provided by former NSA contractor Edward Snowden. New projects created to analyze that data have provided the intelligence community with what amounts to a mass surveillance tool.
Paul Merrell

How The CIA Can Send A Drone After Any Mobile Phone | Fast Company | Business + Innovation - 0 views

www.fastcompany.com/...a-drone-after-any-mobile-phone

surveillance state NSA Cell-phone-tracking

shared by Paul Merrell on 19 Nov 13 - No Cached
  • Since 2001, armed Predator drones have been used by the CIA in many foreign nations to attack individuals on the ground. There's a new revelation about them, too: In some cases, the NSA helped the CIA find targets by locking onto their powered-off mobile phones. Even when phones have their batteries removed, it appears the NSA still has the ability to locate them. Buried inside a Washington Post story by Dana Priest is the following tidbit: By September 2004, a new NSA technique enabled the agency to find cellphones even when they were turned off. JSOC troops called this "The Find," and it gave them thousands of new targets, including members of a burgeoning al-Qaeda-sponsored insurgency in Iraq, according to members of the unit. At the same time, the NSA developed a new computer linkup called the Real Time Regional Gateway into which the military and intelligence officers could feed every bit of data or seized documents and get back a phone number or list of potential targets. It also allowed commanders to see, on a screen, every type of surveillance available in a given territory.
  • "The Find," the Post article says, is run by a team in the basement of the NSA's headquarters whose job is to track the location of mobile phones in real time. Because many phones have chips that stay on even after a battery has been removed, tracking powered-down phones is within the realm of possibility. The revelations fit right in with the Edward Snowden disclosures, but the NSA isn't the only one tracking phones: Other government agencies and private companies regularly track them without warrants or court orders as well.
Paul Merrell

