Happy Memorial Day! Remember Your Government Will Be Tracking with Whom You Celebrate this Weekend

/in /by

As I’ve said repeatedly in discussions of the secret interpretations of the PATRIOT Act provisions that Ron Wyden and Mark Udall complained about, those interpretations probably claim the government can collect mass information on geolocation.

Julian Sanchez lays out why that is almost certainly the case in this worthwhile post. The three main points (there are several less crucial ones) are:

  • The government has been using a hybrid approach–using a combination of pen registers and 2703(d) orders–to get geolocation data in criminal investigations with some support from courts; using pen registers with Section 215 orders could offer the same “hybrid” authorization
  • The structure of Ron Wyden’s legislation aiming to rein in geolocation tracking starts with restrictions on FISA, which the criminal statute incorporates, but also includes explicit prohibitions on using pen registers and Section 215 to get geolocation information
  • TruePosition’s LocInt service markets the ability to determine proximity, but doing so would rely on widespread collection of geolocation information

In other words, Sanchez lays out both the legal means we know the government has used to track geolocation, maps the legal means Wyden is attempting to use to curtail those legal means, and describes the technical necessity for widespread collection.

Which is a pretty compelling argument that the big rush to extend PATRIOT is about making sure this geolocation tracking doesn’t shut down over the Memorial Day weekend. So rest assured your government is tracking where you’re vacationing this weekend and with whom.

image_print
  3. PeasantParty says:

    Happy Memorial Day to you as well. I have a feeling that most of the living vets and those that are no longer with us had no idea they were fighting for this to happen in the US.

    I think the spy stocks rode a nice high today. :-(

  4. Watt4Bob says:

    Meanwhile …

    … on NPR this morning, a discussion pertaining to the internet, so one-dimensional as to lead me to suspect it was part of a dis-information campaign;

    The moderator and her guests were discussing the internet, as if the main issue was the individual’s right to self-expression, as opposed to what I believe are much more important, namely the rights of freedom of association, and freedom of assembly.

    Much more than a medium for self-expression, the internet is a vital part of the public commons, a place to assemble and organize for political purposes.

    We should be careful not to allow the MOTU to define the internet in such a way as to remove any of our rights, much less as their private property, and we should take every opportunity to clarify the fact that the internet is part of the public commons, and as such, use of the internet as a tool for grassroots organization is not to be interfered with in any manner because it is a sacred right protected by the constitution.

    • DWBartoo says:

      “… the internet is a vital part of the public commons, a place to assemble and organise for political purposes.”

      Very well said, Watt4Bob.

      One wonders when the “enclosure” policies will commence?

      DW

      • Watt4Bob says:

        I suspect they’re already slowing access to ‘subversive’ sites at the same time they use the technology to track our movements and associations (spy on us).

        Of course access to Amazon Dot Com(as all strictly commercial pages) is, and always will be blindingly fast.

    • Bluetoe2 says:

      NPR has become a joke. Yesterday they did a puff piece on Paul Ryan and the announcer was almost gushing.

  5. harpie says:

    Dumb question: Can a cell phone be tracked if it’s not on?

    From the linked “Atlas Bugged”:

    What, then, could that single omitted word be? One candidate that would fit in the available space is “location” or “geolocation”—meaning either location tracking of people called by the suspect or perhaps the use of location records to build a suspect’s “community of interest” by “identify[ing] mobile phones…within close proximity” to the suspects.

    How many people have been killed, arrested, imprisoned and/or tortured just because they happened to be “in close proximity to” a supposed al-Qaeda person or location at the wrong time? […for instance, in a supposed al-Qaeda boarding house]?

      • emptywheel says:

        And adding,what the Zeit presentation shows you is one data point: the politician, Malte Spitz.

        Julian’s saying that LocInt will cross-reference that data to see who else is in those same meetings.

        If you think about it, what the govt is after w/the Twitter order in the Wikileaks investigation is the IP of the WL figures. It will use this to try to prove that some of them were in the same place at the same time.

        It’s the same stuff they’re looking for here, just collected via a different method. And since they call the WL investigation a counterespionage one, they could easily use 215 to do teh geolocation that way. Maybe they did, and they’re just using Twitter to get something they can introduce at trial w/o making it clear they’ve been tracking people for what amounts to journalism.

  6. Kelly Canfield says:

    What’s truly dis-heartening about this, is that the real bad guys are going to waltz into WalMart, pick up a pre-paid phone for cash, do their business 1x, and then throw that phone in the trash.

    • Kelly Canfield says:

      One more thing to point out. There is an economic class component to all this, when one is hoovering up all geo data and phone calls.

      There is one standard to grab all this info, and that is to collect the NPA/NXX, ESN and MEID information from a specific cell phone.

