April 20, 2015
America’s modern history is now defined as pre/post 9/11, a terrible day that rocked Americans and thrust the country into a perpetual “war on terror.” But with the permanent war footing came a highly secretive world of espionage tactics that threatens to throw civil rights out the window. The intrigues of the clandestine world eventually spawned surveillance whistleblower, Edward Snowden, who spoke-out against a repressive US government bent on obstructing the very fabric of our Constitution. Henceforth, this new millennial era will view individual rights in a pre/post Snowden lens.
Case in point surrounds new revelations about an invasive surveillance program known as “Stingray” boxes. They trick cell phone towers to divert mobile calls of targeted individuals to the Stingray box allowing law enforcement to record and track suspects’ location. The trouble is two-fold, first the device can capture any cell phone’s users in the vicinity of the target and two, the targeting isn’t always subject to warrants issued by judges.
This week the San Diego Police Department acknowledged to this reporter that it owns and uses the “Stingray” technology. The police department released a heavily redacted Purchase Order from the Harris Corp, the company who originally created the surveillance box for the CIA and US military to track terrorists worldwide. The pricy equipment costs the law enforcement community somewhere around $400,000.
A spat of mysterious evidence collection processes, set off an avalanche of inquiries that ultimately disclosed law enforcement use of the Stingray devices at the state and local levels. Once the use of the questionable cell phone data was exposed, defense attorneys pressured city/state/federal prosecutors to come clean. However, federal agencies balked and either pled-out the criminal cases or dropped them altogether in an effort to keep the program secret.
So how exactly did the government keep the secret? We now know the federal government through the Harris Corp employed nondisclosure agreements to force law enforcement agencies refrain from even discussing ownership of the surveillance boxes. Looking at the more sinister side of the terrorist tracking devices, legal experts contend law enforcement agencies were trying to hide their illegal or lack of warrant approved wire-tapping. The problem is, evidence collected was not subject to judicial review or disclosure to the defense under the exculpatory rules for prosecutors and essentially removed due process for defendants offered under the Fourth, Fifth, and Sixth amendments.
A couple of cases, one in Buffalo New York and the other in Baltimore, Maryland have turned the shadowy program upside down, by ordering law enforcement to disclose details surrounding the use of the Stingrays.
In his decision, New York Judge Patrick H. NeMoyer described a 2012 case between the local Sheriff’s office and the FBI, wherein a court order revealed the FBI would rather drop criminal charges than disclose “any information concerning the cell site simulator or its use.”
The revelation brings into question just how many unsuspecting cell phone users are being recorded? What exactly does law enforcement do with the thousands of cell phone data they collect?
In the court testimony earlier this year in Baltimore, Detective Emmanuel Cabreja told a judge he employed the Stingray device more than 4,300 times since 2007, therefore acknowledging the program has been operating under the radar for at least eight years. The Maryland State Police commander explained to state lawmakers the order to remain mum about the Stingray box came from Homeland Security.
Agencies including the FBI, Department of Homeland Security (DHS), and local law enforcement have successfully invoked nondisclosure agreements as a measure to keep Stingray information hush-hush.
“In Baltimore, they’ve been using this since 2007, and it’s only been in the last several months that defense attorneys have learned enough to start asking questions,” American Civil Liberties Union (ACLU) attorney Nate Wessler said. “Our entire judicial system and constitution is set up to avoid a ‘just trust us’ system where the use of invasive surveillance gear is secret.”
Defense attorney Joshua Insley told Homeland Security News Wire, “That Baltimore police obtain court orders under Maryland’s ‘pen register’ statute, which allows police to capture only the numbers that are called or received by a phone, not the metadata and location information Stingrays collect. They’re basically duping these judges into signing authorizations to use Stingrays.”
Once the court ordered Cabreja to produce a copy of the 2011 nondisclosure agreement the defense attorney, Insley, asked the detective: “Does this document instruct you to withhold evidence from the state’s attorney and Circuit Court, even upon court order to produce?” Cabreja said, “Yes.” But when the detective was faced with bringing the suitcase-sized portable device into the courtroom, the court decided to negotiate with the defendants and offered them sweet plea deal.
According to the ACLU, when the Stingray becomes the focus, “defense attorneys are being able to get really good deals for their clients, because the FBI is so insistent on hiding all of these details. There are likely going to be a lot of defense attorneys in Baltimore who may have an opportunity to raise these issues. They are on notice now that their clients may have some arguments to make in these cases.”
The potential for future abuses will grow exponentially as a greater number of law enforcement agencies employ the high-tech machinery. “When this technology disseminates down to local government and local police, there are not the same accountability mechanisms in place. You can see incredible potential for abuses,” American Civil Liberties Union lawyer Catherine Crump pointed out. It remains unclear what law enforcement agencies do with the collected data and how long they keep it.
Like the case in Baltimore, local New York law enforcement officials employed the Stingray surveillance device without defendants’ knowledge or warrants authorized by judges.
