House Oversight Committee Calls For Stingray Device Legislation
from the and-only-two-decades-from-their-first-appearance dept
The Congressional Committee on Oversight and Government Reform has issued its recommendations on the use of cell site simulators (a.k.a. "Stingrays," presumably to Harris Corporation's trademark erosion dismay) by law enforcement. Its recommendations are… that something needs to be done, preferably soon-ish. (h/t Chris Soghoian)
Congress should pass legislation to establish a clear, nationwide framework for when and how geolocation information can be accessed and used.
Before it reaches this conclusion, the Committee spends a great deal of time recounting the history of both the devices' usage, as well as any steps taken (most of them very recently) to govern their use.
The report [PDF] points to the Supreme Court's Jones decision, albeit not in a very helpful way. The justices punted on the warrant question, leaving it up to lower courts' interpretation as to whether or not tracking someone with a GPS device violated their privacy. The only thing they did agree on was the intrusion onto the property to install the device on the petitioner's vehicle. Everything else was left unclear, including the lack of a bright line for how much location tracking equals unconstitutional tracking.
Cell site simulators can perform the same function and, until recently, every law enforcement agency in possession of the devices deployed them without seeking search warrants. The DOJ finally suggested warrants might be necessary in 2015, which would only be about 18 years since DOJ elements began using Stingray devices.
A 1997 DOJ guidance bulletin discussed the agency’s views on what legal authority governed the various law enforcement surveillance options, including “cell-site simulator.” According to the 1997 guidance, DOJ took the position that “it does not appear that there are constitutional or statutory constraints on the warrantless use of such a device.” According to a chart that was issued with the guidance, court orders, search warrants, and subpoena requirements were not applicable when deploying this device.
For most law enforcement agencies, the lack of a warrant requirement has allowed them to disguise their Stingray deployments. Most have sought pen register orders instead for this form of real-time location tracking. Others have used parallel construction to hide use of IMSI catchers from courts, defendants, and, in some cases, the prosecutors they work with. This was all heavily encouraged by the FBI's nondisclosure agreement, which it made law enforcement officials sign before allowing them to purchase the devices.
Now, they're everywhere. The IRS has its own devices and feds are attaching IMSI catchers to planes and flying them over cities in hopes of tracking down suspects. What's more concerning is the devices' capabilities, which federal and local law enforcement agencies all swear they've never used.
In testimony before the Committee, DOJ and DHS both confirmed the simulator devices they use do not intercept any communications or content from the cellular devices to which they connect. Specifically, DOJ confirmed that between January 1, 2010 and September 2, 2015, its component agencies using the technology—the FBI; the Drug Enforcement Administration (DEA); the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF); and U.S. Marshals Service (USMS)—only collected dialing, routing, signaling and addressing information in domestic criminal investigations and did not use the devices to collect the content of communications. While the current DOJ and DHS policies require the cell-site simulators to be configured as pen registers and to not collect content, some of the cell-site simulator models used by law enforcement components within DOJ and DHS would be capable of collecting content if the devices had the necessary software installed.
The Committee points out that if the federal government doesn't hand down universal controls for the deployment of these devices, the situation will only devolve from here.
Further, the Committee notes that these devices are available all over the world and with even fewer usage restrictions. And the tech is more widely available than the US government would hope, which means those who care little for policies, guidance, or federal law won't hesitate to deploy these themselves.
It is possible, if not likely, bad actors will use these devices to further their aims. Criminals and spies, however, will not be adopting the DOJ and DHS policies and procedures or any other ethics of surveillance. They will not be self-limiting in their use of these devices so as to not capture the content of others’ conversations. Criminals could use these devices to track potential victims or even members of law enforcement. One can imagine scenarios where criminals or foreign agents use this type of technology to intercept text messages and voice calls of law enforcement, corporate CEOs, or elected officials.
The report notes that devices are already for sale on foreign websites, and those selling them are suggesting purchasers set them up in high-traffic areas (near banks, restaurants, hospitals, etc.) for maximum effectiveness. On top of that, hobbyists and researchers have been able to put together their own IMSI catchers, all without the guidance or assistance of companies who sell their devices to a highly-restricted list of government agencies. The secret is out -- and has been out for years. While any legislation would do little to deter bad actors, it would at least allow the US to act as a role model for foreign governments to emulate and give it some sort of (belated) moral high ground to stand on when restricting US companies from selling surveillance tech to governments with human rights abuse track records.
