Will Dream Security Tech Be Marketed More Ethically than Pegasus?
According to the Wall Street Journal, Shalev Hulio, former chief executive of NSO Group, the company behind the controversial Pegasus spyware, has launched a new cybersecurity firm in the wake of the Israel-Hamas war. The company, Dream Security, uses artificial intelligence to identify and analyze cyber threats.
So far, the company is already valued at more than $200 million, with customers in Israel and Europe. The need is obvious: European governments and other critical infrastructure have seen increased cyber risks since Russia invaded Ukraine in February 2022. After the recent Hamas raid and atrocities, Israel itself has become a red-hot target.
Israel needs and deserves every advantage it can muster in protecting itself. But given the history of NSO and Pegasus, we must raise concern about the risks if Dream Security products were to be sold – as Pegasus was – to irresponsible and dangerous foreign governments and hostile actors. Pegasus has already been implicated in facilitating the murder of journalists and at least one dissident, spying on State Department discussions about an abducted American, and used by politicians in Spain and India against journalists and rivals.
Artificial intelligence is a nascent technology. There is no telling how it may yet impact the evolving nature of modern warfare, even if developed for defensive purposes. We support any technology that enhances the security of the Israeli people. But it is in everybody’s best interests that Dream Security commits to only doing business with responsible state and corporate actors. PPSA will be monitoring this story as it develops.
Every now and then, even with an outlook jaded by knowledge of the many ways we can be surveilled, we come across some new outrage and find ourselves shouting – “no, wait, they’re doing what?”
The final dismissal of a class-action lawsuit law by a federal judge in Seattle on Tuesday reveals a precise and disturbing way in which our cars are spying on us. Cars hold the contents of our texts messages and phone call records in a way that can be retrieved by the government but not by us.
The judge in this case ruled that Honda, Toyota, Volkswagen, and General Motors did not meet the necessary threshold to be held in violation of a Washington State privacy law. The claim was that the onboard entertainment system in these vehicles record and intercept customers’ private text messages and mobile phone call logs. The class-action failed because the Washington Privacy Act’s standard requires a plaintiff to approve that “his or her business, his or her person, or his or her reputation” has been threatened.
What emerged from this loss in court is still alarming.
Software in cars made by Maryland-based Berla Corp. (slogan: “Staggering Amounts of Data. Endless Possibilities”) allows messages to be downloaded but makes it impossible for vehicle owners to access their communications and call logs. Law enforcement, however, can gain ready access to our data, while car manufacturers make extra money selling our data to advertisers.
This brings to mind legislation proposed in 2021 by Sens. Ron Wyden (D-OR) and Cynthia Lummis (R-WY) along with Reps. Peter Meijer (R-MI) and Ro Khanna (D-CA). Under their proposal, law enforcement would have to obtain a warrant based on probable cause before searching data from any vehicle that does not require a commercial driver’s license. Under the “Closing the Warrantless Digital Car Search Loophole Act,” any vehicle data obtained in violation of this law would be inadmissible in court.
Sen. Wyden in a statement at the time said: “Americans’ Fourth Amendment rights shouldn’t disappear just because they’ve stepped into a car.”
They shouldn’t. But as this federal judge made clear, they do.
Sens. Wyden and Lee, Reps. Davidson and Lofgren, Introduce Wide-Ranging Reform of Government Surveillance
The Government Surveillance Reform Act (GSRA)
Four bipartisan champions of civil liberties – Sen. Ron Wyden (D-OR), Sen. Mike Lee (R-UT), Rep. Warren Davidson (R-OH) and Rep. Zoe Lofgren (D-CA) – today introduced the Government Surveillance Reform Act (GSRA), legislation that restores force to overused Capitol Hill adjectives like “landmark,” “sweeping,” and “comprehensive.”
“The Government Surveillance Reform Act is ambitious in scope, thoughtful in its details, and wide-ranging in its application,” said Bob Goodlatte, former Chairman of the House Judiciary Committee and PPSA’s Senior Policy Advisor. “The GSRA is a once-in-a-generation opportunity for wide-ranging reform.”
The GSRA curbs the warrantless surveillance of Americans by federal agencies, while restoring the principles of the Fourth Amendment and the policies that underlie it. The authors of this bill set out to achieve this goal by reforming how the government uses three mechanisms to surveil the American people.
The GSRA will rein in this ballooning surveillance system in many ways.
“The GSRA enjoys widespread bipartisan support because it represents the most balanced and comprehensive surveillance reform bill in 45 years,” Goodlatte said. “PPSA joins with a wide-ranging coalition of civil liberties organizations to urge Congress to make the most of this rare opportunity to put guardrails on federal surveillance of Americans.
“We commend Senators Wyden and Lee, and Representatives Davidson and Lofgren, for writing such a thorough and precise bill in the protection of the constitutional rights of every American.”
Apple Sends Notice of Hack
Pegasus – the Israeli-made spyware – continues to proliferate and enable bad actors to persecute journalists, dissidents, opposition politicians, and crime victims around the world.
This spyware transforms a smartphone into the surveillance equivalent of a Swiss Army knife. Pegasus has a “zero-day” capability, able to infiltrate any Apple or Android phone remotely, without requiring the users to fall for a phishing scam or click on some other trick. Once uploaded, Pegasus turns the victim’s camera and microphone into a 24/7 surveillance device, while also hoovering up every bit of data that passes through the device – from location histories to text, email, and phone messages.
We’ve written about how Mexican cartels have used Pegasus to track down and murder journalists. We’ve covered the role of Pegasus in the murder of Saudi dissident Adnan Khashoggi, and how an African government used it to spy on an American woman while she was receiving a briefing inside a State Department facility on her father’s abduction.
Now fresh evidence from Apple alerts shows how Pegasus continues to be used by governments to spy on political opponents. Journalists have learned that the Israeli-based NSO Group has sold its spyware to at least 10 governments. Two years ago, it was revealed that a government had used Pegasus to surveil Spanish politicians, including the prime minister, as well as regional politicians. Now it is happening in India. On Oct. 31, just in time for Halloween, Apple sent notices to more than 20 prominent journalists, think tank officials, and politicians in opposition to Prime Minster Narenda Modi that hacking attempts had been made on their smartphones.
In 2021, The Washington Post and other media organizations investigated a list obtained by Forbidden Stories, a Paris-based non-profit media outlet, tracking down more than 1,000 phone numbers of hundreds of prominent Indians who were set to be surveilled by Pegasus. This plan now seems to have been executed, at least in part.
“Spyware technology has been used to clamp down on human rights and stifle freedom of assembly and expression,” said Likhita Banerj of Amnesty International. “In this atmosphere, the reports of prominent journalists and opposition leaders receiving the Apple notifications are particularly concerning in the months leading up to state and national elections.”
Yesterday Spain, today India, tomorrow the United States? It is public knowledge that the FBI owns a copy of Pegasus and that a recent high-level government attorney from the intelligence community has signed on to represent the NSO Group. This is all the more reason for Congress to pass serious reforms to Section 702 of the Foreign Intelligence Surveillance Act, to curtail all forms of illicit government surveillance of Americans.
PPSA will continue to monitor this story.
IRS Agent Makes Unnecessary Home Visit to Journalist Who Revealed Intelligence Agency Involvement in Social Media
Did IRS Inspect Personal Data of Matt Taibbi and Other Journalists?
Matt Taibbi is not everyone’s cup of tea – or shot of tequila. He is a former Rolling Stones reporter, an investigative journalist with gonzo-flavored prose. Taibbi was most recently in the headlines for reporting on government interference, including FBI agents, in secretly advising social media content curation. This was just one of the revelations of the Twitter Files.
