REVIEW RSS FEED
TAPE SAYS SPRINT FED PRIVATE GPS DATA TO COPS OVER 8 MILLION TIMES
Ars Technica - Christopher Soghoian, a graduate student at Indiana University's School of Informatics and Computing, has made public an audio recording of Sprint/Nextel's Electronic Surveillance Manager describing how his company has provided GPS location data about its wireless customers to law enforcement over 8 million times. That's potentially millions of Sprint/Nextel customers who not only were probably unaware that their wireless provider even had an Electronic Surveillance Department, but who certainly did not know that law enforcement offers could log into a special Sprint Web portal and, without ever having to demonstrate probable cause to a judge, gain access to geo-location logs detailing where they've been and where they are.
Through a mix of documents unearthed by Freedom of Information Act requests and the aforementioned recording, Soghoian describes how "the government routinely obtains customer records from ISPs detailing the telephone numbers dialed, text messages, emails and instant messages sent, web pages browsed, the queries submitted to search engines, and geo-location data, detailing exactly where an individual was located at a particular date and time."
The fact that federal, state, and local law enforcement can obtain communications "metadata"-URLs of sites visited, e-mail message headers, numbers dialed, GPS locations, etc.-without any real oversight or reporting requirements should be shocking, but it isn't. The courts ruled in 2005 that law enforcement doesn't need to show probable cause to obtain your physical location via the cell phone grid. All of the aforementioned metadata can be accessed with an easy-to-obtain pen register/trap & trace order. But given the volume of requests, it's hard to imagine that the courts are involved in all of these.
Soghoian's lengthy post makes at least two important points, the first of which is that there are no reliable statistics on the real volume and scope of government surveillance because such numbers are either not published (sometimes in violation of the legally mandated reporting requirements) or they contain huge gaps. The second point is that the lack of reporting makes it difficult to determine just how involved the courts actually are in all of this, in terms of whether these requests are all backed by subpoenas.
Underlying both of these issues is the fact that Sprint has made it so easy for law enforcement to gain access to customer data on a 24/7 basis through the use of its Web portal and large compliance department. Regarding the latter, here's another quote from Paul Taylor, the aforementioned Sprint/Nextel Electronic Surveillance Manager:
"In the electronic surveillance group at Sprint, I have 3 supervisors. 30 ES techs, and 15 contractors. On the subpoena compliance side, which is anything historical, stored content, stored records, is about 35 employees, maybe 4-5 supervisors, and 30 contractors. There's like 110 all together.
"My major concern is the volume of requests. We have a lot of things that are automated but that's just scratching the surface. One of the things, like with our GPS tool. We turned it on the web interface for law enforcement about one year ago last month, and we just passed 8 million requests. So there is no way on earth my team could have handled 8 million requests from law enforcement, just for GPS alone. So the tool has just really caught on fire with law enforcement. They also love that it is extremely inexpensive to operate and easy, so, just [because of] the sheer volume of requests they anticipate us automating other features, and I just don't know how we'll handle the millions and millions of requests that are going to come in."
I'm sure they'll find some way to deal with the "millions and millions" of warrantless surveillance requests, and no one will bother to even curb the practice, much less stop it. I've been reporting on this exact metadata/surveillance issue for years now, and it just gets worse. The stressed, jobless, indebted public doesn't care, and Congress doesn't either. If I'm still on this beat in 5 years, I'm sure I'll still be rewriting this same story for the thousandth time.
NY Times editorial - The Ohio Supreme Court has struck an important blow for privacy rights, ruling that the police need a warrant to search a cellphone. The court rightly recognized that cellphones today are a lot more than just telephones, that they hold a wealth of personal information and that the privacy interest in them is considerable. This was the first such ruling from a state supreme court. It is a model for other courts to follow.
Searches generally require warrants, but courts have carved out limited categories in which they are not needed. One of these is that police officers are allowed, when they arrest people, to search them and the area immediately surrounding them, as well as some kinds of containers in their possession.
When the police arrested Antwaun Smith on drug charges they seized his cellphone and searched it, examining his call records. The police did not have a warrant or the consent of Mr. Smith.
The Ohio Supreme Court ruled this month, by a 4-to-3 vote, that the search violated the Fourth Amendment's protection against unreasonable search and seizure. Rather than seeing a cellphone as a simple closed container, the majority noted that modern cellphones - especially ones that permit Internet access - are "capable of storing a wealth of digitized information."
This is information, the court said, for which people reasonably have a high expectation of privacy, and under established Fourth Amendment principles, police officers must get a search warrant before they can look through call logs or examine other data. The court wisely decided that it made no sense to try to distinguish among various kinds of cellphones based on what specific functions they have. All cellphones, the court said, fall under the search warrant requirement.
Few federal courts have considered the issue of cellphone searches, and they have disagreed about whether a warrant should be required. The Ohio ruling eloquently makes the case for why the very personal information that new forms of technology aggregate must be accorded a significant degree of privacy.
