Leaked Documents Expose The US Government's Cell Phone Surveillance Options
from the and-they-are-legion-(and-expensive) dept
The Intercept has done it again. An anonymous source "concerned about the militarization of domestic law enforcement" has handed the site a catalog of cell phone surveillance equipment. Many of the products discussed in the pages are making their public debut, presumably to the deep chagrin of the manufacturers and the government agencies that use them.
While much of the equipment's capabilities has been sussed out with FOIA requests and the occasional courtroom disclosure, the leaked documents confirm that many law enforcement agencies not only have the technology to sweep up cell phone information in bulk, but also to intercept phone calls and text messages.
There is also a long list of newly-exposed product names that will be making their way into a host of future FOIA requests: Deerpark, Radiance, Carman, Garuda, Gilgamesh, Twister, Nebula…
Interesting (and disturbing) details are contained in data sheets on the products, including what the government feels are the potential drawbacks of the equipment. Harris' Blackfin, for instance, can intercept GSM voice communications as well as SMS messages from "preloaded target lists." In addition, the Blackfin can perform denial-of-service attacks on local phone networks and geolocate targeted phones. Perhaps the biggest surprise? The Blackfin is small enough to be worn surreptitiously by the operator.
Digital Receiver Technology, manufacturer of the US Marshals Service's flying "DRTboxes," also has some impressive technology on display. Its equipment supports "target lists of up to 10,000 entries" and can intercept (and record) voice communications over both digital and analog signals.
KeyW sells a product that tracks locations of cell phone users, targeting up to 500 cell phones at a time. Bonus: it can also negatively affect GSM networks to better track targets. (Referred to on the item's page as "Deny, Disrupt, Degrade and Deceive.")
Then there's this device, which is apparently an "in-house" offering produced by the NSA's Tailored Access Operations team.
This little spy box is built for use in "fixed-wing aircraft," like the FBI's Cessnas or unmanned drones. Bonus: it can be upgraded in the field, which presumably means firmware/software updates can be pushed to the system remotely.
Other notes of interest:
The government considers Deerpark's inability to wreak havoc on phone service a drawback ("does NOT cause denial of service").
The NSA-developed Nebula can "lock and hold traffic from 12 miles away."
AST's airborne ICARUS can geolocate Push-To-Talk handsets and RF tags.
Boeing's S-100 helicopter drone's fact sheet contains the warning that it cannot be armed with weapons.
This page shows just how low-profile some of this cell phone tracking hardware is.
Or, if it makes more sense logistically, you can just cram $180k worth of tracking equipment into a backpack.
Most of the pages note what authority is needed to deploy the equipment, with most citing Title 10/Title 50. The statutes pertain to military operations (Title 10) and military intelligence efforts (Title 50), with the latter sometimes encompassing the CIA's efforts. However, the documents contain fact sheets for equipment now being used by US law enforcement agencies, suggesting the transfer to domestic surveillance use occurred before law enforcement-specific rules were in place. The years of secrecy surrounding the devices further suggest domestic guidance trailed deployment by a sizable margin.
Finally, there are the forensic devices. The NSA SigDev team's CYBERHAWK basically cracks cell phones open and empties them of their contents.
"Exploitation includes phonebook, names, SMS, media files, text, deleted SMS, calendar items and notes."The only drawback is that the operator must have possession of the handset to extract all of this information. It can't be collected "over the air." A competing product offered by TEEL (Cellbrite) does the same thing, but works on "95% of phones," encompassing more than the GSM handsets CYBERHAWK is limited to.
The obvious problem is we don't know how much of this military equipment has ended up in the hands of law enforcement. We do know most of Harris' products have, thanks to the waiver it acquired (by lying) from the FCC. We also know Digital Receiver Technology is, at minimum, selling its products to federal law enforcement.
Local law enforcement agencies are using equipment developed for military use in war zones as domestic surveillance devices. When seeking these products (or the financial aid to acquire them), law enforcement agencies routinely mention the threat of terrorism… before using them to track people suspected of petty crimes. As the EFF's Jennifer Lynch points out in The Intercept article, there is no public record of any law enforcement agency using these devices to apprehend a terrorist or disrupt a terrorist attack.
Federal agency policies pertaining to these devices now contain warrant requirements, but with large enough loopholes, warrants will rarely have to be sought. The rules governing the use at the local level are still mostly secret. What has been divulged suggests agencies are still obscuring the use of the devices through the use of parallel construction or stretching pen register statutes to cover the large scale interception of connection and location data and, potentially, the communications themselves.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: catalog, cia, leak, nsa, phones, police, police militarization, surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
"Need to know your honor, and you don't need to know. Just sign the papers."
With regards to evidence laundering, while it's bad enough that the public had no idea about tech like this and how it was being used, worse in the sense that they're supposed to act as a check against abuse is that I imagine the vast majority of judges had no idea either.
Any judges looking through the list have got to be wondering just how often they've been lied to when it comes to what they thought they were authorizing, versus what was actually being done. It's one thing to authorize use of a device when you've been told it can only do A, but when you find out that it can also do B, C and D as well...
