DOJ Apparently Last To Know About Widespread Stingray Usage/Secrecy; Vows To Look Into It

from the 'what-is-the-deal-with-all-these-Stingrays?'-no-longer-rhetorical dept

Mon, May 4th 2015 2:32pm — Tim Cushing

Considering the number of documents confirming the FBI's stranglehold on Stingray device information that have been made public in recent months (including the FBI's nearly-blank 5,000-page FOIA response), this move by the DOJ is a surprising development.

The Justice Department will start revealing more about the government’s use of secret cellphone tracking devices and has launched a wide-ranging review into how law-enforcement agencies deploy the technology, according to Justice officials.

Senior officials have also decided they must be more forthcoming about how and why the devices are used—although there isn’t yet agreement within the Justice Department about how much to reveal or how quickly.

So… caveats, obviously. There's more on the way, but we don't know when we'll get it, or how much it will actually be, but at least the DOJ will finally be taking a look at a technology that's being deployed by law enforcement agencies -- often without warrants. And when they do use warrants, they're often obtained with misleading affidavits so as to comply with the non-disclosure agreements the FBI forces them to sign before deploying the devices.

This is also surprising, considering the FBI wrote itself a large enough loophole to ensure it never needed to bother with this sort of paperwork.

In recent months, the Federal Bureau of Investigation has begun getting search warrants from judges to use the devices, which hunt criminal suspects by locating their cellphones, the officials said. For years, FBI agents didn’t get warrants to use the tracking devices.

One wonders how the Wall Street Journal knows this, considering the FBI is the last agency that would publicly confirm or deny anything about its Stingray usage. Perhaps some more documents are on the way whether the FBI likes it or not…

But it appears outside scrutiny has finally forced the DOJ to confront the all-encompassing secrecy surrounding Stingrays -- something that routinely excludes defendants and judges and sometimes stretches far enough to lock out other "good guys," like prosecutors and states' attorneys.

For the first time ever, legislators are beginning to ask uncomfortable questions about the technology. While the FBI can apparently blow off a majority of the US population -- including the judicial system -- it's not going to have nearly as much luck fending off determined lawmakers. The technology it loves could become the technology it can no longer have -- or at least see it subjected it to a number of requirements that would make it much less enjoyable to deploy.

Congressional scrutiny is never comfortable. But another contributing factor is the entities directly and indirectly involved with tracking cell phones: service providers. They're unhappy and they've got a pretty good idea how often requests for data are heading their way and how specious or redundant the requests are.

Federal law-enforcement and phone-company officials also have expressed concerns that some local police authorities were abusing a legal shortcut by submitting an inordinate number of requests for cellphone information, according to people familiar with the matter.

Some of this is parallel construction. Some of this is abuse of an avenue previously used to acquire specifically-targeted information: pen register/trap and trace orders. It's already public knowledge that law enforcement agencies -- backed by the FBI's own legal rationalizations -- are using these to cover Stingray usage and/or bypass warrant requirements.

On top of this, law enforcement agencies are busy ensuring that the words "exigent circumstances" become as meaningless as "relevant" or "probable cause."

About a year ago, Baltimore police officials began deluging some phone companies with requests for customer cellphone information, claiming it couldn’t wait for a judge’s order, according to people familiar with the matter. Normally, police need a court order to get that kind of information about a phone customer. But there is an exception for emergency requests. Phone companies’ rules vary, but they generally allow emergency requests to be fulfilled in missing-persons cases or when there is a risk of death or serious injury. Typically, the phone company employee doesn’t ask questions to verify the nature of the emergency.

No doubt the Baltimore PD used the hell out of this loophole, what with its 4,300 Stingray deployments over a seven-year period.

Whether this examination by the DOJ will result in any meaningful changes is debatable. It could easily decide that everyone's following all the rules, at least as far as the FBI's interpretation of statutes governing pen register orders. That it's actually securing warrants is a positive sign, but it would be nice to see if the affidavits actually specify the devices used to perform the "search." It's one thing to gather data on phone calls. It's quite another to lock down where that phone is located by sifting through everyone's data while pretending to be a cell tower -- especially considering the devices also have the capability to intercept certain communications.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: doj, imsi catcher, secrecy, stingray, surveillance, transparency

22 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

John Fenderson (profile), 4 May 2015 @ 2:36pm

At least it's not bad news
I want to be elated about this, but I know how these things tend to go. The DOJ will reveal some stuff everyone already knows anyway, confess to some minor abuses, change their secret policies in some secret way to look like it's trying to stop the minor abuses it has admitted to. PR job done.