How Edward Snowden Changed Everything | The Nation - 0 views

www.thenation.com/...ard-snowden-changed-everything

surveillance state Snowden Wizner state-of-play civil-liberties must-read

shared by Paul Merrell on 16 Nov 15 - No Cached
  • Ben Wizner, who is perhaps best known as Edward Snowden’s lawyer, directs the American Civil Liberties Union’s Speech, Privacy & Technology Project. Wizner, who joined the ACLU in August 2001, one month before the 9/11 attacks, has been a force in the legal battles against torture, watch lists, and extraordinary rendition since the beginning of the global “war on terror.” Ad Policy On October 15, we met with Wizner in an upstate New York pub to discuss the state of privacy advocacy today. In sometimes sardonic tones, he talked about the transition from litigating on issues of torture to privacy advocacy, differences between corporate and state-sponsored surveillance, recent developments in state legislatures and the federal government, and some of the obstacles impeding civil liberties litigation. The interview has been edited and abridged for publication.
  • en Wizner, who is perhaps best known as Edward Snowden’s lawyer, directs the American Civil Liberties Union’s Speech, Privacy & Technology Project. Wizner, who joined the ACLU in August 2001, one month before the 9/11 attacks, has been a force in the legal battles against torture, watch lists, and extraordinary rendition since the beginning of the global “war on terror.” Ad Policy On October 15, we met with Wizner in an upstate New York pub to discuss the state of privacy advocacy today. In sometimes sardonic tones, he talked about the transition from litigating on issues of torture to privacy advocacy, differences between corporate and state-sponsored surveillance, recent developments in state legislatures and the federal government, and some of the obstacles impeding civil liberties litigation. The interview has been edited and abridged for publication.
  • Many of the technologies, both military technologies and surveillance technologies, that are developed for purposes of policing the empire find their way back home and get repurposed. You saw this in Ferguson, where we had military equipment in the streets to police nonviolent civil unrest, and we’re seeing this with surveillance technologies, where things that are deployed for use in war zones are now commonly in the arsenals of local police departments. For example, a cellphone surveillance tool that we call the StingRay—which mimics a cellphone tower and communicates with all the phones around—was really developed as a military technology to help identify targets. Now, because it’s so inexpensive, and because there is a surplus of these things that are being developed, it ends up getting pushed down into local communities without local democratic consent or control.
  • ...4 more annotations...
  • SG & TP: How do you see the current state of the right to privacy? BW: I joked when I took this job that I was relieved that I was going to be working on the Fourth Amendment, because finally I’d have a chance to win. That was intended as gallows humor; the Fourth Amendment had been a dishrag for the last several decades, largely because of the war on drugs. The joke in civil liberties circles was, “What amendment?” But I was able to make this joke because I was coming to Fourth Amendment litigation from something even worse, which was trying to sue the CIA for torture, or targeted killings, or various things where the invariable outcome was some kind of non-justiciability ruling. We weren’t even reaching the merits at all. It turns out that my gallows humor joke was prescient.
  • The truth is that over the last few years, we’ve seen some of the most important Fourth Amendment decisions from the Supreme Court in perhaps half a century. Certainly, I think the Jones decision in 2012 [U.S. v. Jones], which held that GPS tracking was a Fourth Amendment search, was the most important Fourth Amendment decision since Katz in 1967 [Katz v. United States], in terms of starting a revolution in Fourth Amendment jurisprudence signifying that changes in technology were not just differences in degree, but they were differences in kind, and require the Court to grapple with it in a different way. Just two years later, you saw the Court holding that police can’t search your phone incident to an arrest without getting a warrant [Riley v. California]. Since 2012, at the level of Supreme Court jurisprudence, we’re seeing a recognition that technology has required a rethinking of the Fourth Amendment at the state and local level. We’re seeing a wave of privacy legislation that’s really passing beneath the radar for people who are not paying close attention. It’s not just happening in liberal states like California; it’s happening in red states like Montana, Utah, and Wyoming. And purple states like Colorado and Maine. You see as many libertarians and conservatives pushing these new rules as you see liberals. It really has cut across at least party lines, if not ideologies. My overall point here is that with respect to constraints on government surveillance—I should be more specific—law-enforcement government surveillance—momentum has been on our side in a way that has surprised even me.
  • Do you think that increased privacy protections will happen on the state level before they happen on the federal level? BW: I think so. For example, look at what occurred with the death penalty and the Supreme Court’s recent Eighth Amendment jurisprudence. The question under the Eighth Amendment is, “Is the practice cruel and unusual?” The Court has looked at what it calls “evolving standards of decency” [Trop v. Dulles, 1958]. It matters to the Court, when it’s deciding whether a juvenile can be executed or if a juvenile can get life without parole, what’s going on in the states. It was important to the litigants in those cases to be able to show that even if most states allowed the bad practice, the momentum was in the other direction. The states that were legislating on this most recently were liberalizing their rules, were making it harder to execute people under 18 or to lock them up without the possibility of parole. I think you’re going to see the same thing with Fourth Amendment and privacy jurisprudence, even though the Court doesn’t have a specific doctrine like “evolving standards of decency.” The Court uses this much-maligned test, “Do individuals have a reasonable expectation of privacy?” We’ll advance the argument, I think successfully, that part of what the Court should look at in considering whether an expectation of privacy is reasonable is showing what’s going on in the states. If we can show that a dozen or eighteen state legislatures have enacted a constitutional protection that doesn’t exist in federal constitutional law, I think that that will influence the Supreme Court.
  • The question is will it also influence Congress. I think there the answer is also “yes.” If you’re a member of the House or the Senate from Montana, and you see that your state legislature and your Republican governor have enacted privacy legislation, you’re not going to be worried about voting in that direction. I think this is one of those places where, unlike civil rights, where you saw most of the action at the federal level and then getting forced down to the states, we’re going to see more action at the state level getting funneled up to the federal government.
  • Paul Merrell on 16 Nov 15
     