[ link to this | view in thread ]
Ah, who am I kidding, it has happened already. We just have to wait for the info to eventually leak after the coverups.
[ link to this | view in thread ]
I find the lack of seriousness disturbing
From the Blackfin:
"BF II is designed to body worn..."
"...of a preloaded target lists..."
It's not the grammar that concerns me (mine is far from perfect), but there is something disturbing in seeing a technical catalogue that lacks polish. The Intercept don't identify the source, or state what the catalogue is actually for, but whatever it's purpose, I can't help but think that the US government regards security and privacy lightheartedly; a bit of a in-joke at the American people's expense.
A bit like police forces barring smart cops...
[ link to this | view in thread ]
Re: I find the lack of seriousness disturbing
If you've seen the NSA and GCHQ slides you will see it's not out of the ordinary.
[ link to this | view in thread ]
Re: Re: I find the lack of seriousness disturbing
[ link to this | view in thread ]
FCC
As if though the FCC really cares. It didn't exactly rescind the waiver or prosecute anyone, did it? Instead, by not doing so it sent a big message to law enforcement that they could basically do what they wanted without worrying about the FCC.
[ link to this | view in thread ]
Re: FCC
[ link to this | view in thread ]
[ link to this | view in thread ]
On the up side. If you forget what the wife asked you to grab at the market, you can drop by and see Bubba at your local police station and have him play the conversation back for you....
[ link to this | view in thread ]
Re:
The primary purpose of mass surveillance to intimidate potential leakers and find those that go ahead anyway. This is why there will be find continuing support in the government for mass surveillance. They don't like being exposed, so to prevent it they intend to expose everyone else.
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re:
I mean it would be pretty freakin' stupid if they spent all this time and money developing tracking mechanism that become completely useless the second their target refuses to play along, right?
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: I find the lack of seriousness disturbing
Probably originally written in Chinese and translated by Russians working for an Indian outsource company jointly-owned by Sony and GCHQ. Perhaps only US civilians are kept in the dark.
[ link to this | view in thread ]
Re: Re:
That's exactly right Guy, but lets take it a step further. One of the indicators helping us determine innocence and guilt, will be how well you submit to the system. Example: Not having a cell phone so that we can conveniently track you, will get you on a government watch list. This watch list will be linked to travel, gun registrations, and drone purchases. It can also be used to justify the confiscation of your colostomy bag and sex toys at all TSA checkpoints. Now... I know your concerned with security, and as a sheeple, you should be, thats why we are going to put this watch list on Hillary Clinton's personal email server. This ultra secret, top level server has even the best cryptologists in our alphabet soup agencies scratching their heads; as proven by the 10 month non-sensical extravaganza of bullshittery that's poured out of them regarding whats on it. This server will be so secure, we will leave you baffeled as to it's even existence.
Sit back and relax Guy, your government has everything under control.
[ link to this | view in thread ]
Re: Re:
Like OBL.
How long did it take to find him?
Yes, cel tracking helped, but the tracking was of his associates - OBL never had a cel phone!
[ link to this | view in thread ]
What I Find Truly Disturbing
Where it's being used is against civilian targets where the normal rule of law is supposedly still in force. No wonder the lies, evasions, cover ups and stonewalling by three letter agencies.
[ link to this | view in thread ]
[ link to this | view in thread ]
Where else but a combat zone would you have cops executing unarmed unresisting civilians and getting away with it because the cops defense is "I feared for my life from the man I had restrained in handcuffs on the ground"
[ link to this | view in thread ]
[ link to this | view in thread ]
For a second I thought they raided the dramatic personae from my last D&D campaign. This is much worse.
[ link to this | view in thread ]
Re: Re: Re:
Even that was eventually found to be a made-up cover story. They actually found him when an informant turned him in for the reward money.
[ link to this | view in thread ]
Re: Re: I find the lack of seriousness disturbing
I've been using essentially that line to describe FLOSS software documentation for over twenty years. It helps to pipe it through Swedish Chef too.
[ link to this | view in thread ]
Re:
No kidding. We're reading leaked reports snagged up by investigative journalists. Meanwhile they're using it in Hollywood getting free advertisement on their indoctr ... cop shows.
[ link to this | view in thread ]
...out like a lamb
With all of these nifty new spy toys, its pretty obvious that any thought of privacy in the US is a pure pipe dream, and the US Constitution is nothing more than ass-wipe for the forces of Order-At-Any-Price.
Ah well, ye had a good run, America.
Time to bend over and take it like victim now, because, when the law itself is against you, there is no place left to turn for help.
---
[ link to this | view in thread ]
Re: ...out like a lamb
Nowhere to turn and headed for doom? Ah well, at least I have company.
Now go ahead, bend over. Your informant will talk you through it. It'll be like a pipe dream...you can even pretend you're an FBI Agent.
I'll be reading the constitution and imagining Princess on the front page, looking all real and shit.
[ link to this | view in thread ]