That data dump, released by X CEO Elon Musk, show considerable interaction between the federal government and social media companies’ curation of ideological content. Whether this was “jawboning” or “coercion” on the part of the government will be at the heart of an upcoming U.S. Supreme Court case, Murthy v. Missouri. This is an intensely political case, one that pits the Biden Administration, which insists it has every right to alert social media companies about misinformation, against Republicans, who see it as secret censorship.
A new report from the House Judiciary Committee raises the question why the IRS sent an agent to make an unannounced field visit to the home of journalist Matt Taibbi. That visit just happened to occur on the same day Taibbi was testifying before Congress about purported secret government abuse to dial back or exclude content from social media.
The Weaponization of the Federal Government subcommittee found that the IRS had taken the unusual step of opening a case against Taibbi on Christmas Eve, a Saturday, just weeks after Matt Taibbi began reporting on the Twitter Files. In the four-and-one-half years between when the IRS alleges it last tried to contact Taibbi about his taxes and the day it conducted an unannounced field visit, neither he nor his accountant received notice from the IRS about an issue with his tax returns.
As it turned out, the journalist owed no money to the IRS, but the IRS did owe him a refund. As a result of this and similar incidents, IRS chief Danny Werfel repealed the agency’s policy of allowing agents to make unannounced field visits to taxpayers’ home.
In today’s social media-saturated world, the appearance of an IRS agent acting as a government “heavy” to pressure a journalist – if that is what indeed happened – is a tactic guaranteed to backfire. The greater danger is how the IRS could misuse its immense surveillance power for its own ends or those of one political master or another.
The IRS, like many other federal agencies, purchases Americans’ personal data scraped from our apps and sold to it by third-party data brokers – a major focus in reforms that civil libertarians want to add to FISA’s Section 702. The IRS could have easily accessed Taibbi’s personal location history, as well as his communications from emails to texts, all without a warrant. A good follow up question for Congress might be to ask the IRS if it used purchased data to snoop on Taibbi or other journalists.
The IRS does not need probable cause to investigate us. It doesn’t need a warrant to send someone to our home, to order us to conduct an expensive and time-consuming audit, or to look into our most personal and sensitive information taken right out of our smartphones.
Congress should demand to know if the IRS or any other government agency has been accessing the personal data of journalists investigating the administration.
Intelligence Community MYTH: The FBI has new minimization procedures that have dramatically reduced the numbers of U.S. person queries in the Section 702 database and the potential for violations. No fixes in the law are needed.
FACT: Even FBI Director Christopher Wray’s brag that refinements in internal procedures have reduced the number of warrantless searches for Americans’ communications to approximately 204,000 queries of Americans’ personal communications per year is alarming. The number of people who have been victimized by these civil rights violations is equal to the population of many medium-sized U.S. cities. As Sen. Mike Lee says, “That number should be zero. Every ‘non-compliant’ search violates an American’s constitutional rights.”
Jonathan Turley of the George Washington University Law School dismissed the FBI’s recent boasts about the reduced number of improper queries into Americans’ private information, likening that boast to “a bank robber saying we’re hitting smaller banks.”
The many broken promises of the FBI should leave the bureau with little room for a “trust me” clean reauthorization of Section 702. Consider the government’s long history of abuses. In just the last few years, in violation of its own rules:
Other actions outside Section 702, such as the wide-ranging politically motivated investigation of “radical traditional Catholics,” further reveal an FBI appetite for playing politics. Nobody in their right mind should want the FBI to have warrantless access to their private sensitive personal communications and data.
Congress passed a mandate in 2021 that will require all new cars sold later in this decade to have a built-in drunk driver detection system. This law, well-intentioned as it may be, is fraught with enormous risks to the privacy of any American who drives a car.
The vague goal this mandate sets out is: If your car thinks you’re overserved, your car won’t start. Or perhaps it will pull over and call the police. It is not clear, exactly, how this technology will work. In any event, this law promises to make every car a patrol car, with you inside it.
Rep. Thomas Massie (R-KY), a long-time defender of civil liberties, is not having it. He is proposing an amendment to the Transportation, Housing and Urban Development (yes, the Washington acronym here is THUD) appropriations bill to safeguard Americans’ constitutional right to privacy by forbidding federal expenditures to implement this ill-conceived mandate. PPSA is proud to support this amendment and we stand together with other supporters, including FreedomWorks and the Due Process Institute.
While aggressive action to curb impaired driving is appropriate, the privacy issues raised by Rep. Massie about the mandate for this “advanced drunk driving and impaired driving prevention technology” are impossible to ignore. They are ultimately of great consequence to the future of our country.
First, consider that this technology will monitor the driving performance of millions of Americans who don’t drink and drive, potentially keeping many of them from operating their vehicles. While many states allow for court-mandated ignition interlock devices for people convicted of DUIs (requiring people under such an order to clear a self-administered breathalyzer test before their cars will start), these state restrictions are far more reasonably tailored than the broader and more intrusive federal mandate. Crucially, they make the necessary distinction between the irresponsible few who are under a court order, and the responsible many who are not. Additionally, the state regulations do not passively monitor drivers’ performance.
What do the responsible many have to lose under the federal mandate? The driver detection mandate could violate your privacy and constitutional rights on a massive scale.
Consider: Absent a breathalyzer, this technology might well – like some commercial delivery operators already do – use a camera and AI to passively monitor your body movements for signs of impairment.
Moreover, would your video data be stored? And if it is stored, would camera data follow you and any passengers in the car – perhaps with a sound recording of anything that you might say to each other? (After all, analyzing voice data could be used by AI to look for the possible slurring of your words.)
And if this video and/or voice data is stored, would these videos then be part of the enormous stream of data that federal agencies – from the IRS, to the FBI, to the DHS – now routinely purchase and access without a warrant? (This brings to mind an old joke: An FBI agent walks into a bar. The bartender says, “I’ve got a joke for you.” The agent replies, “heard it!”)
Video analytics technology, like facial recognition software, is hardly foolproof. Would this yet-to-be-developed device read people with disabilities as being intoxicated? Would perfectly sober people register false positives and not be able to drive?
Rep. Massie’s amendment would provide a much-needed sobriety check on the government’s foolhardy leap into mandating this technology. PPSA strongly urges Congress to pass the Massie amendment and protect the privacy and constitutional rights of millions of Americans.
Your phone, like your dog, knows all about you. But your dog will never tell. Your smartphone does, all day long, producing data that the federal government can buy and access without a warrant.
The same, increasingly, is true of your car. It knows where you go, and for how long. For example, Tesla has internal cameras, and according to Elon Musk biographer, Walter Isaacson, that CEO wanted them to record drivers to defend the company against lawsuits in the event of an accident.
As your car integrates with your smartphone, the automobile becomes just another digital device that tracks your every move. A contemporary car can accumulate 4,000 gigabytes of data every day. Our cars’ entertainment and communications systems track our address books, call logs and what we listen to. Systems made to monitor performance can report our weight, as well as where we’ve driven, and if we’ve driven there alone or with someone else.
But at least your dog in the backseat still won’t rat you out.
This is just one more way digital technology is narrowing the bounds of privacy to, essentially, floatation tanks. The good news is that lawmakers in the Bay State are reacting to defend the privacy of their constituents. Two bills, one introduced in the Massachusetts House and one in the Senate, would limit collected data, set rules for the security of that data, and require it to be purged after it becomes irrelevant. Moreover, data collection would require the consent of the owner.
Jalopnik.com reports that privacy advocates, however, are finding loopholes in the law “wide enough to drive a Nissan through.” Whatever the strength of these bills, Protect The 1st commends Massachusetts lawmakers for thinking around the technological curve while that very technology hurtles us ever faster, ever forward.