    A must-read. Ben Wizner discusses the current climate in the courts in government surveillance cases and how Edward Snowden's disclosures have affected that, and much more. Wizner is not only Edward Snowden's lawyer, he is also the coordinator of all ACLU litigation on electronic surveillance matters.
Paul Merrell

NSA says it considered collecting phone call location data - Los Angeles Times - 0 views

articles.latimes.com/...a-na-nsa-surveillance-20131003

surveillance state NSA Clapper Alexander Wyden location-data lies

shared by Paul Merrell on 14 Feb 14 - No Cached
  • The National Security Agency collected samples of records showing where Americans were when they made mobile phone calls in 2010 and 2011 to test how it could obtain and process the data in bulk, but decided not to move forward with the plan, intelligence officials disclosed Wednesday.The admission by NSA chief Keith Alexander to a Senate committee solved part of a mystery about the digital spying agency's involvement with data that could reveal the day-to-day movements of — and deeply personal information about — every cellphone user.
  • Sen. Ron Wyden (D-Ore.), who receives classified briefings as a member of the Senate Intelligence Committee, had been pressing the NSA to acknowledge its flirtation with bulk collection of U.S. location data. He said in a statement there was more to the story, but did not elaborate."After years of stonewalling on whether the government has ever tracked or planned to track the location of law-abiding Americans through their cellphones, once again, the intelligence leadership has decided to leave most of the real story secret — even when the truth would not compromise national security," Wyden said.
  • The NSA already vacuums up as much mobile phone location data on foreign targets outside the U.S. as it can get, former officials say.The news of the NSA's location data test emerged at a Senate Judiciary Committee hearing on agency surveillance as the director of national intelligence, James R. Clapper, offered a new rationale for the agency's controversial collection of U.S. calling records in bulk.
  • ...1 more annotation...
  • "We have heard over and over again the assertion that 54 terrorist plots were thwarted by the use of Section 215 and/or Section 702 authorities," Leahy said, referring to parts of surveillance law. "That's plainly wrong, but we still get it in letters to members of Congress; we get it in statements. These weren't all plots, and they weren't all thwarted. The American people are getting left with an inaccurate impression of the effectiveness of NSA programs."Alexander acknowledged that only in two cases at most could officials say that domestic terrorist activity would not have been detected without the collection of American phone records.But Clapper added that determining "plots foiled" was not the only way to measure the usefulness of the domestic phone database. The records also allow analysts to rule out domestic conspiracies, he said."I would call it the 'peace of mind' metric," he said.
  • Paul Merrell on 14 Feb 14
     
    Alexander says they don't collect location-data on U.S. citizens, then Wyden all but calls him a liar.  And check Clapper's admission that NSA's call metadata program offers nothing but his own "peace of mind."
Paul Merrell