Through a mix of documents unearthed by Freedom of Information Act requests and the aforementioned recording, Soghoian describes how "the government routinely obtains customer records from ISPs detailing the telephone numbers dialed, text messages, emails and instant messages sent, web pages browsed, the queries submitted to search engines, and geo-location data, detailing exactly where an individual was located at a particular date and time."
The fact that federal, state, and local law enforcement can obtain communications "metadata"-URLs of sites visited, e-mail message headers, numbers dialed, GPS locations, etc.-without any real oversight or reporting requirements should be shocking, but it isn't. The courts ruled in 2005 that law enforcement doesn't need to show probable cause to obtain your physical location via the cell phone grid. All of the aforementioned metadata can be accessed with an easy-to-obtain pen register/trap & trace order. But given the volume of requests, it's hard to imagine that the courts are involved in all of these.
Soghoian's lengthy post makes at least two important points, the first of which is that there are no reliable statistics on the real volume and scope of government surveillance because such numbers are either not published (sometimes in violation of the legally mandated reporting requirements) or they contain huge gaps. The second point is that the lack of reporting makes it difficult to determine just how involved the courts actually are in all of this, in terms of whether these requests are all backed by subpoenas.
Underlying both of these issues is the fact that Sprint has made it so easy for law enforcement to gain access to customer data on a 24/7 basis through the use of its Web portal and large compliance department. Regarding the latter, here's another quote from Paul Taylor, the aforementioned Sprint/Nextel Electronic Surveillance Manager:
"In the electronic surveillance group at Sprint, I have 3 supervisors. 30 ES techs, and 15 contractors. On the subpoena compliance side, which is anything historical, stored content, stored records, is about 35 employees, maybe 4-5 supervisors, and 30 contractors. There's like 110 all together.
"My major concern is the volume of requests. We have a lot of things that are automated but that's just scratching the surface. One of the things, like with our GPS tool. We turned it on the web interface for law enforcement about one year ago last month, and we just passed 8 million requests. So there is no way on earth my team could have handled 8 million requests from law enforcement, just for GPS alone. So the tool has just really caught on fire with law enforcement. They also love that it is extremely inexpensive to operate and easy, so, just [because of] the sheer volume of requests they anticipate us automating other features, and I just don't know how we'll handle the millions and millions of requests that are going to come in."
I'm sure they'll find some way to deal with the "millions and millions" of warrantless surveillance requests, and no one will bother to even curb the practice, much less stop it. I've been reporting on this exact metadata/surveillance issue for years now, and it just gets worse. The stressed, jobless, indebted public doesn't care, and Congress doesn't either. If I'm still on this beat in 5 years, I'm sure I'll still be rewriting this same story for the thousandth time.
NY Times editorial - The Ohio Supreme Court has struck an important blow for privacy rights, ruling that the police need a warrant to search a cellphone. The court rightly recognized that cellphones today are a lot more than just telephones, that they hold a wealth of personal information and that the privacy interest in them is considerable. This was the first such ruling from a state supreme court. It is a model for other courts to follow.
Searches generally require warrants, but courts have carved out limited categories in which they are not needed. One of these is that police officers are allowed, when they arrest people, to search them and the area immediately surrounding them, as well as some kinds of containers in their possession.
When the police arrested Antwaun Smith on drug charges they seized his cellphone and searched it, examining his call records. The police did not have a warrant or the consent of Mr. Smith.
The Ohio Supreme Court ruled this month, by a 4-to-3 vote, that the search violated the Fourth Amendment's protection against unreasonable search and seizure. Rather than seeing a cellphone as a simple closed container, the majority noted that modern cellphones - especially ones that permit Internet access - are "capable of storing a wealth of digitized information."
This is information, the court said, for which people reasonably have a high expectation of privacy, and under established Fourth Amendment principles, police officers must get a search warrant before they can look through call logs or examine other data. The court wisely decided that it made no sense to try to distinguish among various kinds of cellphones based on what specific functions they have. All cellphones, the court said, fall under the search warrant requirement.
Few federal courts have considered the issue of cellphone searches, and they have disagreed about whether a warrant should be required. The Ohio ruling eloquently makes the case for why the very personal information that new forms of technology aggregate must be accorded a significant degree of privacy.
Labels: CELL PHONES, CONSTITUTION, SEARCHES
1 Comments:
Ok, so I don't love Sprint either, but why the assasination of Sprint suddenly? When you realize that nearly 7.5 million of those requests for location were for "411" requests, it puts an entirely different light on the subject. We surely would not want anyone to need a warrant for an emergency responce, would we? And another thing.. No one has published articles about Verizon (my carrier) or ATT and the fact that they provide the same access to law enforcement. When you assume a conspiracy theory by Sprint, maybe we should investigate how many millions that were located by the government on those two networks. Since Verizon alone has twice as many subscribers as Sprint, could you assume verizon has allowed location information on as many as 16 million subscribers? The problem is not sprint, it is the government. Now THERE is a conspiracy theory you should sink your teeth into...
Post a Comment
<< Home