In Florida, a recent revelation concerning the state’s police departments and their use of cellphone monitoring equipment has led many to question the ethics behind law enforcement’s use of such technology.
Defending its use of the “stingray” phone-tracking gadget at least 200 times since 2010 without disclosing the activity to the courts or obtaining a warrant, the police department stated that it could not make such a disclosure due to a non-disclosure agreement it signed with the equipment’s manufacturer.
A “stingray” is a moveable electronic surveillance device designed to simulate a cell tower. Cellphones in the area identify the “stingray” as a cell tower and transmit to it, which then transmits to the nearest valid tower. During the transfer, the “stingray” records the metadata from the cell transmission, including the device identification number or MAC address, the telephone numbers of both the caller and the callee and the ping time — or, the time it takes for a device to receive or transmit a signal to a base. As the “stingray” is mobile, a “stingray” user can triangulate a cellphone user’s location by recording a device’s ping time in as few as three locations.
A police department with access to a network of such devices or to the records of the cell towers themselves, could not only track a person based on their cellphone transmissions, but also potentially find out who that person is associating with and backtrack to any point in the surveillance and have a record of the person’s movements.
As a cellphone transmits to a cell tower even when it is not in use, and as spyware have been developed that can remotely turn on a sleeping or deactivated phone, there is no real way to stop the surveillance of a cellphone without wrapping the device in aluminum foil or removing the battery.
Since the Tallahassee Police Department and the other Florida police departments that agreed to test or promote the “stingray” signed non-confidentiality agreements with the manufacturers fully knowing that doing so would violate the requirement of obtaining a warrant before any non-probable cause search, there is a significant danger that this technology can and will be used to exploit and defile individual privacy.
The nation is still debating the question of warrantless electronic surveillance. While the Foreign Intelligence Surveillance Court has made rulings that made warrantless surveillance of certain types of cellphone traffic legal under the USA PATRIOT Act, the question of whether a cellphone can be used as a de facto GPS tracker has yet to be answered definitively. While the state supreme courts of Massachusetts, New Jersey, New York, Oregon, South Dakota, Virginia and Washington, and the U.S. Third Circuit’s Court of Appeals all agree that GPS tracking requires a warrant, there is no clear consensus nationwide.
The American Civil Liberties Union has identified cellphone location tracking among approximately 250 law enforcement agencies in 30 states and the use of license plate readers in 38 states and the District of Columbia. With location tracking becoming increasingly common, the need for clear rules of engagement is needed. While the need to provide the best tools to law enforcement is undeniable, assurances toward protecting privacy are more critical than ever.
Law enforcement isn’t the only body using this kind of technology — it’s also leaking out into the consumer world.
A number of stores now use sensors that detect Wi-Fi and Bluetooth transmissions from shoppers’ cellphones. Using the MAC — Media Access Control — address from the transmission, the store can track the consumer’s movement throughout the store, which helps the store learn what products have the best “eye appeal,” improve customer service by effectively monitoring the registers’ traffic, keep track of customers’ return visits and even target advertisements to specific customers.
MasterCard recently introduced a program in which a credit card is tied to the owner’s smartphone. When the card is used, the location of the mobile phone is located to ascertain that it is in the same area as the credit card,
preventing a stolen card from being used without the accompanying phone.
While in the case of the MasterCard program, the credit card owner would need to give permission to use this feature, most cellphone monitoring is invisible and unintrusive — leaving the device’s owner oblivious that he or she was being monitored.
ACLU Video: Meet Jack. Or, What The Government Could Do With That Location Data