Michigan State Police Using Cell Snooping Devices

[bobandtorey]

For nearly a decade, the Michigan State Police has had secretive cellphone tracking devices that were bought to fight terrorism but instead are used to solve everyday crimes, internal documents show.

More than 250 pages of emails, invoices and other documents show the state police in 2006 acquired cellphone simulator technology, which lets police collect large amounts of data including the location of users. The equipment was upgraded in 2013 and an internal memo indicates it was used last year on 128 cases ranging from homicide to burglary and fraud, but not terrorism.

The documents are the first indication the state police have Stingray and Hailstorm-type tools from Florida-based defense contractor Harris Corp. The equipment has raised privacy concerns and reform efforts nationwide because it collects information from not only criminal suspects, but also anyone with cellphones within range of the devices.

The suitcase-sized contraption is installed in cars and pulls cell data for police. Its exact capabilities, though, aren’t fully known because Harris Corp. requires that police agencies sign confidentiality agreements.

“This is technology initially designed for military and intelligence agencies and now it’s being used in residential streets across the United States and Michigan, and it’s being done in secrecy,” said Nathan Freed Wessler, a New York-based attorney for the American Civil Liberties Union.

“It’s tricking every phone in broad areas and sweeping information about every innocent bystander nearby and reaching through walls.”

The ACLU acquired the documents through the Freedom of Information Act and shared them with The Detroit News, which last year published a two-day series about police tracking devices and data collection. At the time, the Oakland County Sheriff’s Office was believed to be the only police agency in Michigan with Stingray-type equipment.

State Police First Lt. Christopher Hawkins said the agency secures warrants or court orders before using the devices except in “exigent circumstances” such as kidnappings. Its officials have met with the ACLU to discuss policies and are reviewing recent ones from the U.S. Department of Justice that require warrants before cell simulators are used, Hawkins said.

“As with every tool used to assist law enforcement investigations, we use the Constitution of the United States and Michigan as governance,” said Hawkins, commander of the state police’s legislative and legal resources section.

“It is a very effective tool that we’ve had great success in using. It’s a tool to keep the citizens of Michigan safe.”

He said he can’t discuss specifics about “how and when” the technology is used, but the state police “understands the concerns about privacy and need for transparency.”

“Our device does not retain any data from third-party cellphones,” Hawkins said. “The device cannot be used to listen to calls (or) read text messages.”

Nationwide, the ACLU has identified 57 police agencies in 22 states and the District of Columbia that own the devices known as cell site simulators. They masquerade as cell towers and send signals to trick phones in the area into transmitting their locations and identifying information.

Gear bought in 2006

The documents acquired by the ACLU indicate the state police paid Harris Corp. $206,500 in 2006 for equipment that was “vital to the war on terrorism” and allows “the state to track the physical location of a suspected terrorist.”

The equipment was fully funded by a U.S. Homeland Security grant and the cost matches Harris Corp. prices lists for its Stingray device, Wessler said.

In 2013, the state used asset forfeiture funds to pay Harris $593,450 for “surveillance and countersurveillance equipment and supplies,” records show. The product name is redacted in purchase orders but emails say it was for a “Stingray upgrade” to “allow the MSP to keep pace with current technology trends.”

That is likely a Hailstorm, a cell tower simulator that is similar to Stingray but able to collect information over 4G networks, Wessler said.

A Jan. 21 internal state police memo indicates the technology led to 82 arrests, including 40 for homicide and attempted murder, and the discovery of six missing persons. The memo also indicates it was used in 18 burglary cases, three frauds ones and two for smuggling.

“Not only did we experience a great deal of success in locating and arresting violent offenders, but our assistance also resulted in significant savings in labor costs through reduced surveillance and other investigative efforts,” the unsigned memo stated.

Problem with trust

The frequency of the device’s use — about once every three days — troubles former state Rep. Tom McMillin, R-Rochester Hills.

Last year, he hosted hearings about the technology and introduced bills to oversee cellphone simulators. The legislation would have required warrants for their use, created a board to oversee police surveillance technology and imposed criminal penalties for misuse.

The bills died and McMillin left his post because of term limits. No similar legislation has been introduced since.

“ ‘Just trust us’ is something we’ve heard before. It doesn’t work,” said McMillin, an unsuccessful candidate for the U.S. House last year.

“We shouldn’t believe (police) are just blindingly following the rules. ... The general public doesn’t have a problem using the latest technology to get bad guys, but there needs to be broad oversight and accountability.”