As with AI, a sense of urgency for predictive rulemaking is in order. There was a time when talking cars were a staple of science fiction. Now our cars tell us where to go and when to turn – and sometimes won’t shut up. What our cars will do next we may not be able to quite imagine.
Massachusetts has started a debate that needs to go national and in high gear.
An Example of American Techno-Masochism
PPSA works hard to counter growing government surveillance. This generally means surveillance by U.S. federal agencies – such as FISA’s Section 702 authority passed by Congress for foreign surveillance but used to spy on Americans. We also scrutinize expanding surveillance by state and local police, including cell-site simulators that trick your smartphone into giving up your location and other information, and ubiquitous facial recognition software that can follow you around.
But our concerns about government surveillance don’t end with just our government.
We are increasingly concerned about the regular and sometimes pervasive surveillance of Americans by the People’s Republic of China, most recently the potential for Beijing to use TikTok as a way to track 80 million Americans.
Now, thanks to an investigative piece in The Free Press, we’ve learned that China is also looking to surveil Americans through an increasingly common technology in American cars – LIDAR, or Light Detection and Ranging. This is the system that allows self-driving and semiautonomous cars to track the traffic around them. LIDAR is also, The Free Press reports, “a mapping technology, an aid to the growing number of smart cities, a tool for robotics, farming, meteorology, you name it.”
Who is the dominant manufacturer and seller of LIDAR technology in the United States? It is Hesai, a Chinese company that sells nearly one out of every two LIDAR systems globally. In sales, it far outsells all of its American competitors together.
China is relying on an old playbook to dominate the U.S. and world markets in LIDAR. The Free Press reports that Hesai does this by offering a solid product, but one backed by Chinese subsidies to sell at below price. Why would they do that?
An explanation comes from Sen. Ted Budd (R-NC), who fired off a letter earlier this summer to the Assistant Secretary of Defense for Industrial Base Policy.
“[I]t is my understanding that the Chinese LIDAR companies are working with the Chinese Government and the People’s Liberation Army (PLA) to improve this technology and leverage it for Chinese military applications. Simultaneously, these companies have been flooding the U.S. market with low-cost, heavily subsidized Chinese LIDAR, potentially enabling the Chinese to collect a trove of valuable information …
“Moreover, the Chinese Government is using LIDAR sensors to conduct police surveillance in the Xinjiang Uyghur Autonomous Region, where evidence suggests China is engaged in ongoing genocide of the Uyghur people.”
Given that Chinese law enforces a “military-civil fusion” strategy on Chinese businesses, requiring every Chinese organization and citizen to “support, assist, and cooperate with the state intelligence work,” why on earth would we allow that same government to be able to spy on every American in every near-future car?
It is one thing to be forced into the position of the Uyghurs. It is quite something else for the United States to willingly submit to techno-masochism.
The Fourth Amendment of the U.S. Constitution protects Americans against “unreasonable” searches and seizures. But what is unreasonable? Is a low-flying drone taking photos of you and your property behind a privacy fence reasonable?
In October, the Michigan Supreme Court will hear oral arguments in what could well become a landmark privacy case. The outcome may help determine the national limits of drone surveillance – and perhaps influence the limits of government surveillance – for all Americans.
The facts are pretty simple. Todd and Heather Maxon of Long Lake Township in Michigan live on a five-acre estate, where Todd likes to repair old cars.
In 2008, the Township government charged the Maxons with operating an illegal junkyard. The couple and the Township reached a settlement. In 2018, the Township received tips that the Maxons had violated their settlement by bringing more cars onto their property, even though such vehicles were not visible from the street. So the Township hired a private drone operator to fly a high-resolution camera over the Maxon property to take images.
The Maxons sued, claiming that their Fourth Amendment rights were violated. A lower court agreed with the government but was overturned in 2021 by the Michigan Court of Appeals. That court ordered that the drone photos be suppressed.
At the heart of this case is the “reasonable expectation of privacy” articulated by Supreme Court Justice John Marshall Harlan II in Katz v. United States (1967). But technology keeps testing what is a reasonable expectation of privacy. The Supreme Court has zigged and zagged along the way, once upholding a wiretap to be permissible because it occurred at the telephone pole and did not require a physical intrusion into the home.
Katz overturned that standard, invalidating an FBI wiretap of a public payphone, where the caller (a sports bookie) had a reasonable expectation that he would not be overheard. “The Fourth Amendment protects people, not places,” Justice Potter Steward declared in the Court’s majority opinion. But the Court returned somewhat to the physical intrusion standard – invalidating thermal imaging by police from the street that penetrated inside a target’s home in Kyllo v. United States (2001).
The Cato Institute and Rutherford Institute, in an amicus brief, noted the problem with the physical intrusion standard: “At present, police are free to go through people’s garbage, look into their barn with a flashlight, and read through their bank records without going through the hassle of first securing a warrant.” We now live in an age of ubiquitous digital intrusion with government purchases of our private data, as well as optical intrusion from drones and other aerial surveillance.
In other words, the current privacy standard is a jumbled mess. That is why the Maxon case is potentially so important. At its simplest, it will determine if drones – an increasingly ubiquitous reality in American life – will be freely used to spy on Americans in their backyards (as the New York City Police recently did over backyard barbecues during Labor Day).
But we think the Maxon case may prove to be pivotal in defining – perhaps, eventually, by the U.S. Supreme Court – what privacy and reasonableness mean in an era of drones, facial recognition software, and artificial intelligence.
The output of former NSA officials in pushing for a “clean,” or unamended, reauthorization of Section 702 of the Foreign Intelligence Surveillance Act has been prolific. Several such pieces have recently run in the op-ed pages of The Hill newspaper alone.
The latest op-ed, by former senior NSA and Department of Homeland Security officials Jon Darby and Thomas Warrick, is a masterpiece of misdirection.
It begins with the oft-told tale of Secretary of State Henry Stimson in 1929 closing down the “Black Chamber,” a New York City office in which government cryptographers broke the codes of Japanese and other foreign diplomats. “Gentlemen,” Stimson famously said, “do not read each other’s mail.” Stimson reversed his elevated sense of etiquette when he became Secretary of War during World War Two – and the ability to break Japanese codes became central to Allied victory.
The implication here is that civil libertarians today who complain about Section 702 are sniffy idealists who would expose us to great danger. To buttress this point, Darby and Warrick cite several intelligence successes, including the breaking of the plot to bomb New York City’s subway in 2009. With Russia and China turning increasingly hostile, Darby and Warrick say that we need robust means to intercept those who threaten the safety of the American homeland.
To which PPSA and many other civil libertarians say, “hurrah!”
We take issue, however, with the central metaphor of their piece – Henry Stimson’s ending of foreign surveillance. No foreigner enjoys the protections of the Fourth Amendment of the Constitution. When it comes to foreign terrorists and spies, we say surveil away. Our concern arises when the communications of millions of Americans are folded into Section 702 surveillance.
Whenever an American becomes a target of a government investigation, a probable cause warrant is required by the Fourth Amendment of the Constitution to examine their communications. Take the case cited by Darby and Warrick – the planned New York City bombing involving an Afghan-American who was in communication with Al-Qaeda in Pakistan and traveled to meet them. That alone should have been enough to obtain a probable cause warrant to inspect the target’s communications.
Darby and Warrick acknowledge that “for a time, the FBI routinely searched databases with information collected under Section 702’s authority even in non-national security investigations.” Victims of such improper government surveillance included a Member of the U.S. House, a U.S. senator, a state senator, a judge, a local political party, and 19,000 donors to a congressional campaign, among many others. Darby and Warrick assure us that these abuses were “corrected” when “additional safeguards” were put in place.
