Cops have a secret, unaccountable system for tracking you by your cellphone, and they abuse it like crazy


#1

Originally published at: https://boingboing.net/2018/05/12/extraordinary-access.html


#2

Burner Cell here we come.


#3

Privacy concerns about Securus and location services were raised to the F.C.C. last year before the company’s sale to Platinum Equity, a private equity firm,

Oh goody.


#4

There’s a “click to certify” checkbox. Seems pretty secure to me. At least as good as a pinky swear.


#6

I’ll never get why so many have their phones on all the time. Just put it in flight mode and kick it like it’s 1987.


#7

There are 2 almost insurmountable obstacles that render burner cell phones ineffective:

  1. Most people don’t have the skills or discipline to break the chain of identity that connects them to a cell phone purchase.
  2. You can’t use a cell phone without recreating identifying information that connects you to that phone.

The 2nd problem is inevitable. It is an even worse problem then attempting to maintain a “burner Facebook page”. Every thing you use a burner cell phone FOR, creates identifying information. And, everytime you turn the burner cell phone on, it creates identifying information. This includes:

  • The location information described in this article. Patterns and timing of movement are self-identifying.
  • Voice samples. As soon as you, or anybody in range of the cell microphone, talks, you leave a history of identifying information. Granted, this one is mostly for the major TLA’s, but this kind of capability always grows and extends.
  • All the other identifying info gathered by a cell phone: WiFi triangulation; crosstalk to other IoT devices (including modern cars) via WiFi and inaudible frequencies; timing of sunrise/sunset (if you are outside). Your phone is one of the greatest sensing devices of modern technology. Mostly it senses YOU and your environment.

You can only turn on a burner cell phone a handful of times, before your identity re-asserts itself.


#8

Carpenter vs US is due to be decided “any day now”. It may resolve the issue of government direct access to cell-phone tracking information. Hopefully, the SCOTUS will declare that direct access requires a warrant. On the other hand, the SCOTUS might just finish declaring the 1st, 4th, and 5th Amendments dead. They only need to kill the constitution once. They need to defend it EVERY TIME.

This issue is a 3rd Party Doctrine end-run around direct access to the tracking data. In theory, this 3rd party access should be as controlled as direct access. The 3rd party doctrine covers voluntary disclosure of personal info. There is nothing voluntary about cell-phone tracking. This tracking is inherent to having a cell-phone. In practice, any final judicial decisions limiting 3rd party control over cell-phone tracking info will probably take another decade.

Then there is the reality of modern information plumbing. Once information is collected, it is almost impossible to destroy. It will leak. It will spread. The cell-phone companies will breech. An Intelligence agency will seize and leak. A well-meaning judge will issue a General Warrant.

If you want any chance at privacy, you must DITCH THE PHONE.

We need to win this battle at the Legislature. We need law that acknowledges:

  • We are all subject to prediction. We are all susceptible to manipulation. We are all subject to cognitive bias.
  • Modern tech makes us more susceptible to prediction, manipulation, framing, bias, and control
  • External control over personal information is a threat to individual and societal self determination.
  • Owning your own personal information is an unalienable right.

#9

Wife beating cops will also abuse this to stalk their ex. True story, wish it weren’t.


#10

‘Cos that’s the point of having a MOBILE phone. If you’re going to turn it off, then you might as well just have a landline, if you stick it in airplane mode, it can probably be tracked anyway, and every time it’s made live it’ll shout to the world that it’s live.


#11

This is why I leave my phone in airplane mode if I’m not expecting a call. (Signal can use wifi)


#12

Yep. Any cell phone can be turned into a landline. Just leave it at home!


#13

So, isn’t our justice system (and this fellows prosecution for abuse) the checks and balances we’re supposed to have? Should we remove the system that allows police all over the US to have readily available legal access because a country bumpkin abuses the system - or should we simply prosecute those who abuse the system and those that enable abuse by furnishing this without appropriate liability?

I get that the police will abuse this - it’s human nature, so we should develop a system that allows for lawful geolocation of at-risk individuals with legitimate obstacles to make it difficult for folks to circumvent that - which this system must have had to some extent (like records of warrants he drew up on paper napkins that likely led to his prosecution.)

If someone in my family was abducted or lost, I’d want this system to be able to tell me where they are.


#14

Its not hard to address abuse. There could be a single gateway between the cell phone system and police systems (maybe just a web portal). All access would be authenticated and documented. If any one user was continually tracking people for no reason, it would be easy to trace back and check correlations with legitimate police activity.


#15

This is one of the most undocumented, conjecture filled, unsubstantiated articles I’ve ever read about law enforcement.


#16

I don’t know about that. The New York Times usually doesn’t publish stuff that’s not verifiable.


#17

Welcome to Boing Boing!


#18

It’s obviously bad having the cops in on this; but the majority-of-the-iceberg-hiding-underwater part of this would, to me, seem to be the fact that “Securus received the data from a mobile marketing company called 3Cinteractive”.

The wonderful people in marketing aren’t even theoretically bound by due process requirements and the need for warrants; so it would appear that everyone is already compromised(and not just to their carrier; which pretty much has to at least have cell-level location information for anything more recent than POCSAG to work) by a shady 3rd party that probably does all kinds of cool stuff with the data.

More generally, when you have entities whose business is selling information you seem to have a very bad environment for warrant/search type protections because those are usually designed around the notion that the relationship between the people executing the warrant and the people suspected of having the information is adversarial. In cases where the party with the information is quite happy to cooperate it isn’t necessarily clear that a warrant would even be needed; and there definitely isn’t any reason to expect the party providing the information to put any effort into verifying the documentation; since they are being paid, not compelled.


#19

I gave all my adult siblings burner phones for their birthdays after the 2016 election. Pre-paid Tracfones, paid for with cash, of course, with a list of instructions for maintaining anonymity.


#21

is there a cell phone carrier that does not sell your location data?


#22

Just look at it.

I really wonder why this didn’t make front page, yet. Did @doctorow take the blue pill? Or did @beschizza already threw it in a trashcan, and Elrond has taken over?