If nothing else, the hope is that the legislation called for will result in a cohesive, coherent ruleset that's also Constitutionally-sound. Obviously, this will be met with law enforcement resistance, as anything that implements a warrant requirement generally does.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: house oversight committee, imsi catchers, stingrays, surveillance
Companies: harris corporation
Reader Comments
Subscribe: RSS
View by: Time | Thread
Important point to remember with cell-site simulators
[ link to this | view in thread ]
Where's the FCC?
[ link to this | view in thread ]
Re: Where's the FCC?
[ link to this | view in thread ]
Hypothesis about Stingray secrecy
Given how this article points out that Stingrays are everywhere, even for sale on foreign web sites, I would say that may validate my hypothesis (reproduced below). Basically, the secret hack has escaped. The vulnerability in the design of the cellular networks cannot be easily, cheaply nor quickly fixed.
Hypothesis about Stingray secrecy
(previously posted to TD)
Law enforcement is extremely secretive about Stingray. Why? Their suppliers even require them to sign agreements with extreme conditions. Why?
The wireless network standards were designed when we were still using Windows 3.1.
The designers may have considered security, in some sense, but not in a way that can withstand 21st century attacks. The security may be in large part due to obscurity.
Stingray is not authorized by the mobile network operators who have not given Stingray any SIMs (subscriber identity module) or other cryptographic keys necessary to access the network. Those network operators have exclusive rights to spectrum which Stingray is subverting.
Stingray works by compromising the security of the network. Effectively a genuine hack or intrusion into the network.
There may be no effective fix short of redesigning the network.
If the mechanism of the hack were generally known, mass chaos could ensue.
The network operators are strongly against this but powerless to do anything about it, other than potentially litigate.
A. If the mechanism of the attack became generally known, there could be vast numbers of unauthorized "stingrays" compromising everyone's privacy -- including (OMG!) rich and powerful people!
B. It would be possible for a network of distributed "stingray" clones to disrupt mobile network service by tricking nearby phones to connect to fake networks. What if this were deliberately done during an emergency?
C. The creators / operators of genuine(tm) Stingray devices don't want to be exposed to the potential of litigation for actionable things that Stingray may be doing as part of its operation. Including disrupting networks, stolen proprietary or trade secret information, having compromised individuals into divulging network secrets, keys, etc.
This hypothesis would explain observed evidence about why those who built Stingray want desperately to keep it secret. Please consider. The secrecy is so important, that it leads to:
Dismissing or disposing of prosecutions rather than reveal any information about Stingray.
Binding agencies and organizations using Stringray to high levels of secrecy, including keeping THE VERY EXISTENCE of Stingray a secret.
The behavior of those behind Stingray fits this hypothesis. They want to use it "for truth, justice and the corporate way", but are desperately fearful of the secret hack escaping.
[ link to this | view in thread ]
Re: Re: Where's the FCC?
[ link to this | view in thread ]
Re: Re: Re: Where's the FCC?
[ link to this | view in thread ]
Re: Re: Re: Re: Where's the FCC?
[ link to this | view in thread ]
Good news!
[ link to this | view in thread ]
Hate to point this out, but...
If you want to go full up illegal, you can download the software from a few places on TOR and get about 85% of what a stingray will do.
For about $500 and some knowlege of electronics, you can do about 90-95% of what a stingray will do.
All for a bit of dosh and willingness to commit an almost untraceable crime.
The real solution is to allow a cell phone around you at all.
[ link to this | view in thread ]
Hate to point this out, but...
[ link to this | view in thread ]
Would be nice if they addressed the NDAs
[ link to this | view in thread ]
[ link to this | view in thread ]
oh, okay...
democracy at work for you, kampers...
[ link to this | view in thread ]
Re: Important point to remember with cell-site simulators
[ link to this | view in thread ]
Re: Where's the FCC?
[ link to this | view in thread ]
Re: Re: Where's the FCC?
[ link to this | view in thread ]
small question
Why did they not create a proposal for such a law?
[ link to this | view in thread ]
Maybe backwards
Maybe we're thinking about this backwards.
Maybe the proper approach is to simply order law enforcement (i.e. government) to operate the entire cell network. Yeah, no privacy, but that ship has apparently sailed already. Certainly Congress isn't going to help--three guesses what any IMSI catcher law is going to do for privacy: nothing, nothing and nothing.
But think of the benefits: Coverage would improve. No more roaming. No more "can you hear me now" shill commercials. No more data caps. Probably many more.
Turn the networks into a true public service.
Surely worth at least a think.
[ link to this | view in thread ]