Despite large reductions in the numbers of Americans who have their data hoovered up, however, more than 200,000 warrantless searches are still taking place every year. As Sen. Mike Lee of Utah notes, the correct number for violations of the Constitution is zero. If Congress misses this rare opportunity to impose a warrant requirement, expect the FBI and other agencies to quickly revert to old ways.
A final point: There is an air of unreality surrounding the debate over the Section 702 database. It is, after all, likely small compared to the database of warrantlessly obtained and inspected personal information of Americans that is commercially acquired by our government.
About a dozen federal agencies, from NSA, to DoD, to IRS, to the FBI, to DHS, purchase our personal data scraped from apps and sold by third-party data brokers. Government lawyers blandly assert they are not violating the constitution’s prohibition against seizing our data. They are, after all, merely buying it.
That strikes most Members of Congress and their constituents as sophistry. Our digital actions – whom we communicate with, where we go, what we search online for – can be our most personal information, revealing our romantic lives, our health issues, our religious beliefs and worship, and our political activities. Yet the government – including the agencies that Darby and Warrick served – routinely ransack what essentially are our personal diaries without a warrant or oversight of any sort.
The coming debate over the reauthorization of Section 702 will be our best opportunity in a generation to curb the government’s appetite for all our information. We should not let this rare chance pass us by.
While many of us were grilling hot dogs and hamburgers, the line between sci-fi dystopia and reality got a little blurrier. The New York City Police Department announced it was using aerial drones to “check in” on parties held across the city over the Labor Day weekend.
The NYPD is making the move, it says, in response to complaints about large and noisy parties during the holiday weekend. At a press conference, Assistant NYPD Commissioner Kaz Daughtry said: “If a caller states there’s a large crowd, a large party in a backyard, we’re going to be utilizing our assets to go up and go check on the party.” The practice of aerial surveillance is escalating. New York police used drones just four times in 2022 but have so far used them 124 times in 2023. Mayor Eric Adams has said he wants to see police further embrace the “endless” potential of drones.
The decision is almost certainly illegal. Daniel Schwarz, a privacy and technology strategist at the New York Civil Liberties Union, says mass drone surveillance may violate the city’s Public Oversight of Surveillance Technology (POST) Act. This is an ordinance passed in 2020 that requires the NYPD to disclose its surveillance tactics.
The proliferation of drones over our backyards, however, may not be unconstitutional. U.S. Supreme Court precedent on the Fourth Amendment has dealt with aerial surveillance before. In the 1988 case Florida v. Riley, the Court held that Florida did not violate a man’s right against unreasonable searches when police, on a tip, flew a helicopter over his property and observed a greenhouse in which the man was growing marijuana. The greenhouse was not visible from the ground and could only be detected aerially.
But nearly 40 years have passed since Florida v. Riley, and in that time police departments across the country have been able to amass and deploy an entire fleet of small, flexible aerial drones. Whereas police might have been constrained by the cost to own and operate a helicopter in the past, today’s police departments can operate a sizable drone fleet at a fraction of the price, enabling a near permanent aerial surveillance force.
Further compounding the problem is the high degree of reciprocity between local law enforcement and the national security center. A Department of Justice response to a PPSA Freedom of Information Act request shows that local governments have received fleets of drones and other surveillance technology from the federal government.
As Washington floods local police forces with hovering spies, it is time for cities and states to update our laws and jurisprudence on aerial surveillance.
PPSA previously commented on a New York Times scoop in April that revealed a contractor for the U.S. government had purchased and used a spy tool from NSO, the Israeli firm that developed and released Pegasus software into the wild – which can turn smartphones into pervasive surveillance tools.
The White House was surprised that its own government did business with NSO a few days after the administration had put that firm on the no-business “Entity List.” NSO was placed on this blacklist because its products, the U.S. Commerce Department declared, “developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.”
Understandably upset, the White House tasked the FBI to sleuth out who in the government might have violated the blacklist and used the software. Mark Mazzetti, Ronen Bergman, and Adam Goldman of The Times report that months later the FBI has come back with a definitive identification of this administration’s scofflaw.
The FBI followed the breadcrumbs and discovered, you guessed it, that it was the FBI.
Fortunately, the FBI did not purchase the “zero-day” spyware Pegasus, but another spy tool called Landmark, which pings the cellphones of suspects to track their movements. The FBI says it used the tool to hunt fugitives in Mexico. It also claims that the middleman, Riva Networks of New Jersey, had misled the FBI about the origins of Landmark. Director Christopher Wray discontinued this contract when it came to light.
Meanwhile, The Times reports that two sources revealed that contrary to the FBI’s assertions, cellphone numbers were targeted in Mexico in 2021, 2022, and into 2023, far longer than the FBI says Landmark was used.
We should not overlook the benefits of such FBI investigations. In fact, PPSA has a tip to offer. We suggest that the FBI track down the government bureau that has been routinely violating the U.S. Constitution by conducting backdoor searches with FISA Section 702 material, as well as warrantlessly surveilling Americans purchased data.
More to follow.
PPSA’s Gene Schaerr Appeals to Congress to Assert Its Authority to Protect Americans’ Privacy and the Fourth Amendment
End the “Game of Surveillance Whack-a-Mole"
Gene Schaerr, PPSA general counsel, in testimony before a House subcommittee on Friday, urged Congress to assert its prerogative to interpret Americans’ privacy and Fourth Amendment rights against the federal government’s lawless surveillance.
Schaerr said the reauthorization of a major surveillance law this year is a priceless opportunity for Congress to enact many long-needed surveillance reforms. There is, Schaerr told the Members of the House Judiciary Subcommittee on Crime and Government Surveillance, no reason for Congress to defer on such a vital, national concern to the judiciary.
Congress also needs to assert its authority with executive branch agencies, he said. For decades, when Congress reforms a surveillance law, federal agencies simply move on to other legal authorities or theories to develop new ways to violate Americans’ privacy in “a game of surveillance whack-a-mole.”
“As the People’s agents, you can stop this game of surveillance whack-a-mole. You can do that by asserting your constitutional authority against an executive branch that, under both parties, is too often overbearing – and against a judicial branch that too often gives the executive an undeserved benefit of the doubt. Please don’t let this once-in-a-generation opportunity slip away.”
Schaerr was joined by other civil liberties experts who described the breadth of surveillance abuse by the federal government.
Liza Goitein of the Brennan Center for Justice at NYU Law School said that FISA’s Section 702 – crafted by Congress to enable foreign surveillance – has instead become a “rich source of warrantless access to Americans’ communications.”
She described a strange loophole in the law that allows our most sensitive and personal information to be sold to the government. The law prevents social media companies from selling Americans’ personal data to the government, but it does not preclude those same companies from selling Americans’ data to third-party data brokers – who in turn sell this personal information to the government.
Federal agencies assert that no warrant is required when they freely delve into such purchased digital communications, location histories, and browsing records. Goitein called this nothing less than the “laundering” of Americans’ personal information by federal agencies looking to get around the law.
“We’re a nation of chumps,” said famed legal scholar and commentator Jonathan Turley of the George Washington University Law School, for accepting “massive violations” of our privacy rights. He dismissed the FBI’s recent boasts that it had reduced the number of improper queries into Americans’ private information, likening that boast to “a bank robber saying we’re hitting smaller banks.”
Many members on both sides of the aisle echoed the concerns raised by Schaerr and other witnesses during the testimony. Commentary from the committee indicates that Congress is receptive to privacy-oriented reforms.
