A blogger has released audio of Sprint's Electronic Surveillance Manager describing the carrier's cooperation with law enforcement. Among the revelations are that Sprint has so far filled over 8 million requests from LEOs for customer GPS data.


Christopher Soghoian, a graduate student at Indiana University's School of Informatics and Computing, has made public an audio recording of Sprint/Nextel's Electronic Surveillance Manager describing how his company has provided GPS location data about its wireless customers to law enforcement over 8 million times. That's potentially millions of Sprint/Nextel customers who not only were probably unaware that their wireless provider even had an Electronic Surveillance Department, but who certainly did not know that law enforcement offers could log into a special Sprint Web portal and, without ever having to demonstrate probable cause to a judge, gain access to geolocation logs detailing where they've been and where they are.

Through a mix of documents unearthed by Freedom of Information Act requests and the aforementioned recording, Soghoian describes how "the government routinely obtains customer records from ISPs detailing the telephone numbers dialed, text messages, emails and instant messages sent, web pages browsed, the queries submitted to search engines, and geolocation data, detailing exactly where an individual was located at a particular date and time."

The fact that federal, state, and local law enforcement can obtain communications "metadata"—URLs of sites visited, e-mail message headers, numbers dialed, GPS locations, etc.—without any real oversight or reporting requirements should be shocking, but it isn't. The courts ruled in 2005 that law enforcement doesn't need to show probable cause to obtain your physical location via the cell phone grid. All of the aforementioned metadata can be accessed with an easy-to-obtain pen register/trap & trace order. But given the volume of requests, it's hard to imagine that the courts are involved in all of these.

Soghoian's lengthy post makes at least two important points, the first of which is that there are no reliable statistics on the real volume and scope of government surveillance because such numbers are either not published (sometimes in violation of the legally mandated reporting requirements) or they contain huge gaps. The second point is that the lack of reporting makes it difficult to determine just how involved the courts actually are in all of this, in terms of whether these requests are all backed by subpoenas.

Underlying both of these issues is the fact that Sprint has made it so easy for law enforcement to gain access to customer data on a 24/7 basis through the use of its Web portal and large compliance department. Regarding the latter, here's another quote from Paul Taylor, the aforementioned Sprint/Nextel Electronic Surveillance Manager:

"In the electronic surveillance group at Sprint, I have 3 supervisors. 30 ES techs, and 15 contractors. On the subpoena compliance side, which is anything historical, stored content, stored records, is about 35 employees, maybe 4-5 supervisors, and 30 contractors. There's like 110 all together."

All of those people are there solely to serve up customer data to law enforcement, and other comments by Taylor indicate that his staff will probably grow. Sprint only recently made the GPS data available through the Web portal, and that has caused the number of requests to go through the roof. The company apparently plans on expanding the menu of surveillance options that are accessible via the Web. Taylor again:


"My major concern is the volume of requests. We have a lot of things that are automated but that's just scratching the surface. One of the things, like with our GPS tool. We turned it on the web interface for law enforcement about one year ago last month, and we just passed 8 million requests. So there is no way on earth my team could have handled 8 million requests from law enforcement, just for GPS alone. So the tool has just really caught on fire with law enforcement. They also love that it is extremely inexpensive to operate and easy, so, just [because of] the sheer volume of requests they anticipate us automating other features, and I just don't know how we'll handle the millions and millions of requests that are going to come in."

I'm sure they'll find some way to deal with the "millions and millions" of warrantless surveillance requests, and no one will bother to even curb the practice, much less stop it. I've been reporting on this exact metadata/surveillance issue for years now, and it just gets worse. The stressed, jobless, indebted public doesn't care, and Congress doesn't either. If I'm still on this beat in 5 years, I'm sure I'll still be rewriting this same story for the thousandth time.




http://arstechnica.com/telecom/news/2009/12/sprint-fed-customer-gps-data-to-leos-over-8-million-times.ars

YEah, I read that the other day, Big Brother is coming. It's a shocking invasion of privacy.