In other words, can anyone say "limited hangout"?
[ link to this | view in thread ]
Anonymous Coward, 4 May 2015 @ 2:41pm

I'm sure this will turn out just as well as inquiries into the drone program, torture, mass surveillance, etc.
[ link to this | view in thread ]
Anonymous Coward, 4 May 2015 @ 2:51pm

It's still going on
No doubt the Baltimore PD used the hell out of this loophole, what with its 4,300 Stingray deployments over a seven-year period.

On-site bloggers and livestreamers have been reporting service disruptions for a week.
[ link to this | view in thread ]
Paul Renault (profile), 4 May 2015 @ 3:48pm

Here's how I see it happening...
...six years later, the DOJ will say that "they're still looking into it."

With luck, Alan Grayson will still be in Congress. And, armed with his trademark snark, he'll be able to show how little time it takes to actually, ahem, read the FBI's Stingray report, even out loud.
[ link to this | view in thread ]
Anonymous Coward, 4 May 2015 @ 4:16pm

The Justice Department will start revealing more about the government’s use of secret cellphone tracking devices...

Reveal more to the FISA; not the public.

Sorry if you thought the PUBLIC is whom you thought they would be more forthcoming to.
[ link to this | view in thread ]
AJ, 4 May 2015 @ 4:41pm

I wonder if they really think they are the only ones deploying this technology? Bet they go straight to "think of the children" when peeps start building these things in their garage, or organized/semi-organized crime start using them to their advantage. You can almost see the riotous indignation when the police and the politicians are the ones getting listened in on. I think at this point they are useless anyway, the only people that don't know about them, or know about them and aren't deploying countermeasures, however primitive, are the people that truly don't have anything to hide.
[ link to this | view in thread ]
tqk (profile), 4 May 2015 @ 4:43pm

The silence is deafening.
We know that Stingrays force every device that connects to it into 2G mode. We know that 2G isn't secure.

We know that the NSA is unapologetically hoovering up anything it can get its hands on, storing it for whenever. Does Baltimore PD have datestamped GPS records on every device in the area? I suspect so. Would the NSA also use the opportunity to quietly slurp *whatever* from each of the devices affected? Until they say otherwise, I wouldn't doubt it. They've given me no reason to.

We also know all these LEOs have data sharing agreements between each other, and we know they use this data all the time in very "creative" ways.

They're loath to discuss any of this blaming it all on that very convenient NDA the Harris Corp. has "forced" on them. They also hate the very idea of having to get warrants to justify any of this. If they were truthful, they'd need a warrant for every device the Stingray connects to, which wouldn't happen. Not everyone they connect to is of interest in a law enforcement investigation.

If I were the fourth amendment, I'd say this situation stinks to high heaven. I wouldn't fault anyone for thinking that way. I'm very surprised they feel so little obligation to explain any of these apparent contradictions.

What does all that add up to? Keeping us safe in the War On Terror and the War On Drugs, or is it just Police State Light, and once they work out all the bugs inconveniencing Blacks and Chicanos, they'll turn it onto you too?

Have a nice day.
[ link to this | view in thread ]
Whoever, 4 May 2015 @ 4:47pm

Was this Stingrays in use?
Recently flew through SFO and ORD. At SFO, phone dropped back to 2G a couple of times and at both airports, the browser often popped a message: "unable to establish a secure connection". Was that evidence of Stingrays in use?
[ link to this | view in thread ]
Anonymous Coward, 4 May 2015 @ 5:18pm

Re: Was this Stingrays in use?
Can't say for sure, but airports are great targets for this kind of surveillance.