Gene Schaerr cautioned that Congress should pursue such a strategy of inserting strong reforms and guardrails into Section 702, rather than simply allowing this authority to lapse when it expires in December. Drawing on his experience as a White House counsel, Schaerr said the “executive branch loves a vacuum.” Without the statutory limits and reporting requirements of Section 702, the FBI and other government agencies would turn to other programs, such as purchased data and an executive order known as 12333, that operate in the shadows.
Despite this parade of horribles, the hearing had a cheerful moment when it was interrupted by the announcement of a major reform coalition victory. The Davidson-Jacobs Amendment passed the House by a voice vote during a recess in the hearing, an announcement that drew cheers from witnesses and House Members alike. This measure would require agencies within the Department of Defense to get a probable cause warrant, court order, or subpoena to purchase personal information that in other circumstances would require such a warrant.
Schaerr was optimistic that further reforms will come. He said:
“Revulsion at unwarranted government surveillance runs deep in our DNA as a nation; indeed, it was one of the main factors that led to our revolt against British rule and, later, to our Bill of Rights. And today, based on a host of discussions with many civil liberties and other advocacy groups, I’m confident you will find wide support across the ideological spectrum for a broad surveillance reform bill that goes well beyond Section 702.”
Beneath the surface of Russia’s ever-changing autocratic regimes has always been suppressed but vibrant conversations in samizdat, private media in the form of homemade newsletters and clandestine literature. In the era of Putin and the Ukraine war, discussion among dissenters and dissidents is facilitated by end-to-end encrypted technologies such as Signal, Telegram, and WhatsApp. In a recent article in The New York Times, Aaron Krolik, Paul Mozur, and Adam Satariano call attention to Russia’s successful infiltration of these platforms to effectively eliminate dissent.
This trend promises devastating consequences for Russian dissidents and danger for the world.
The Russian government has managed to crack these once-secure channels, leveraging them to map networks of relationships and surveil its citizens. This alarming development is transforming Russia into a full-blown surveillance state like China’s, where private conversations are no longer secure and individuals risk persecution for expressing dissenting views.
Even more concerning is the certainty that new surveillance technologies and techniques will be easily exported to unfriendly countries and illicit groups around the world, much like Israeli-made Pegasus has been. The ability of Pegasus to infiltrate mobile devices and monitor individuals has been employed by various governments and threat actors worldwide, undermining privacy and individual freedoms.
New Russian spyware provides a similar “Swiss-army knife of spying possibilities,” enabling an unprecedented degree of surveillance and intrusion. One program can identify when people make voice calls or send files on encrypted chat apps such as Telegram, Signal, and WhatsApp. The software can map a person’s relationship network by tracking communications with others. Another product can collect passwords entered on unencrypted websites. Another tool can map the locations of two phones over the course of the day to determine whether they met, indicating a potential meeting between people.
Russia is effectively building a surveillance industrial complex, one which it plans to sell around the world. According to the U.S. State Department, one Russian surveillance company, Citadel, already controls between 60 to 80 percent of the global market for telecommunications monitoring technology.
“The spillover effects will be felt first in the surrounding region, then potentially the world,” says Adrian Shahbaz, Vice-President of research and analysis at the pro-democracy advocacy group Freedom House.
In the hands of a much larger and more sophisticated rival, like China, these tools can be a force for global repression. China has already developed the most robust facial recognition surveillance system in the world, which will integrate voiceprints, faceprints, and DNA samples to weave a comprehensive portrait of the individuals who make up its huge population. China can infiltrate cell phones and sweep up location data from many phones in a wide area. It is even developing the ability to observe brainwaves to detect what illegal activities residents might be up to. Technologies such as these are not likely to remain contained just to China or Russia.
Pegasus shows how such technology can be used to menacing effect. Pegasus was deployed against 26 Mexican journalists in 2016 and 2017. At least one was assassinated. Saudi Arabia successfully installed Pegasus on the phone of the wife of murdered dissident Jamal Khashoggi. Pegasus has even been found on the phones of several U.S. policymakers and in the office of the British Prime Minister.
You may not be worried that the Russian government has its eyes on you, but these capabilities will be sold to unfriendly forces around the world. A cartel could use these technologies to target Americans. An unscrupulous corporation could use them to develop an even more intricate and suggestive profile of potential customers. A government, perhaps our own, could use them to counter freedom of speech.
This is all the more reason for Americans to protect personal encryption from U.S. government pressure to provide backdoor access, while urging private sector champions to stay in the race with the tyrants.
PPSA, ACLU Freedom of Information Act Disclosures Reveal Feds Continue to Coach Agencies and Police on Hiding Stingray Use
“Fruit of a Poisonous Tree”
FBI documents acquired through Freedom of Information Act (FOIA) requests by PPSA and the American Civil Liberties Union show how authorities continue to conceal information about how stingray technology is really being used. The downstream effect of this deception likely results in defendants being denied the ability to know how a case was constructed against them, degrading their right to a fair trial.
Dozens of federal and state agencies have benefitted from the generosity of the Department of Justice in sharing with state and local police cell-site simulators, popularly known by the brand name “Stingrays.” These devices trick cellphones into revealing their owners’ locations and other sensitive, personal information.
An email from the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF), released today by PPSA, one ATF official writes to another:
“To remain consistent with our DOJ Partner, in this case, the USMS (U.S. Marshall Service) since they are the largest user of this technology, we respectfully request that this technique not be disclosed in an affidavit.”
ACLU’s FOIA shows the same instructions from the federal government imposed in nondisclosure agreements on police departments when they ask for this technology to track suspects. These contracts don’t beat around the bush. They explicitly require police departments to withhold information about stingrays and their usage from defendants and lawyers. The FBI argues that such secrecy is required to prevent revealing information that would enable criminals to “thwart law enforcement efforts.”
But what’s the big secret? Despite the clandestine nature of this federal/local partnership program, stingray technology and its capabilities have been an open secret for years now. This technology was depicted under another brand name – “triggerfish” –on season three of HBO’s The Wire. That was in 2004. Could the real secret be that police departments are conspiring with the FBI to conceal the use of privacy-invading technology to give prosecutors an unfair, “backdoor” advantage in their cases?
PPSA has often reported the ways in which federal or state agencies routinely circumvent constitutional privacy protections. One well-known method is the parallel construction of evidence, in which prosecutors leverage illicitly gained knowledge to turn up evidence from a source acceptable in court. It is well established legal doctrine that illicit evidence, the “fruit of the poisonous tree,” should not be admissible. But who knows what is poisonous if the tree is hidden?
The acquired federal documents actually spell out how parallel construction should work – advising the police to pursue “additional and independent investigative means and methods” to obtain evidence collected through use of a cell-site simulator.
The suggestions on how to accomplish such secrecy were redacted by the FBI. The Bureau argues that revealing information about stingrays would have a “significant detrimental impact on the national security of the United States.” The revelation of even minor details is so heavily restricted that police have dropped charges against a suspect rather than unveil information in open court.
“The important question posed by privacy advocates is why are police departments and the FBI going to such lengths to conceal information about a technology that is public knowledge?” asked Bob Goodlatte, former chairman of the House Judiciary Committee and PPSA Senior Policy Advisor. “The capabilities of stingrays are well-known, with knowledge of their deployment on popular television almost twenty years ago.
“Yet the government still insists that the basics of stingray use is a precious national secret,” Goodlatte said. “Congress should demand to know if there is any basis at all for these non-disclosure agreements – and how common parallel construction really is in practice.”
Credit to the Department of Justice for a voluminous response to our Freedom of Information Act (FOIA) request. Our request concerned the use of stingrays, or cell-site simulators, by that department and its agencies. Out of more than 1,000 pages in DOJ’s response, we’ve found a few gems. Perhaps you can find your own.