The providers are profitting off it too (hence the making of the web portal for ease of access), they charge something like $40 per request from LEOs for this kind of data.

I don't think they should have access to this data without a warrant and probable cause but the fact that they do doesn't bother me since I don't break the law.

/Agree with Anticor.

I guess I would be really riled up if I were up to nefarious means. Otherwise, Big Brother can simply accompany me along my mediocre and happy middle-income family lifestyle.

:shrug:

____________________________________________
http://forum.gsplayers.com/images/reputation/reputation_balance.gifSprint fed customer GPS... (http://forum.gsplayers.com/showthread.php?p=1042022#post1042022)12-23-2009 07:42 PMYou care nothing about Big Brother because you ARE Mediocre Human but a Professional Pussy

Thats pretty weak. I think you can do better to be honest.

In the words of Rage, who controls the past now, controls the future.

In other words, you may not care now because nothing you do is illegal, but when they make something you do do illegal, and the rest of us are already locked up by the overlords, you're gonna care a lot and there's nothing you'll be able to do. :P

To be fair, Rage was just quoting ORsen Welles.

Orsen Welles or George Orwell? Sounds more like 1984 hehe.

That's what I meant. Grr.

To quote a better quote from the Holocaust,


First they came for the communists, and I did not speak out—because I was not a communist;
Then they came for the trade unionists, and I did not speak out—because I was not a trade unionist;
Then they came for the Jews, and I did not speak out—because I was not a Jew;
Then they came for me—and there was no one left to speak out for me.

Illegal and underhanded activities aren't the only thing that probable cause/4th Amendment prohibitions protect. Just because you're not trafficking cocaine doesn't mean you want the emails you exchange with your family to be an open book for law enforcement. It's not entirely clear to me from the OP what information is being given out. Is it just metadata aggregations, or are there more detailed reports about emails, IMs, etc.? Either way, it's legitimate to be concerned about Sprint's activities where there exists a legitimate expectation of privacy.

GPS location is the shocking bit to me.

Fortunately carrier pigeons are still a safe, effective and secure means of data transmission. There's something to be said for a pigeon delivering a USB drive!

A thousand times worse is the way that OnStar can take control of your car and stop it basically on a whim. They put that in a commercial and I could not believe it.

I would be more interested to see the motives behind each request - how many of these were missing persons searches as opposed to general snooping?

Fortunately carrier pigeons are still a safe, effective and secure means of data transmission. There's something to be said for a pigeon delivering a USB drive!

http://www.youtube.com/watch?v=ue_UDHH-EzY&feature=related

Yeah I find the whole thing highly disturbing.

To quote a better quote from the Holocaust,

But Americans can arm themselves. We're safe! =D

A thousand times worse is the way that OnStar can take control of your car and stop it basically on a whim. They put that in a commercial and I could not believe it.

I would be more interested to see the motives behind each request - how many of these were missing persons searches as opposed to general snooping?

Onstar is awesome. I have it in our vehicles.

Fortunately carrier pigeons are still a safe, effective and secure means of data transmission. There's something to be said for a pigeon delivering a USB drive!

I follow the ways of Ghost Dog as well....

Fortunately carrier pigeons are still a safe, effective and secure means of data transmission. There's something to be said for a pigeon delivering a USB drive!
http://4.bp.blogspot.com/_b-PawIeesqU/SQCKeqgX4VI/AAAAAAAAAow/LchcSm6yu5I/s400/dastardly+and+muttley.jpeg

The bigger problem is that they can't determine whether courts are involved with all the requests or not. How does anyone know whether the cop using the web portal isn't a rogue cop trying to gather information for a hit? (somewhat extreme, but illustrates the point)

Government isn't some monolith. It's made up of individual actors, and those individual actors may or may not have motives and agendas that align with the government's and society's interests.

A thousand times worse is the way that OnStar can take control of your car and stop it basically on a whim. They put that in a commercial and I could not believe it.

I would be more interested to see the motives behind each request - how many of these were missing persons searches as opposed to general snooping?

You are confused with the definition of "whim", aren't you.