Issue not ‘ripe’ for action

This year, California and Washington passed laws requiring police to get warrants to use Stingray-type devices, joining Virginia, Minnesota and Utah in regulating the devices. Before the laws, police typically secured “pen register and trap and trace orders” from judges, which require a lower standard of proof than warrants and don’t require police to disclose they are using a Stingray.

State Rep. Kurt Heise, R-Plymouth Township, chairman of the House Criminal Justice Committee, said McMillin’s bills would have “tied the hands of police.”

“Right now, I don’t think this is an issue ripe for state action,” Heise said. “The burden is on law enforcement to demonstrate they are operating under the constitution ... If the ACLU wants to challenge this in court, then we may have to let the courts sort it out.”

Heise said he wasn’t aware the state police have the technology and isn’t concerned about it.

Law enforcement in Oakland County and other agencies have offered assurances the devices don’t eavesdrop on conversations, collect contents of text messages or phone numbers or store information of bystanders.

Undersheriff Mike McCabe said his department has secured warrants from “day one” to use cellular technology.

Wessler said even information like the location of cellphones is capable of revealing “an extraordinary amount of information about people’s lives.”

“Secrecy serves only to insulate (police) from scrutiny and enforcement of our constitutional rules in this country,” he said. “As a society, we may decide it’s appropriate to use the technology but we can’t have that conversation if police are doing it in complete secrecy.”

 

http://www.detroitnews.com/story/news/local/michigan/2015/10/22/stingray/74438668/

[cristinew]

Now most of the new cars they do not have to do that , just get the program number from the maker,

[AmishRnot4ganja]

I can easily see a cop using this to stalk someone against whom they have a grudge. Such as one of those dirty lowlifes who grow or use marijuana.

Edited October 23, 2015 by amish4ganja

[outsideinthecold]

Ever look skyward and wonder if that high-wing general Aviation Cessna that looks like hundreds-of-others cruising overhead might have a passenger tiding right-seat with a screen display on a suitcase-sizes box?

 

The DHS bipartisan deal gave the Dems a big new TSA Union and the Reps more goodies for the patrons of their FOPs and CoCs?

 

The boxes the deploy now do way more than track phones, don't they?

Edited October 24, 2015 by outsideinthecold

[Wild Bill]

Is for greater good of glorious Homeland, comrade!

[Restorium2]

Wifi is your friend. Pairing is instant. Stalking is condoned now. They are making great aps for that for dating. Our legislature stands up for folks that have restraining orders on them, making sure they can have a gun. I swear there's a bug going round that prevents people from thinking one move ahead. Crazy days are here again ..... Stupid R Us  I use my cell phone very sparingly and I have no WiFi at my home. How about you? 

[ozzrokk]

I can easily see a cop using this to stalk someone against whom they have a grudge. Such as one of those dirty lowlifes who grow or use marijuana.

 

Ohh come on now....... We all know they would never do anything like that........... Even against such low life scum..........

[zachw]

If you can't trust the gubmint, who can you trust?

[in vivo]

Anyone can purchase or build an IMSI catcher (fake cell tower) for less than $2000. The Hailstorm that Oakland county operates has the ability to not only control and monitor all incoming and outgoing signals (ie calls, text, data), but it also has the ability to download malware onto a device gaining complete control over it. There are apps for Android phones that notify a user when they may be connected to an IMSI catcher, and everyone should consider using end-to-end encryption of some sort.

[bobandtorey]

As he unveiled the iPhone 6 and iOS 8 operating system, CEO Tim Cook made a very bold statement: Apple's new encryption system makes it so the company can't read the data on our

 

phones, even if the police try to compel it to do so. Law enforcement had a predictable freak out in the wake of this announcement. Privacy activists cheered. But what does Apple's new

 

encryption policy really mean for phone users' privacy?

 

It depends on your adversary, and the kind of information you want to protect. The new encryption system will guard against a variety of potential snoops, including bad boyfriends, criminal

 

hackers, and other jerks. It may even protect phones from unwarranted police searches. But that's sort of beside the point if you want to protect your text messages and records of your

 

movements. After all, as Marcy Wheeler says, lots of the information police are most interested in is stored by our cell phone providers: who we call, where we go, and when. Cops routinely

 

obtain this information from our providers without warrants, and there's nothing Apple can or will do about that.

 

On the other hand, AT&T and Verizon don't store the photos we take and keep locally on our devices. To my knowledge, these companies don't store detailed information on our app use, or the

 

contents of our emails when they are stored locally on our phones. So as long as we don't use iCloud, those kinds of private things are a lot more secure today than they were last week.