Review our digest of this document here, and the source document here.
The original FOIA request concerned DOJ policies on cell-site simulators, commonly known by the commercial brand name “stingrays.” These devices mimic cell towers to extract location and other highly personal information from your smartphone.
The DOJ FOIA response shows that the FBI in 2021 invested $16.1 million in these cell-site simulators (p. 209) in part to ensure they “are capable of operating against evolving wireless communications.” The bureau also asked for $13 million for “communications intercept resources.” This includes support for the Sensitive Investigations Unit’s work in El Salvador (p. 111).
On the policy side, we’ve reported that some federal agencies, such as the Bureau of Alcohol, Tobacco, Firearms and Explosives, maintain that stingrays are not GPS location identifiers for people with cellphones. This is technically true. Stingrays do not download location data or function as GPS locators. But this is too clever by half. Included in this release is an Obama-era statement by former Department of Justice official Sally Yates that undermines this federal claim by stating: “Law enforcement agents can use cell-site simulators to help locate cellular devices whose unique identifiers are known …” (p. 17)
This release gives an idea of how versatile stingrays have become. The U.S. Marshals Service (p. 977) reveals that it operates cell-site simulators and passive wireless collection sensors to specifically locate devices inside multi-dwelling buildings.
Other details sprinkled throughout this release concern other, more exotic forms of domestic surveillance.
For example, the U.S. Marshals Service Service has access to seven aircraft located around the country armed with “a unique combination of USMS ELSUR suite, high resolution video surveillance capability … proven to be the most successful law enforcement package” (p.881-883).
A surveillance software, “Dark HunTor,” exposes user data from Tor, the browser meant to make searches anonymous, as well as from dark web searches for information. (p. 105) In addition, the U.S. Marshals Service Service “has created the Open-Source Intelligence Unit (OSINT) to proactively review and research social media content. OSINT identifies threats and situations of concern that may be currently undetected through traditional investigative methods. Analyzing public discourse on social media, its spread (‘likes,’ comments, and shares), and the target audience, the USMS can effectively manage its resources appropriate to the identified threats.” (p. 931)
The DOJ release also includes details on biometric devices, from facial recognition software to other biometric identifiers, (p.353), as well as more than $10 million for “DNA Capability Expansion” (p.365).
Is that all? Feel free to look for yourself.
Targeted Journalists, Political Opponents, NGO Around the World
Now another Israeli company joins the NSO Group for its flagrant disregard for human rights, democracy, and digital privacy in the name of profit.
QuaDream has been identified by The Citizen Lab at the Monk School of Global Affairs and Public Policy as the developer of a new spyware, Reign. Like the more notorious Pegasus, Reign infiltrates phones without requiring the target to click on a malicious link or to even take any action at all.
Citizen Lab found that Reign can:
And when the job is complete, Reign self-destructs, removing most of the evidence that it was at ever at work in the victim’s phone.
For decades, iPhone users enjoyed superior security. Reign took a big bite out of Apple’s vaunted security features. It infected some victims’ phones by sending them an iCloud invitation, following up on previous invitations, which makes the fake resend invisible to the user. Meanwhile, Google has issued some software patches to address vulnerabilities with its Android smartphone.
Microsoft, which partnered with Citizen Lab, reported that the technology has been used to surveil journalists, political opposition figures, and an NGO in countries ranging from the Middle East to Central Europe and Latin America.
We have seen time and again that commercially developed spyware finds its most lucrative market in sales to repressive governments and the world’s most dangerous criminal enterprises. While the Israeli government seems alert now to the threat posed by the commercial spyware sector, other actors around the world are surely poised to pick up the slack. The arms race between Apple, Google, and Samsung against spyware developers will continue apace. In the meantime, as former Vice President Nelson Rockefeller said: “If you don’t want it known, don’t say it over the phone.”
Or anywhere within twenty feet of your smartphone.
The New York Times broke the story that a front company in New Jersey signed a secret contract with the U.S. government in November 2021 to help it gain access to the powerful surveillance tools of Israel’s NSO Group.
PPSA previously reported that the FBI had acquired NSO’s signature technology, Pegasus, which can infiltrate a smartphone, strip all its data, and transform it into a 24/7 surveillance device. Mark Mazzetti and Ronen Bergman of The Times now report that the FBI in recent years had performed tests on defenses against Pegasus and “to test Pegasus for possible deployment in the bureau’s own operations inside the United States.” An FBI spokesperson told these journalists the FBI’s version of the software is now inactive.
The secret contract also grants the U.S. government access to NSO’s powerful geolocation tool called Landmark. Mazzetti and Ronen report that such NSO technology has been used thousands of time against targets in Mexico – and that Mexico is named as a venue for the use of NSO technology. Two sources told the journalists that the “contract also allows for Landmark to be used against mobile numbers in the United States, although there is no evidence that has happened.”
This story is catching the Biden Administration flat-footed, which had declared this technology a national security threat while placing NSO on a Commerce Department blacklist. In light of these new revelations, Members of Congress should ask the Directors of National Intelligence, the CIA, FBI, and DEA:
This breaking story will likely force the Biden White House to promulgate new rules limiting the use of NSO technology by federal law enforcement and intelligence agencies. As it does, Congress should be involved every step of the way.
This technology is frightening because NSO tools can be installed remotely on smartphones with the most updated security software, and without the user succumbing to phishing or any other obvious form of attack. The need for a detailed policy limiting the use of these tools is urgent. NSO technology is to ordinary surveillance what nuclear weapons are to conventional weapons. Because nuclear weapons are hard to make, Washington, D.C. had time to plan and enact a global non-proliferation regime that delayed their proliferation. In the case of Pegasus and Landmark, however, this technology easily proliferated in the wild before Washington was even fully aware of its existence.
Pegasus has been used by drug cartels to track down and murder journalists. It has been used by an African government to listen in on conversations between the daughter of a kidnapped man and the U.S. State Department. It was famously used to plan the murder of Adnan Khashoggi. Does anyone doubt that Russian and Chinese intelligence have secured their own copies? Now Washington is both racing to catch up with foreign adversaries and limit the use of this technology at the same time.
NSO, through its amoral proliferation of dangerous technology, has made the world a riskier place. As federal agencies seek to get their hands on this technology, Congress should paint a bright red line – DO NOT USE DOMESTICALLY, EVER.
Our government can operate in grey areas of the law because agencies have become adept at exploiting every loophole, exception, or tiny bit of leeway in a statute. PPSA announces today the submission of two Freedom of Information Act requests to the Department of Justice to shed light on practices in two such areas of concern – surveillance of cellphone data by devices that imitate cell towers, and the role of privacy experts in a secret court.
The first FOIA request concerns cell-site simulators that law enforcement agencies use to mimic cell towers, allowing them to snatch location data and other information from the cellphones of people at a given location. These devices, commonly known as “stingrays,” are used to track people by pinging their phones. This digital intrusion is at odds with the spirit of the Supreme Court opinion in Carpenter v. United States, where the Court in 2018 rejected unlimited government access to cellphone location data.
But the high Court did not specifically ban cell-site simulators. So, with this tiny distinction, stingrays are still commonly used by 14 federal agencies and police in cities around the country. In 2015, the Department of Justice did produce a memo requiring a warrant for some uses of this technology. That memo, however, allows federal agencies free use of this technology in “exigent” circumstances.
How dire does a circumstance have to be to be “exigent”? Virtually everyone agrees that if a child is thrown into a stranger’s car, or a terrorist is known to be planting a bomb, law enforcement should be able to get their hands on stingray data in an instant. But given the slipperiness with which the government defines legal terms, what are the actual circumstances in which stingrays have been used?