“These records confirm some of the very worst fears about local law enforcement’s use of this expensive and intrusive surveillance equipment,” said NYCLU Staff Attorney Mariko Hirose. “Not only did the Sheriff’s Office (in NY) promise the FBI breathtaking secrecy to keep information about stingrays as hidden as possible, it implemented almost no privacy protections for the Erie County residents it is sworn to protect and serve.”
The NYACLU report discovered:
• The Sheriff’s Office used stingrays at least 47 times between May 1, 2010 and October 3, 2014, including assisting other law enforcement departments like the Monroe County Sheriff’s Office.
• The office apparently obtained a court order prior to using the device only once in those 47 circumstances, contradicting the sheriff’s statements to a local reporter and the legislature that this device is being used subject to “judicial review.” In the one case a court order was obtained, in October 2014, the sheriff did not obtain a warrant but a lower level court order called a “pen register” order.
• Its confidentiality agreement with the FBI requires the Sheriff’s Office to maintain almost total secrecy over stingray records, including in court filings and when responding to court orders, unless the Sheriff’s Office receives the written consent of the FBI.
• Its confidentiality agreement with the FBI also instructs the Sheriff’s Office that the FBI may request it to dismiss criminal prosecutions rather than risk compromising the secrecy of how stingrays are used.
The NYACLU concluded that, “Stingrays are an advanced surveillance technology that can sweep up very private information, including information on innocent people. If the FBI can command the Sheriff’s Office to dismiss criminal cases to protect its secret stingrays, it is not clear how the $350,000 we are spending on stingray equipment is keeping the people of Buffalo safer.”
San Diego 6 News issued a California Public Records Act (CPRA) request to both the San Diego Sheriff’s Department and the San Diego Police Department. The SDPD responded almost immediately with a highly redacted purchase order with the Harris Corp. (maker of the “Stingray”), but the document is unintelligible because of the redacting and price of the unit. SD6 has followed-up for clarification and the remainder of the information requested. As of press time, the Sheriff Department has not responded.
Also, SD6 News is still waiting for an FBI Freedom of Information Act (FOIA) request for details about the Stingray device.
Previous story “CIA/DOJ spy on cell phones within the US”
(Originally published March 15, 2015)
A new cellphone spying disclosure brings a whole new meaning to “Can you hear me now?” The new allegations were leveled by National Security Agency (NSA) whistleblower Edward Snowden and reported by the Wall Street Journal. The latest report confirms that the US Marshals Service through its parent agency, the Department of Justice (DOJ), teamed with the Central Intelligence Agency (CIA) using CIA technology to trick cell phones into using a fake cellphone towers installed on Marshals Service planes.
The CIA worked and defense-contracting firms jointly developed “Dirtboxes or Stingray” surveillance technology, which is capable of capturing thousands of cell phone exchanges at the same time. The government admits the “technology” can cause dropped calls or briefly interfere with a users’ ability to make or receive phone calls—“Hence can you hear me now?”
According to the Department of Justice, the US Marshals Service used the cellphone dragnet that knowingly scooped up thousands of phone conversations in an effort to conduct allegedly lawful ongoing criminal investigations. A Justice official privately admitted that there are cases in which investigators gained possession of information not covered by warrants, but oftentimes throw it out or seek a judge’s approval before proceeding with the legal case.
The “Stingrays” trick cell phones into sending communications in an unencrypted format to the phony cell towers where the conversations can be routed to surveillance centers for processing and analysis. It has been reported that the “Stingrays” also interfere with customers making and receiving calls by causing connection delays or dropped calls.
Both the DOJ and CIA claim they are conforming with the law, but by couching their work in the “smoke and mirrors” of “national security” or by using “sources and methods” arguments to prevent disclosure, it is difficult to determine the scope and impact the operations will have on American’s personal privacy.
The American Civil Liberties Union’s (ACLU) website describes the government’s overreach. “Stingrays, also known as ‘cell site simulators’ or ‘IMSI catchers,’ are invasive cell phone surveillance devices that mimic cell phone towers and send out signals to trick cell phones in the area into transmitting their locations and identifying information. When used to track a suspect’s cell phone, they also gather information about the phones of countless bystanders who happen to be nearby. The ACLU has uncovered evidence that federal and local law enforcement agencies are actively trying to conceal their use from public scrutiny, and we are continuing to push for transparency and reform.”
The ACLU recognizes that federal law needs to be modernized to keep up with new technology in order to protect the First, Fourth, and Fifth Amendment protections of the Constitution. But warned that “the government must be open about the use of these powerful tools, and put in place rules on their usage to protect people’s Fourth Amendment rights (search and seizure) and to prevent abuse.”
“[The new information about the CIA] certainly raises troubling questions,” Nathan Wessler, a lawyer for the American Civil Liberties Union told Newsweek. “What legal authority are they using? Do they get warrants? If not, why? What are they doing to protect bystanders’ privacy?”