      So, on prepaid phones, which are mostly in use by non-credit qualified customers, i.e. “poor” when one losses one’s regular “phone number” (That’s the NPA/NXX thing, i.e. 555.555.555) one must deal with a new “number.” But one calls the SAME people, generally. So a somewhat frequent NPA/NXX change is probably called into question.

      Example: Migrant worker calls to Mexico. Starts the season with one phone number – misses a payment – phone number gets recycled into the pool. New NPA/NXX assigned with re-establishment of service, same ESN, same MEID, makes same calls to local and Mexico numbers.

      That one is a target. Repeat scenario with non-migrant poor person, no international calls. Same sort of target.

      One-off NPA/NXX, ESN, MEID on the throw away phone scenario? Never even hits the NSA radar. But sooner or later? That NPA/NXX gets recycled, and the inheritor of that NPA/NXX will have, very unfairly, a history associated with that phone number. Who does that hit? The economic class that only participates with telco on a cash/temporary basis.

      • orionATL says:

        this was a very i formative comment for me.

        i was only a few lines into it when i suddenly understood the migrant connection.

        i have not run across your acronyms before so they are befuddling for the moment,

        but the experience you describe exactly matches my observations of immigrant calls and poverty.

        now, i wonder….

    • kimsarah says:

      Or walk into Wal-Mart, buy a gun and ammo, then go to a public park or restaurant, shoot it up, then throw the guns into a trash can and walk away.

  7. potsdam602 says:

    Have telephone ‘Round Robins’ with different groups of people–keep a list of calls you want to make weekly or every few days. At the Round Robins keep passing phones around and make calls. Keep track of minutes if people want. Have it understood all calls made responsibly.

    Over ten years ago I received a call from a ‘phone company’ asking if I knew where a friend was–he allegedly owed the phone co money. Don’t know if it was BS from a real phone co. or something else. If it was a phone co, they should not have known–or acknowledged–that we called each other then. This has been going on for a long time. :(

    • mzchief says:

      Yeah but there’s more (psst, come closer). Notice that so much of this hangs off the centralized, internationalized tel-sat-co system? So if we quit having every aspect of our lives tethered to that grossly over-automated, over-centralized system(s), we can recreate Whoville without the Grinch of the Spy/Security State.

      So (a starter list),

      + go local
      + use face-to-face meetings
      + use technology– especially electronic technology– far more sparingly
      + get paper bills in the mail from a local company with which you feel good doing business because they hire people in your community, provide something needed and invest in your community
      + write paper checks which get cashed by a local person at a local bank by a locally-employer teller, cancelled and returned to you each month in the mail
      + re-establish physical neighborhood and local newspapers (these could be green presses creating some good jobs)
      + defend and expand local public libraries of physical books
      + re-establish good old fashioned mechanical systems designed and built by Americans for Americans to assist in more honestly making our individual and collective lives better (e.g. if you really have to have a toaster, no LEDs!)
      + bring back the public commons with their proper, long-term public management

      I’m drawing from many ideas presented in E.F. Schumaker’s Small is Beautiful: Economics As If People Mattered with a modern update and a twist based upon my background and experience.

      OT– To heck with this “U.S. to propose mandatory vehicle ‘black boxes‘” (May 26, 2011)

  10. powwow says:

    Another superb article by Julian Sanchez. Impressive, and disturbing, if its plausible explanations are on the money.

    Currently, any record asserted to be “relevant” to an investigation (a standard so low it’s barely a standard) is subject to Section 215, and records falling within those three categories [terror suspects, or their associates, or the “activities” of a terror group] enjoy a “presumption of relevance.”

    […]

    Sen. Udall, meanwhile, always uses the same two examples when he talks about his concerns regarding Section 215: he warns about “unfettered” government access to “business records ranging from a cell phone company’s phone records to an individual’s library history,” even when the records relate to people with no connection to terrorism.

    […]

    But that kind of targeted [location] tracking would not require broad access to records of people unconnected to terror suspects and their known associates, which is hinted at by both Sen. Udall’s remarks and the high rate of modifications [recently] imposed on Section 215 orders by the FISA court.

    Julian Sanchez, May 27, 2011

    As I noted in my PATRIOT wrap-up comment yesterday, I watched Mark Udall’s Thursday afternoon floor comments in real-time, and heard what seemed like more than a “hint” from him about the FBI’s present PATRIOT-justified ability to spy, for no-probable-cause intelligence purposes, on Americans, in the U.S., who have no connection to terrorism or espionage. Reading Senator Udall’s comments today, as printed in the Congressional Record, bears out that first impression:

    I have also filed my own amendments to address some of the problems I see with the roving wiretap, “lone wolf,” and business record provisions. For example, I joined Senator Wyden in filing an amendment designed to narrow the scope of the business records materials that can be collected under section 215 of the PATRIOT Act. And I just highlighted some of the problems with that provision. Our amendment would still allow enforcement agencies to use the PATRIOT Act to obtain investigation records, but it would also require those entities to demonstrate that the records are in some way connected to terrorism or clandestine intelligence activities.