In this way, PPSA is seeking to discover if federal agencies are playing fair with the “exigent” exception.
PPSA’s second FOIA request concerns the use – or rather, the non-use – of amicus advisors by the FISC. A little history is in order. When Judge James E. Boasberg of the secret court heard requests from the FBI for permission to surveil presidential campaign aide Carter Page, the judge could have sought advice from a privacy lawyer with high-security clearance. Such an amicus could have helped guide the judge through the competing issues in a case fraught with civil liberty concerns, not the least of which were the First Amendment rights of 137.5 million voters.
Judge Boasberg demurred. It appears he did not seek an amicus and missed spotting a circus of misdirection and shocking omissions in the FBI’s requests, including submission by an FBI lawyer of a forged document.
It is with this in mind that we supported the Leahy-Lee measure in the previous Congress that would bring checks and balances into FISC proceedings. This legislation would bring to the one-sided nature of FISC hearings a privacy-oriented advocate to independently verify the FISA application’s material assertions whenever a case touches on the civil rights of sensitive cases involving political campaigns, federal officials, the practice of journalism, religious minorities, or other sensitive areas.
Since this is not the law, PPSA filed this FOIA request.
We would prefer not to have to pull out a legal microscope. But given the disingenuous way our government finds exceptions for lawless acts, we feel they have given us no choice.
PPSA will report on any responses.
In “A Scanner Darkly,” a 2006 film based on a Philip K. Dick novel, Keanu Reeves plays a government undercover agent who must wear a “scramble suit” – a cloak that constantly alters his appearance and voice to avoid having his cover blown by ubiquitous facial recognition surveillance.
At the time, the phrase “ubiquitous facial recognition surveillance” was still science fiction.
Such surveillance now exists throughout much of the world, from Moscow, to London, to Beijing. Scramble suits do not yet exist, and sunglasses and masks won’t defeat facial recognition software (although “universal perturbation” masks sold on the internet purport to defeat facial tracking).
Now that companies like Clearview AI have reduced human faces to the equivalent of personal ID cards, the proliferation of cameras linked to robust facial recognition software has become a privacy nightmare. A year ago, PPSA reported on a technology industry presentation that showed how stationary cameras could follow a man, track his movements, locate people he knows, and compare all that to other data to map his social networks. Facial recognition doesn’t just show where you went and what you did: it can be a form of “social network analysis,” mapping networks of people associated by friendship, work, romance, politics, and ideology.
Nowhere is this capability more robust than in the People’s Republic of China, where the surveillance state has reached a level of sophistication worthy of the overused sobriquet “Orwellian.” A comprehensive net of data from a person’s devices, posts, searches, movements, and contacts tells the government of China all it needs to know about any one of 1.3 billion individuals.
That is why so many civil libertarians are alarmed by the responses to an ACLU Freedom of Information (FOIA) lawsuit. The Washington Post reports that government documents released in response to that FOIA lawsuit show that “FBI and Defense Department officials worked with academic researchers to refine artificial-intelligence techniques that could help in the identification or tracking of Americans without their awareness or consent.”
The Intelligence Advanced Research Projects agency, a research arm of the intelligence community, aimed in 2019 to increase the power of facial recognition, “scaling to support millions of subjects.” Included in this is the ability to identify faces from oblique angles, even from a half-mile away.
The Washington Post reports that dozens of volunteers were monitored within simulated real-world scenarios – a subway station, a hospital, a school, and an outdoor market. The faces and identities of the volunteers were captured in thousands of surveillance videos and images, some of them captured by drone. The result is an improved facial recognition search tool called Horus, which has since been offered to at least six federal agencies. An audit by the Government Accountability Office found in 2021 that 20 federal agencies, including the U.S. Post Office and the Fish and Wildlife Service, use some form of facial recognition technology.
In short, our government is aggressively researching facial recognition tools that are already used by the Russian and Chinese governments to conduct the mass surveillance of their peoples.
Nathan Wessler, deputy director of the ACLU, said that the regular use of this form of mass surveillance in ordinary scenarios would be a “nightmare scenario” that “could give the government the ability to pervasively track as many people as they want for as long as they want.”
As we’ve said before, one does not have to infer a malevolent intention by the government to worry about its actions. Many agency officials are desperate to catch bad guys and keep us safe. But they are nevertheless assembling, piece-by-piece, the elements of a comprehensive surveillance state.
PPSA recently reported that the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF), in a response to our Freedom of Information Act (FOIA) request, downplayed its use of stingrays, as cell-site simulators are commonly called. Yet one agency document revealed that stingrays are “used on almost a daily basis in the field.”
This was a critical insight into real-world practice. These cell-site simulators impersonate cell towers to track mobile device users. Stingray technology allows government agencies to collect huge volumes of personal information from many cellphones within a geofenced area.
We now have more to report with newly-released documents that, as before, include material for internal training of ATF agents. One of the most interesting findings is not what we can see, but what we can’t see – the parts of documents ATF takes pains to hide. The black ink covers a slide about the parts of the U.S. radio spectrum. Since this is a response to a FOIA request about stingrays, it is likely that the spectrum discussed concerns the frequencies telecom providers use for their cell towers. What appears to be a quotidian training course for agents on electronic communications has the title of the course redacted.
If that is so, was there something revealing about the course title that we are not allowed to see? Could it be “Stingrays for Dummies?”
The redactions also completely cover eleven pages about pre-mission planning. Do these pages reveal how ATF manages its legal obligations before using stingrays?
This course presentation ends somewhat tastelessly, a slide with a picture of a compromised cell-tower disguised as a palm tree.
In the release of another tranche of ATF documents, forty-five pages are blacked out. It appears from the preceding email chain that these pages included subpoenas for a warrant executed with the New York Police Department. The document assigns any one of a pool of agents to “swear out” a premade affidavit to support the subpoena.
The ATF reveals it uses stingrays on aircraft, which requires a high level of administrative approval. It seems, however, from an ATF PowerPoint presentation that this is a policy change, which suggests that prior approvals were lax. Was this a reaction to the 2015 Department of Justice’s policy on cell-site simulators? If aerial surveillance now requires a search warrant, what was previously required – and how was such surveillance used? Was it used against whole groups of protestors?
Finally, the documents reveal that the ATF has had cell-site simulators in use in field divisions in major cities, including Chicago, Denver, Detroit, Houston, Kansas City, Los Angeles, Phoenix, and Tampa, as well as other cities.
PPSA will report more on ATF’s ongoing document dumps as they come in.
By The Way... Here's How ATF Glosses Over Its Location Tracking
The training manual of the Bureau of Alcohol, Tobacco, Firearms and Explosives states that cell-site simulators “do not function as a GPS locator, as they do not obtain or download any location information from the device or its applications.” This claim is disingenuous. It is true that exact latitude and longitude data are not taken. But by tricking a target’s phone into connecting and sending strength of signal data to a cell tower, the cell-site simulator allows the ATF to locate the cellphone user to within a very small area. If a target uses multiple cell-site simulators, agents can deduce his or her movements throughout the day.
Below is an example from a Drug Enforcement Agency document that shows how this technology can be used to locate a target (seen within the black cone) in a small area.
The Privacy and Civil Liberties Oversight Board (PCLOB) has posted a rich discussion among its board members, civil libertarians, and representatives of the intelligence community.
General Paul Nakasone, who heads the U.S. Cyber Command, gave the group a keynote address that is a likely harbinger of how the intelligence community will approach Congress when it seeks reauthorization of Section 702, an amendment to the Foreign Intelligence Surveillance Act that authorizes the government to surveil foreigners, with a specific prohibition against the targeting of Americans, but also allows “incidental” surveillance of Americans.
