|Cell Phone and GPS Location Data|
Excerpts from the written testimony are below. We will be posting the complete testimony and will link to that for our readers.
Author’s Comment: The ECPA provides that many of the requests and records are to remain secret. Title II of the ECPA, the Stored Communications Act (SCA) 18 U.S.C. §§ 2701 to 2712 protects communication held in electronic storage, most notably messages stored on computers.
Author’s Comment: There are proposals to restrict the scope of this federal law, but as of today, November 22, 2010, the law and its ability to gather a diverse array of data about your cell phone usage remains a frequently used tool of federal law enforcement, including DHS (Department of Homeland Security) , DEA (Drug Enforcement Administration), FBI (Federal Bureau of Investigation), State, and Local Law Enforcement.
If you have issues or questions about this sweeping federal law, call me toll free at 1-877-793-9290.
Cell Phone, Surveillance , SCA, Stored Communications Act , ECPA , 18 U.S.C. § 2510, 18 U.S.C. § 2701, , Electronic Communications Privacy Act
Cell Phone Surveillance | Cell Tower Data
|W.F. “Casey” Ebsary, Jr.|
Tampa Criminal Defense Expert, W.F. ”Casey” Ebsary, Jr., has suspected that cops use “fake identities” to “trick” users into accepting a government official as friend or otherwise provide information to the government. We believed that the feds watch Facebook, MySpace, Twitter, Flickr and other online social media and use the information for investigative (criminal or otherwise) or data gathering purposes.
A recent public records request by the EFF sought more information including:
|Prosecutor’s Obtaining Evidence From Social Networks
The feds produced a 33 page record. We just took a look at it and it appears to be a training program. The document was titled, “Obtaining and Using Evidence Social Networking Sites from Facebook, MySpace, Linkedin, and More.” It was authored by John Lynch, Deputy Chief, Computer Crime and Jenny Ellickson, Trial Attorney of the Computer Crime and Intellectual Property Section.
The outline covered an Introduction to Social Networking Sites and an Overview of Key Social Networking Sites. Not suprisingly, buried in the training materials is the question: Why go undercover on Facebook, MySpace, etc? The answer in short succinct bullet points was to “Communicate with suspects / targets” and “Gain access to non-public info” and to “Map social relationships/networks.” The training session begins: “Most social-networking sites allow users to:
• Create personal profiles
• Write status updates or blog entries
• Post photographs, videos, and audio clips
• Send and receive private messages
• Link to the pages of others (i.e., “friends”)”
How can Law Enforcement Obtain data from these sites?
• Some info may be public
• Use ECPA to get info from providers
• Undercover operations “
The ECPA is the Electronic Communications Privacy Act (ECPA) and it sets out the provisions for access, use, disclosure, interception and privacy protections of electronic communications. The feds use this information to:
• Reveal personal communications
• Establish motives and personal relationships
• Provide location information
• Prove and disprove alibis
• Establish crime or criminal enterprise
How do the Feds get information from Facebook?
The feds noted that MySpace is owned by Fox Interactive Media and was the most popular Social Network; was passed by Facebook in 2008; True names are less encouraged than Facebook. Feds are noting there is Messaging through messages, chat, friend updates. MySpace has a Young user base,has a history of child safety concerns, and Privacy is currently less granular than Facebook. Cybercrime defense attorney notes that Granular Privacy Controls in social networks allow authorization profiles – the user gets to decide what data to show to other friends in the network.
How do the Feds Get Info From MySpace?
What the Feds believe about Twitter?
The bad news for the Feds is that Twitter only retains the first login IP, there is no user contact phone number, Twitter Will not preserve data without legal process, and Twitter has a stated policy of producing data only in response to legal process.
The Feds frequently use a 2702 request to short cut Search Warrant requirements. On the other hand, as of 2010, Yahoo has the following policy on 2702 requests from cybercrime investigators:
“Under 18 U.S.C. §§ 2702(b)(7) and 2702(c)(4) Yahoo! is permitted, but not required, to voluntarily disclose information, including contents of communications and customer records, to a federal, state, or local governmentalentity if Yahoo! believes in good faith that an emergency involving imminent danger of death or serious physical injury to any person requires such disclosure without delay.”
What about LinkedIn?
The feds use LinkedIn to identify experts and check the background of defense experts. The Privacy model is similar to Facebook and Profile information is not checked for reliability.
Federated Identity Issues Concern the Feds
Terms of Service TOS and Privacy Policies
Criminal Penalties for Law Enforcement Officers for Violating the Privacy Protection Act
The feds also are concerned about the growth of social networks and the questions it raises about the breadth of the PPA. This author notes that the Privacy Protection Act provides for criminal penalties against federal officials who willfully disclose a record in violation of the Act, 5 U.S.C. § 552a(i)(1).