Keith Alexander Refutes Claims NSA Doesn't Get Cell Data | emptywheel - 0 views

www.emptywheel.net/...laims-nsa-doesnt-get-cell-data

surveillance state NSA cellphone-tracking

shared by Paul Merrell on 21 Feb 14 - No Cached
  • Eight days ago, the country’s four major newspapers reported a claim that the NSA collected 33% or less of US phone records (under the Section 215 program, they should have specified, but did not) because it couldn’t collect most cell phone metadata:
  • Since that time, I have pointed to a number of pieces of evidence that suggest these claims are only narrowly true: A WSJ article from June made it clear the cell gap, such as it existed, existed primarily for Verizon and T-Mobile, but their calls were collected via other means (the WaPo and NYT both noted this in their stories without considering how WSJ’s earlier claim it was still near-comprehensive contradicted the 33% claim) The NSA’s claimed Section 215 dragnet successes — Basaaly Moalin, Najibullah Zazi, Tsarnaev brothers — all involved cell users
  • Identifying Moalin via the dragnet likely would have been impossible if NSA didn’t have access to T-Mobile cell data The phone dragnet orders specifically included cell phone identifiers starting in 2008 Also since 2008, phone dragnet orders seem to explicitly allow contact-chaining on cell identifiers, and several of the tools they use with phone dragnet data specifically pertain to cell phones
  • ...2 more annotations...
  • Now you don’t have to take my word for it. Here’s what Keith Alexander had to say about the claim Friday: Responding to a question about recent reports that the NSA collects data on only 20% to 30% of calls involving U.S. numbers, Alexander acknowledged that the agency doesn’t have full coverage of those calls. He wouldn’t say what fraction of the calls NSA gets information on, but specifically denied that the agency is completely missing data on calls made with cell phones. “That part is not true,” he said. “We don’t get it all. We don’t get 100% of the data. It’s not where we want it to be, but it has been sufficient to go after the key targets that we’re going after.” [my emphasis] Admittedly, Alexander is not always entirely honest, so it’s possible he’s just trying to dissuade terrorists from using cellphones while the NSA isn’t tracking them. But he points to the same evidence I did — that NSA has gotten key targets who use cell phones.
  • There’s something else Alexander said that might better explain the slew of claims that it can’t collect cell phone data. The NSA director, who is expected to retire within weeks, indicated that some of the gaps in coverage are due to the fact that the NSA “paused any changes to the program” during the recent controversy and discussions about restructuring the effort. The NSA has paused changes to the program. This echoes WaPo and WSJ reports that crises (they cited both the 2009 and current crisis) delayed some work on integrating cell data, but suggests that NSA was already making changes when the Snowden leaks started.
Paul Merrell

New documents show how the NSA infers relationships based on mobile location data - 0 views

www.washingtonpost.com/...-based-on-mobile-location-data

surveillance state NSA NSA-targets location-data NSA-reords

shared by Paul Merrell on 12 Dec 13 - No Cached
  • Everyone who carries a cellphone generates a trail of electronic breadcrumbs that records everywhere they go. Those breadcrumbs reveal a wealth of information about who we are, where we live, who our friends are and much more. And as we reported last week, the National Security Agency is collecting location information in bulk — 5 billion records per day worldwide — and using sophisticated algorithms to assist with U.S. intelligence-gathering operations. How do they do it? And what can they learn from location data? The latest documents show the extent of the location-tracking program we first reported last week. Read on to learn more about what the documents show.
  • Paul Merrell on 12 Dec 13
     
    Very detailed report on NSA's gathering of location data and what they do with it. Includes many NSA docs as downloads.
Paul Merrell

Edward Snowden doesn't deserve clemency: The NSA leaker hasn't proved he is a whistlebl... - 0 views

www.slate.com/...r_hasn_t_proved_he.single.html

surveillance state NSA Snowden amnesty

shared by Paul Merrell on 06 Jan 14 - No Cached
  • And yet I firmly disagree with the New York Times’ Jan. 1 editorial (“Edward Snowden, Whistle-Blower”), calling on President Obama to grant Snowden “some form of clemency” for the “great service” he has done for his country.
  • If that were all that Snowden had done, if his stolen trove of beyond-top-secret documents had dealt only with the NSA’s domestic surveillance, then some form of leniency might be worth discussing. But Snowden did much more than that. The documents that he gave the Washington Post’s Barton Gellman and the Guardian’s Glenn Greenwald have, so far, furnished stories about the NSA’s interception of email traffic, mobile phone calls, and radio transmissions of Taliban fighters in Pakistan’s northwest territories; about an operation to gauge the loyalties of CIA recruits in Pakistan; about NSA email intercepts to assist intelligence assessments of what’s going on inside Iran; about NSA surveillance of cellphone calls “worldwide,” an effort that (in the Post’s words) “allows it to look for unknown associates of known intelligence targets by tracking people whose movements intersect.” In his first interview with the South China Morning Post, Snowden revealed that the NSA routinely hacks into hundreds of computers in China and Hong Kong. These operations have nothing to do with domestic surveillance or even spying on allies. They are not illegal, improper, or (in the context of 21st-century international politics) immoral. Exposing such operations has nothing to do with “whistle-blowing.”
  • Paul Merrell on 06 Jan 14
     