Gen. Nakasone detailed cases in which would-be subway bombers and ISIS planners were disrupted because of skillful use of 702 surveillance. Mike Harrington of the FBI doubled down with a description of thwarted attacks and looming threats. April Doss, general counsel of the National Security Agency, emphasized how each request from an analyst for surveillance must be reviewed by two supervisors.
Civil liberties scholar Julian Sanchez reached back to the formation of the U.S. Constitution to compare today’s use of Section 702 authority to the thinking behind the Fourth Amendment. He asked if a program that mixes the private data of Americans with surveilled foreigners could possibly clear the Founders’ objection to general warrants. (31:50)
Jeramie Scott (40:25) of the Electronic Privacy Information Center, who argued for greater transparency in 702 collection, questioned whether “about” collection truly ended with downstream collection (i.e., information taken directly from Google, Facebook, and other social media companies). The NSA declared in 2017 it had ended the practice of such “about” collection, which moves beyond an intelligence target to email chains and people mentioned in a thread. Could such collection still be occurring in downstream surveillance?
Travis LeBlanc, a board member who had previously criticized a milquetoast report from PCLOB for a lack of analysis of key programs, seemed liberated by the board’s new chair, Sharon Bradford Franklin. (Chair Franklin also brings a critical eye of surveillance programs, reflecting her views at the Center for Democracy and Technology.) LeBlanc asked Julian Sanchez if the Constitution requires warrants when an individual’s data is searched under Section 702. Sanchez said that delegating such an authority under the honor system has led to FBI’s behaving as if compliance were a game of “whack-a-mole.” (57:15)
Cindy Cohn of the Electronic Frontier Foundation suggested PCLOB examine Section 702’s tendency to be subject to “mission creep,” such as the recent practice of using Section 702 to justify surveillance for “strategic competition” as well as the statutory purpose of anti-terrorism. Cohn said she was not aware of any defendant in a criminal trial ever getting access to Section 702 evidence. (128:45)
“I think we have to be honest at this point that the U.S. has de facto created a national security exception to the U.S. Constitution.”
A revealing insight came from Jeff Kosseth, cybersecurity professor at the U.S. Naval Academy. He pointed to a paper he wrote with colleague Chris Inglis that concluded that Section 702 is “constitutional” and “absolutely essential for national security.” (See 143:40) That opinion, Kosseth added, is something he has “reconsidered” over “deep concern about the FBI’s access” to 702 data, especially concerning U.S. persons.
“At a certain point, we must stop giving the nation’s largest law enforcement agency every benefit of the doubt. The FBI cannot play fast and loose with Americans’ most private information. This has to stop now. And if the FBI cannot stop itself, the Congress has to step in.”
Congress needs to “step in” regardless: surveillance of Americans should never occur without express authority in a statute passed by the people’s representatives.
Is the Bureau of Alcohol, Tobacco, Firearms and Explosives Using Stingrays to Illegally Track Americans?
In response to a Freedom of Information Act request filed by PPSA, the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) responded with a batch of documents, including internal training material. In those documents, the ATF confirmed that it uses cell site simulators, commonly known as “stingrays,” to track Americans.
Stingrays impersonate cell towers to track mobile device users. These devices give the government the ability to conduct sweeping dragnets of the metadata, location, text messages, and other data stored by the cell phones of people within a geofenced area. Through stingrays, the government can obtain a disturbing amount of information.
The ATF has gone to great lengths to obfuscate their usage of stingrays, despite one official document claiming stingrays are “used on almost a daily basis in the field.”
The ATF stressed that stingrays are not precise location trackers like GPS, despite the plethora of information stingrays can still provide. Answers to questions from the Senate Appropriations Committee about the ATF’s usage of stingrays and license plate reader technology are entirely blacked out in the ATF documents we received. An ATF policy conceals the use of these devices from their targets, even when relevant to their legal defense. Example: When an ATF agent interviewed by a defense attorney revealed the use of the equipment, a large group email was sent out saying: "This was obviously a mistake and is being handled."
The information released by the ATF confirms the agency is indeed utilizing stingray technology. Although the agency attempted to minimize usage the usage of stingrays, it is clear they are being widely used against Americans.
PPSA will continue to track stingray usage and report forthcoming responses to pending Freedom of Information Act requests with federal agencies.
In Christopher Nolan’s magnificent movie The Dark Knight, Bruce Wayne presents his chief scientist, Lucius Fox, with a sonar technology that transforms millions of cellphones into microphones and cameras. Fox surveys a bank of screens showing the private actions of people around the city.
The character, played by Morgan Freeman, takes it all in and then declares the surveillance to be “beautiful, unethical, dangerous … This is wrong.”
What was fiction in 2008 became reality a few years later with Pegasus: zero-click spyware that allows hackers to infiltrate cellphones and turn them into comprehensive spying devices, no sonar needed. A victim need not succumb to phishing. Possessing a cellphone is enough for the victim to be tracked and recorded by sound and video, as well as to expose the victim’s location history, texts, emails, images, and other communications.
This spyware created by the Israeli NSO Group might have originally been developed, as most of these surveillance technologies are, to catch terrorists. It has since been used by various dictatorships and cartels to hunt down dissidents, activists, and journalists, sometimes marking them for death – as it did in the cases of Jamal Khashoggi and Mexican journalist Cecilio Pineda Birto.
PPSA reported earlier this year that the FBI had purchased a license for Pegasus but has been keeping it locked away in a secure office in New Jersey. FBI Director Christopher Wray has assured Congress that the FBI was keeping the technology for research purposes. Now, Mark Mazzetti and Ronen Bergman of The New York Times have updated their deep dive into FBI documents and court records about Pegasus produced by a Freedom of Information Act request.
PPSA waded through these now-declassified documents, half of each page blanked out by censors. What we could see was alarming.
One document, dated Dec. 4, 2018, pledged that the U.S. government would not sell, deliver, or transfer Pegasus without written approval from the Israeli government. The letter certified that “the sole purpose of end use is for the collection of data from mobile devices for the prevention and investigation of crimes and terrorism, in compliance with privacy and national security laws.”
Since many in the national security arena and their allies assert that executive order EO 12333 gives intelligence agencies unlimited authority, the restraining influence of privacy and national security laws is questionable. And true to form, the FBI documents show that the agency did, in fact, give serious consideration to using Pegasus for U.S. criminal cases.
Why the turnaround? It was at time that a critical mass of Pegasus stories – with no lack of murders, imprisonments, and political scandals – emerged in the world press. That is surely why the FBI left this hot potato in the microwave. One wonders, however, what to make of the attempt of a U.S. military contractor, L3Harris, to purchase NSO earlier this year? If the FBI was out of the picture, was this aborted acquisition an effort by the CIA to lock down NSO and its spyware menagerie? And if the CIA has found some other route to possess this technology – and to be frank, they’d be guilty of malfeasance if they didn’t – is the agency staying within its no-domestic-spying guardrails in deploying this invasive technology? Recent revelations of bulk surveillance by the CIA does not inspire confidence.
Nor can we discount what the FBI might do in the future. Despite the FBI’s decision to avoid using the technology, Mazzetti and Bergman report that an FBI legal brief filed in October stated: “Just because the FBI ultimately decided not to deploy the tool in support of criminal investigations does not mean it would not test, evaluate and potentially deploy other similar tools for gaining access to encrypted communications used by criminals.”
No doubt, targeted use of such technologies would catch many fentanyl dealers, human traffickers, and spies. But as Lucius Fox asks, “at what cost?”