 

But there are other issues at play here that complicate Apple's announcement, among them the border search and police use of cell phone sniffers.

 

While a 2014 Supreme Court decision in Riley affords US persons the right to keep our cell phones private from law enforcement absent a warrant, even subsequent to arrest, it doesn't say

 

anything about the lawless border regions. The federal government claims we have no Fourth Amendment rights within 100 miles of any land or sea border, including at airports. For years now,

 

DHS officials have used that totalitarian power to conduct warrantless searches of phones and laptops, bringing them into back rooms where they presumably sometimes try to make copies of

 

people's hard drives. All of this is done without warrants, and with minimal—if any—oversight.

 

One of the tools feds likely use in back rooms at airports and border crossings throughout the United States is a device sold by a corporation called Cellebrite, which sells phone data extraction

 

tools to every level of law enforcement. These devices, one of which is called "UFED", allow police or federal agents to directly siphon the contents of cell phones, sometimes even bypassing

 

encryption locked with a user pin. The UFED page on Cellebrite's website boasts the technology can conduct "Physical extraction and decoding while bypassing pattern lock / password / PIN

 

from Android devices including Samsung Galaxy S family, LG, HTC, Motorola, and more." Is the device able to break Apple's encryption, or hack beyond the password using a brute force style

 

attack? It's too early to tell. But the company says law enforcement should rest easy with its purchase because the spy firm makes "[f]requent updates to ensure compatibility with new phones

 

as they enter the market."
Source: http://www.cellebrite.com/mobile-forensics/products/standalone/ufed-touch-ultimat

That begs the question: Is Tim Cook telling the truth when he says that Apple can't decrypt our phones? If there is truly no "backdoor" into the phones, could it be possible that the new

 

encryption system will block technologies like Cellebrite's UFED? If so, it's understandable that lots of federal agents are very upset right now. A huge trove of "free", no-warrant-required

 

surveillance information was just snatched from their grasp.

 

But then there's the cell phone sniffer, known as a Stingray or IMSI catcher. These devices enable law enforcement (or anyone else) not only to surreptitiously track the location of cell phones,

 

but also intercept and even modify their contents and communications. Will Apple's encryption system stop the FBI from sucking up the contents of your communications, if you're sending sexts

 

to your boyfriend while they're parked down the street with an IMSI catcher targeting your phone? No.

 

 

So is Apple's announcement a good thing for privacy, overall? Definitely. Does it protect your private cell phone information from being disclosed to the police? For many types of sensitive

 

information, not at all. For photos and other files stored locally, potentially—as long as there isn't a cop outside with a Stingray, waiting for you to start taking pictures or sending emails.

 

 

Building digital privacy protections into technologies is exactly what companies should be doing, and Apple deserves credit for this bold move. But technical measures alone won't cut it.

 

If we want to make sure our private lives stay private at the border and everywhere else, we need to change US surveillance law at the federal and state level to reflect basic Fourth Amendment

 

 

values. If cops can simply file a subpoena to obtain our call and location records, they don't need to bother with searching our physical phones. And if the FBI or our local police departments can

 

just haul out the Stingray to suck up the contents of your device, Apple's privacy maneuver won't mean much for the sanctity of your private life. While the company deserves credit for doing its

 

part, these are political problems that Apple alone cannot fix.

 

https://privacysos.org/node/1528

[bobandtorey]

Wifi is your friend. Pairing is instant. Stalking is condoned now. They are making great aps for that for dating. Our legislature stands up for folks that have restraining orders on them, making sure they can have a gun. I swear there's a bug going round that prevents people from thinking one move ahead. Crazy days are here again ..... Stupid R Us  I use my cell phone very sparingly and I have no WiFi at my home. How about you? 

 

 

I use WIFI at home  and when i'am away i don't think they are watching me any more today but Leo has done it before it happens more to the people that grow cannabis and may have more then 2.5 OZ and 12 plants per card 

[Restorium2]

I use WIFI at home  and when i'am away i don't think they are watching me any more today but Leo has done it before it happens more to the people that grow cannabis and may have more then 2.5 OZ and 12 plants per card 

LEO might not be but anyone else who wants to is. You might as well be doodling on a billboard on the road side. As long as you know that it's all good. 

[zaphod]

LEO might not be but anyone else who wants to is. You might as well be doodling on a billboard on the road side. As long as you know that it's all good. 

Hell, I leave the cell phone at home even when it's just mushroom picking.  And a shoutout to Norby for passing the test.