Taking this latest revelation a step further, Snowden also disclosed that the CIA and other federal agencies have spent five years and millions of taxpayer dollars in an effort to crack the encryption of Apple products. Behind the scenes, Apple has criticized the government’s actions and claims they are unwilling to aid government surveillance by “softening” its encryption or allowing a “backdoor” into its operating systems that millions of consumers pay a much steeper price tag for added security.
CEO of Apple, Tim Cook said earlier this year; “It is a cop-out to say: choose between privacy or security. There is no reason why customers should have to select one. There is no reason not to have both. We shouldn’t give in to scare-mongering.”
But Snowden says the CIA has already found its own access point to Apple’s OSX software. Unbeknownst to many American’s, the CIA operates its own joint venture firm, In-Q-Tel, to invest in the latest technologies and garner an interest or control of developing technologies (Read In-Q-Tel article here).
The ACLU and Electronic Frontier Foundation (EFF) recently filed suit against the DOJ and US Marshals Service for seizing evidence of cell phone data collected from CIA assisted surveillance assets by Florida law enforcement agencies – the cell phone records had been ordered by a Florida State judge to be turned-over to ACLU attorneys, but on the day of the transfer US Marshals personnel seized the records claiming the state of Florida police officer who had obtained the records was actually a deputized US federal officer – despite the fact he purportedly had no such credentials at the time of his surveillance, when the court ordered the turnover, or at the time the assertions were made by the US Marshals Service.
No such deputizing designation was ever filed with the court when the surveillance was authorized or since.
It appears this cell phone monitoring is not isolated to Florida as residents of the nation’s capitol have been complaining of these “phony cell phone towers” spring-up throughout Washington, DC. No one claims ownership, but they sit there actively and passively capturing cell phone calls on all who venture within their reach.
Americans question how DOJ/CIA/US Marshals Service can be trusted to protect American’s privacy rights with the use of such technology when there is no “check and balance?”
The newest mass data collection has sparked furor from journalists to civil liberty groups who are reminding the US government that the CIA is strictly forbidden from operating inside the US.
In fact, by denying producing files under a FOIA request from this reporter regarding CIA files on deceased Rolling Stone national security reporter Michael Hastings, the CIA asserted that its charter precludes it from operating in the U.S., but cleverly, CIA did not deny that it did not have files.
(View FOIA file in slide show above)
The CIA responded to a written request by stating it will provide some information on Mr. Hastings, but declined to answer any questions regarding connections between Mr. Hastings, jailed journalist Barrett Brown or Reddit’s deceased founder, Aaron Schwarz. Interestingly, the CIA asserted federal law, which prohibits it from spying on Americans as the reason for not responding to FOIAs on Brown and Schwarz, but failed to explain why it had a file on Hastings.
United States law specifically forbids Federal intelligence agencies and the military intelligence agencies – the National Security Agency (NSA), the National Reconnaissance Office (NRO), the National Geospatial-Intelligence Agency (NGIA), and the Defense Intelligence Agency (DIA) from conducting surveillance operations within the United States. Furthermore, 50 United States Code §3039 only authorizes Federal intelligence agencies to operate with US or Federal law enforcement agencies NOT state … and only in monitoring foreign citizens outside the U.S.
So what gives?
A Justice Department spokesman explained that the US Marshals Service’s techniques are “carried out consistent with federal law, and are subject to court approval.” They also claimed that they do not conduct “domestic surveillance, intelligence gathering, or any type of bulk data collection… The agency also doesn’t gather any intelligence on behalf of U.S. spy agencies.” One must wonder if they had heard of Edward Snowden prior to making such a claim?
While Congress seems unconcerned with invasive laws or the interpretations of such laws by federal agencies to the detriment of Americans, the federal government has revised rules and demanded Lavabit, a technology firm, to turnover private passwords and security keys to federal investigators (link here).
Lavabit, an encrypted email service provider, gained unwanted notoriety by being the service that once delivered NSA leaker Ed Snowden’s secure emails. Lavabit defied a Department of Justice demand to turnover its encryption key for secure users by closing shop. As the feds latest privacy target the secure email provider shuttered operations rather than give up the encryption codes to its 400,000 subscribers, as Lavabit’s founder, Ladar Levison, made the difficult financial decision based on ethical concerns for his clients.
The search warrant revealed that the government demanded “all information necessary to decrypt communications sent to or from the Lavabit e-mail account [redacted] including encryption keys and SSL keys.”
That court ruling put into motion a plan that Levison said he made in the presence of his attorney that he would rather than shutter his company than sellout his clients. “I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit,” he explained.
On top of that a virtual gag order was placed on the case forcing the young entrepreneur to carefully construct his response to the media. “We’ve already started preparing the paperwork needed to continue to fight for the Constitution in the Circuit Court of Appeals. A favorable decision would allow me resurrect Lavabit as an American company.”
Levison explained the situation the best he could; “This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would strongly recommend against anyone trusting their private data to a company with physical ties to the United States.”
The CIA did not respond to requests for this article.
© Copyright 2015 Kimberly Dvorak All Rights Reserved.