Cops to Congress: We need logs of Americans' text messages
State and local law enforcement groups want wireless providers to store detailed information about your SMS messages for at least two years -- in case they're needed for future criminal investigations.
AT&T, Verizon Wireless, Sprint, and other wireless providers would be required to record and store information about Americans' private text messages for at least two years, according to a proposal that police have submitted to the U.S. Congress.
CNET has learned a constellation of law enforcement groups has asked the U.S. Senate to require that wireless companies retain that information, warning that the lack of a current federal requirement "can hinder law enforcement investigations."
They want an SMS retention requirement to be "considered" during congressional discussions over updating a 1986 privacy law for the cloud computing era -- a move that could complicate debate over the measure and erode support for it among civil libertarians.
As the popularity of text messages has exploded in recent years, so has their use in criminal investigations and civil lawsuits. They have been introduced as evidence in armed robbery, cocaine distribution, and wire fraud prosecutions. In one 2009 case in Michigan, wireless provider SkyTel turned over the contents of 626,638 SMS messages, a figure described by a federal judge as "staggering."
Chuck DeWitt, a spokesman for the Major Cities Chiefs Police Association, which represents the 63 largest U.S. police forces including New York City, Los Angeles, Miami, and Chicago, said "all such records should be retained for two years." Some providers, like Verizon, retain the contents of SMS messages for a brief period of time, while others like T-Mobile do not store them at all.
Along with the police association, other law enforcement groups making the request to the Senate include the National District Attorneys' Association, the National Sheriffs' Association, and the Association of State Criminal Investigative Agencies, DeWitt said.
Excerpts from court opinion in Rhode Island murder case
"Sgt. Gates sent a letter to T-Mobile in advance of obtaining the warrant for the T-Mobile phone records to ask the service provider to preserve the information that he expected to request by the warrant. T-Mobile produced the requested information on October 20, 2009, and the records show that Defendant's use of the T-Mobile cell phone was almost exclusively for text messaging. The results also reveal that T-Mobile does not store, and has no capacity to produce, the content of subscriber text messages.
"Unlike T-Mobile, Verizon was able to produce records with text messaging content in them. The content of the LG cell phone matches the photographs taken on October 4, 2009 by Det. Cushman, including a text message which reads, 'Wat if I got 2 take him 2 da hospital wat do I say and dos marks on his neck omg,' which is the message that Sgt. Kite testified to having seen that morning.
"Sprint/Nextel responded on October 13, 2009. It produced two preserved text messages, both of which were unrelated to this case, and no voice mail messages."
"This issue is not addressed in the current proposal before the committee and yet it will become even more important in the future," the groups warn.
That's a reference to the Senate Judiciary committee, which approved sweeping amendments to the Electronic Communications Privacy Act last week. Unlike earlier drafts, the latest one veers in a very privacy-protective direction by requiring police to obtain a warrant to read the contents of e-mail messages; the SMS push by law enforcement appears to be a way to make sure it includes one of their priorities too.
It wasn't immediately clear whether the law enforcement proposal is to store the contents of SMS messages, or only the metadata such as the sender and receiver phone numbers associated with the messages. Either way, it's a heap of data: Forrester Research reports that more than 2 trillion SMS messages were sent in the U.S. last year, over 6 billion SMS messages a day.
The current policies of wireless providers have been highlighted in some recent cases. During a criminal prosecution of a man for suspected murder of a 6-year old boy, for example, police in Cranston, R.I., tried to obtain copies of a customer's text messages from T-Mobile and Verizon. Superior Court Judge Judith Savage said that, although she was "not unfamiliar with cell phones and text messaging," she "was stunned" to learn that providers had such different policies.
While the SMS retention proposal opens a new front in Capitol Hill politicking over surveillance, the principle of mandatory data retention is hardly new. The Justice Department has publicly called for new laws requiring Internet service providers to record data about their customers, and a House of Representatives panel approved such a requirement last summer.
"We would oppose any mandatory data retention mandate as part of ECPA reform," says Christopher Calabrese, legislative counsel for the American Civil Liberties Union. That proposal is "a different kettle of fish -- it doesn't belong in this discussion," he says.
An internal Justice Department document (PDF) that the ACLU obtained through the Freedom of Information Act shows that, as of 2010, AT&T, T-Mobile, and Sprint did not store the contents of text messages. Verizon did for up to five days, a change from its earlier no-logs-at-all position, and Virgin Mobile kept them for 90 days. The carriers generally kept metadata such as the phone numbers associated with the text for 90 days to 18 months; AT&T was an outlier, keeping it for as long as seven years, according to the chart.
A review of court cases by CNET suggests that Justice Department document is out of date. While Sprint is listed as as not storing text message contents, the judge in Rhode Island noted that the company turned over "preserved text messages." And in an unrelated Connecticut case last year, a state judge noted that Sprint provided law enforcement with "text messages involving the phone numbers."
An e-mail message from a detective in the Baltimore County Police Department, leaked by Antisec and reproduced in a Wired article last year, says that Verizon keeps "text message content on their servers for 3-5 days." And: "Sprint stores their text message content going back 12 days and Nextel content for 7 days. AT&T/Cingular do not preserve content at all. Us Cellular: 3-5 days Boost Mobile LLC: 7 days"
Sprint and Verizon referred calls last week to CTIA - The Wireless Association, which declined to comment. So did the Justice Department. T-Mobile and AT&T representatives did not respond to a request for comment.