    Another "kill the messenger" piece on Edward Snowden, this one by a Council on Foreign Relations analyst. 
Paul Merrell

Is the Government's Aerial Smartphone Surveillance Program Legal? | TIME - 0 views

time.com/...government-aerial-surveillance

surveillance-state DoJ aerial-stingrays location-data

shared by Paul Merrell on 18 Nov 14 - No Cached
  • Still, is the Justice Department’s airborne dragnet program legal? The answer is “maybe.” Federal authorities have employed similar tools in the past. The Federal Bureau of Investigation is known to use a surveillance tool called a “stingray,” a portable transceiver that tricks cell phones within a certain area into relaying their locations, not unlike the equipment onboard the Marshals’ aircraft. A government vehicle with a stingray can net hundreds of nearby cell phones’ approximate locations just by driving through a typical neighborhood. The government has said it doesn’t need a probable cause warrant to use stingrays because investigators don’t collect the content of phone calls, just the locations of those phones. Government officials, meanwhile, have said they get court approval to use the devices. Much of the government’s warrantless use of stingray-style technology hinges on a 1979 Supreme Court decision titled Smith v. Maryland. Smith involved law enforcement’s use of a device called a pen register that, when attached to a suspect’s phone line, recorded the numbers of outgoing calls, but not the calls themselves. The Smith decision upheld the warrantless use of such devices because the suspect’s phone company would record the same data picked up by the pen register, and therefore the suspect had no reasonable expectation of privacy when it came to that information. Currently, the law requires a court to approve the use of a pen register, but investigators only have to show that the device’s use is “relevant to an ongoing criminal investigation,” a much weaker standard than a probable cause warrant requires.
  • However, to get back to the Smith decision, wireless carriers do store your location history for several months to several years, information they obtain by keeping a record of the cell towers to which your device connects as you move from place to place. That could mean Americans don’t have a reasonable expectation of privacy over their location data and the Smith precedent applies, making the DoJ’s aerial surveillance program legal. Still, that would be a matter for the courts to decide. “There are a lot of tricky questions whether a stingray or dirtbox operated by the government directly is a pen register, or the Fourth Amendment concerns dismissed by the Supreme Court 35 years ago in Smith v. Maryland are more applicable here,” Fakhoury said.
  • Hanni Fakhoury, an attorney at the pro-privacy Electronic Frontier Foundation, says the Department of Justice could use the Smith precedent as legal justification for the airborne dirtbox program. However, Fakhoury also highlighted a key problem with that argument: Location. Pen registers aren’t intended to pick up location data beyond an area code, whereas the airborne dirtboxes can track a person down to a single building. Many courts, he said, have expressed that location data deserves greater constitutional protection than is afforded to other kinds of information.
  • ...2 more annotations...
  • Civil rights groups are raising serious constitutional questions about the Justice Department’s use of dragnet technology onboard aircraft to collect data from suspects’ cell phones, as reported by the Wall Street Journal Thursday.
  • The Justice Department said it could not confirm or deny the existence of the program. But a department official said that all federal investigations are consistent with federal law and are subject to court approval. That official also said the Marshals Service does not maintain any databases of cell phone information — meaning the program could possibly only be used to track the whereabouts of suspects on a case-by-case basis and that it’s vastly different in nature from the kinds of sweeping government surveillance programs first revealed by Edward Snowden.
  • Paul Merrell on 18 Nov 14
     
    Smith v. Maryland is a dead precedent for mass surveillance after the Supreme Court's ruling in Riley v. California. It awaits only the judicial coup de grace. 
1 - 20 of 33 Next ›
Showing 20 items per page