    Today, law enforcement currently can obtain any kind of records. In fact, the PATRIOT Act’s only limitation states that such information has to be related to “any tangible thing.” That is right. As long as these business records are related to any tangible thing, the U.S. Government can require businesses to turn over information on their customers, whether or not there is a link to terrorism or espionage. I have to say that I just do not think it is unreasonable to ask that our law enforcement agencies identify a terrorism or espionage investigation before collecting the private information of law-abiding American citizens.

    These amendments represent but a few of the reform ideas we could have debated this week. But without further debate on these issues, this or any other administration, whether intentionally or unintentionally, can abuse the PATRIOT Act.

    Senator Mark Udall of Colorado, May 26, 2011

    In addition to those very important points, Mark Udall – a new member of the Senate Intelligence Committee, who voted, as a member of the House, against the original PATRIOT Act – also said something quite profound during his remarks, about human nature and secrecy, that’s just the sort of thoughtful insight we should all want members of the Congressional Intelligence Committees, in particular, to display. Unfortunately for our nation’s founding values, however, full-bore authoritarians like Dianne Feinstein, Chairwoman of the Senate Intelligence Committee, are unlikely to ever demonstrate the sort of humble introspection that led to this piece of wisdom from her committee colleague yesterday:

    As I close, I just want to say there is a gravitational pull to secrecy that I think we all have as human beings. It is hard to resist it. And the whole point of the checks and balances our Founders put in place was to ensure that power couldn’t be consolidated and that power abused, again whether intentionally or unintentionally. We would all like to be king for a day. We all have ideas about how we could make the world a better place. But we [should…] know the dangers in giving that much power to one person or one small group of people.

    This link to the Congressional Record contains, in addition to the conclusion of Udall’s Thursday afternoon remarks, Harry Reid’s Unanimous Consent Request, made later Thursday afternoon – the UCRequest that Pat Leahy openly wanted to, and should have, objected to – which, when adopted, ended the possibility of meaningful Senate deliberation on this legislation, and gave Senator Paul the half-hour of debate time permitted him (and his opponents) in advance of supermajority(!) tabling votes on two of his amendments.

    • orionATL says:

      thank you once again, powwow.

      i am much better informed, in detail, than i was before i read your comment.

  11. MadDog says:

    Sort of on topic and off topic – I know this comment tangentially pertains more to EW’s previous post on “Robo-signing“, but in this “electrons everywhere” day and age I thought it also would fit right in with the “following your electrons” theme of this post.

    The OLC has today released a new OLC opinion (25 page PDF):

    Whether Bills May Be Presented by Congress and Returned by the President by Electronic Means

    The clear message our government sends to its citizens today is: “Hail Caesar, all your electrons are ours!”

  13. orionATL says:

    to get the congress to act promptly,

    you (the leader) always have to stampede the dolts,

    which for most is to make them fearful for their re-election in some vague-but-scary way (vague is very important here).

    so, i conclude, deductively (that is without credible evidence on my part),

    that there has been some hidden scare circulated among the congresscritters.

    bin-laden’s assassination could certainly be a wellspring.

    on the other hand, and because it hasn’t been leaked, it could have to do with “endangered” administrative rules or

    with some supersecret gov’t activity that might have to be shut down, if the patriot (not) act were allowed to lapse, even briefly.

    as an aside, i note that no american president, following the bush precedent, would now allow a “critical” activity to lapse, extension of a law or no extension.

    but that’s not the right p. r. message for the nonce.

    i’ll wait for the leak as to what spooked our herd of dumb congressional buffalos this time.

  14. MadDog says:

    OT – We’ve talked about this before and now some of those chickens are coming home to roost publicly – via the NYT:

    Data Breach at Security Firm Linked to Attack on Lockheed

    Lockheed Martin, the nation’s largest military contractor, has battled disruptions in its computer networks this week that might be tied to a hacking attack on a vendor that supplies coded security tokens to millions of users, security officials said on Friday.

    The SecurID electronic tokens, which are used to gain access to computer networks by corporate employees and government officials from outside their offices, are supplied by the RSA Security division of the EMC Corporation.

    RSA acknowledged in March that it had sustained a data breach that could have compromised some of its security products. Executives in the military industry said Friday that Lockheed’s problems appeared to stem from that data breach and could be the first public signs of damage from it.

    The March intrusion reverberated through the computer security community. The RSA technology is used by most Fortune 500 companies and federal agencies to provide an extra layer of security when employees use their networks from customer offices, hotels or their homes…

    And as I remarked here at the time when this SecurID breach was first made public, lot’s and lot’s of major corporations and federal agencies are shitting really big bricks!

    Ginormous bricks!