If you have an Android phone, check out Snoopsnitch and/or Android IMSI-Catcher Detector (AIMSICD), both of which claim to detect certain disturbances caused by these devices.

https://opensource.srlabs.de/projects/snoopsnitch
https://secupwn.github.io/Android-IMSI-Catc her-Detector/
[ link to this | view in thread ]
tqk (profile), 4 May 2015 @ 6:07pm

Re: Was this Stingrays in use?
Do legit providers drop back to 2G? I don't know but if so, why if it isn't secure? I'd expect a minimum level of service, or none if that can't be done at the time.
[ link to this | view in thread ]
That One Guy (profile), 4 May 2015 @ 8:02pm

Several years of 'investigation' later....
DoJ rep: After a thorough investigation, we must say we were shocked, shocked I say, to find warrant dodging going on under the various police precinct roofs.
[ link to this | view in thread ]
Spaceman Spiff (profile), 4 May 2015 @ 8:36pm

And when the report is done?
Another 10,000 pages of fully redacted data? Why not just send back a case of blank paper? At least it could be used to print real stuff!
[ link to this | view in thread ]
Anonymous Coward, 5 May 2015 @ 2:51am

They take us all for fools don't they?
[ link to this | view in thread ]
Bt Garner (profile), 5 May 2015 @ 3:32am

So, how many pages of redacted information will the DOJ need to read before they realize there isn't a problem?
[ link to this | view in thread ]
Anonymous Coward, 5 May 2015 @ 9:52am

Sounds like the DOJ has more sh*t in its britches than it knows how to deal with. I hope they get a nasty diaper rash...
[ link to this | view in thread ]
Coyne Tibbets (profile), 5 May 2015 @ 10:05am

DOJ Investigator Barbrady responds
"Okay, people, we looked. Nothing to see here people, move along."
[ link to this | view in thread ]
Anonymous Coward, 5 May 2015 @ 11:49am

3g/2g fallback
2g has much better performance with a weak signal then 3g- the downgrade keeps calls from dropping, that's why it's a required fallback. This is a physics limitation partially- lower carrier frequencies can not carry as much data due to shorter radio wave lengths. Perhaps they could come up with a new encrypted 2g standard- it would be even slower, and legacy support might be an issue though. Most people will never notice poor security- dropped calls on the other hand...
[ link to this | view in thread ]
John Fenderson (profile), 5 May 2015 @ 12:49pm

Re: 3g/2g fallback
It's possible to make your phone refuse to fall back to 2G. The exact way you do this can vary by phone, OS, carrier, and your preferences. A web search can help you out here.

I've been doing this on my phone for a few years now, and haven't noticed a problem with increased dropped calls. The problem I noticed is that some regions are only covered by 2G and so 2G must be enabled when I'm in those areas. Being a software geek, I wrote a Tasker script to handle all of these sorts of cases automatically.
[ link to this | view in thread ]
Anonymous Coward, 5 May 2015 @ 1:26pm

...sigh...
The idea that stingrays can only record imsi's and track location is, on it's face, as shortsighted as believing toothpicks are only capable of picking teeth. Look at what hackers can do with a base station and carrier standard baseband functionality. This information is freely available and even easy to find on youtube and such. Focusing on stingrays is missing the core of a very serious problem= the security implications of device architecture, and non user controlled hardware based hierarchical authority.
[ link to this | view in thread ]
Anonymous Coward, 5 May 2015 @ 2:55pm

Re: stopping 2g fallback.
Network negotiation is handled via a baseband co-processor. I suspect your only causing the OS to refuse 2g- This wouldn't stop a remote override fallback command, though it might kill the (OS) network in such a case. The baseband would still connect to 2g and have access to ram. Some (most?) stingrays must be able to handle 3g, or they wouldn't have been caught stealing keys. The only reason 3g is any issue for such stingrays is the encryption- the keys to which can be compelled or stolen from the phone co, or scraped from the ram of the device itself. I'd be very interested and appreciative if you have any information you can share that contradicts any of the above.
[ link to this | view in thread ]
Anonymous Coward, 5 May 2015 @ 9:26pm

Maybe they can look into that bit of perjury by holder while they are at it.
[ link to this | view in thread ]
Uriel-238 (profile), 6 May 2015 @ 9:57am

Re: Here's how I see it happening...
Interviewer: But Mr. Helpmann, the bombing campaign is now in its thirteenth year.
Helpmann: Beginner's luck.
[ link to this | view in thread ]