Katie Frey, a spokeswoman for U.S. Cellular, said:
Due to the volume of text messages sent by our customers every day, text messages are stored in our systems for approximately three to five days. The content of text messages can only be disclosed subject to a lawful request. We comply with every lawful request from authorities.
We have a dedicated team of associates who are available 24 hours a day, every day of the year, to handle requests for information in emergency situations. Law enforcement must be able to show that it's an emergency and complete an Exigent Circumstance Form prior to receiving data. If a situation is not an emergency, law enforcement must submit a lawful request to receive the data.
Over the past five years, U.S. Cellular has received more than 103,000 requests in the form of subpoenas, court orders, search warrants and letters regarding customers' phone accounts and usage.
Hanni Fakhoury, a staff attorney at the Electronic Frontier Foundation, said he would be skeptical of the need for a law mandating that text messaging data be retained.
"These data retention policies serve one purpose: to require companies to keep databases on their customers so law enforcement can fish for evidence," he said. "And this would seem to be done against the wishes of the providers, presumably, since...some of the providers don't keep SMS messages at all."
http://news.cnet.com/8301-13578_3-57556704-38/cops-to-congress-we-need-logs-of-americans-text-messages/
The Federal Bureau of Entrapment.
The FBI identified Wright as the leader of the months-long plot that aimed to strike a blow to corporate America.
But that effort would never come to pass. Wright was unwittingly chatting up an FBI informant for months leading up to the day he tried to set off what he thought were explosives.
Instead, it was fake C4 provided by the FBI, part of a sting operation that led to his arrest.
Once again, the FBI has shoved us into traffic and then yanked us back onto the sidewalk, yelling "I just saved your life!" Not that that comes across as majorly dysfunctional or anything...
http://booksbikesboomsticks.blogspot.com/2012/12/the-federal-bureau-of-entrapment.html
Quoted from this article http://www.indystar.com/article/20121202/NEWS02/212020359/From-Indy-drifter-terrorism-ringleader-plans-blow-up-Ohio-bridge?odyssey=tab%7Ctopnews%7Ctext%7CIndyStar.com&gcheck=1&nclick_check=1
As SaysUncle said "i hope so"
The TSA as we know it is dead - here's why
If you don't believe the TSA is doomed after watching yesterday's House Aviation Subcommittee hearing, then you'll have to at least agree that the agency as we know can't continue to exist as it does.For starters, TSA Administrator John Pistole refused to testify before the committee on the innocuous subject of "common sense" improvements to America's airport security, reportedly because the committee has no jurisdiction over his agency. (That's odd - I always thought Congress funded the federal government, but maybe I wasn't paying attention during government class.)
One by one, panelists took turns excoriating the agency charged with protecting America's transportation systems. It was plainly clear why Pistole was a no-show, and it had nothing to do with jurisdiction; it would have been an openly hostile crowd.
Charles Edwards, the Department of Homeland Security's acting inspector general, described the TSA as bureaucratic and dysfunctional. Stephen Lord of the Government Accountability Office, suggested the agency was ignoring the thousands of complaints from air travelers. And Kenneth Dunlap, who represented the International Air Transport Association, criticized the current TSA as expensive, inconsistent, and reactive.
"As this mushrooming agency has spun out of control," the committee chairman, John Mica, concluded, "passengers have not been well served."
The congressmen present in the hearing agreed with many of the criticisms, but it's the solutions that would have sent Pistole running for the exits. On the conservative end, critics recommended aggressively reforming the TSA to create a smaller, more responsive agency that fulfills its mission of protecting and serving air travelers.
But some went much further. Charlie Leocha of the Consumer Travel Alliance, who represented the interests of air travelers on the committee, said the TSA should not just be downsized, but also limited to protecting only air travel (something it currently isn't).
In his testimony, he described a future TSA that more closely resembled the pre-9/11 security system, which used magnetometers (metal detectors) as its primary screening method, had employees that dressed in non-threatening uniforms, and banned only the most dangerous weapons, such as guns and explosives, from aircraft.
The real security work would take place behind the scenes, prescreening every passenger with the help of technology and through coordination between intelligence agencies, law enforcement, and airlines.
"The mass screening of passengers would be replaced for the great majority of passengers
with a Trusted Traveler program that seamlessly checks passengers before they fly, while at the same time being respectful of their privacy," says Leocha. “Every passenger is already prescreened for every flight.”
Such an agency would be called the TSA in name only. In fact, it would be better named the Airport Security Administration, although that acronym might be problematic.
With a powerful congressional committee like this lining up behind sweeping TSA reform, it is not a question of if, but when Congress -- which by the way, does sign the TSA's checks -- acts to dismantle this $8-billion-a-year security boondoggle.
I'm not just saying that because I'm CTA's ombudsman and helped devise some of these solutions. Anyone who doesn't believe the current TSA is a federal disaster area with an impossibly sprawling mandate isn't in touch with reality.
The TSA as it exists can't die soon enough.
Note: For those of you looking for a response to some of last week's comments on the TSA opt-out story, I have included them here. I read every comment posted here and although I can't respond to every one, I do my best to address them. Thank you for taking the time to share your thoughts.
http://www.linkedin.com/today/post/article/20121130115318-332179-the-tsa-as-we-know-it-is-dead-here-s-why?ref=email
No comments:
Post a Comment