CommunityThe Dissenter

Local Law Enforcement Act Like CIA, Abuse Public Records Laws to Conceal ‘Stingray’ Surveillance

Screen grab from the website for Harris Corp, which is effectively instructing state and local governments to violate or manipulate public records laws

More and more local law enforcement agencies in the United States are manipulating or abusing public records request laws in order to conceal whether they are using “Stingray” surveillance technology to collect data for law enforcement activities, even going so far as to pretend that records do not even exist.

A “Stingray” surveillance device is, according to the Electronic Privacy Information Center, a device “that can triangulate the source of a cellular signal by acting like a fake cellphone tower and measuring the signal strength of an identified device from several locations.” Such technology has been in use in some form by the FBI since 1995.

The American Civil Liberties Union considers the technology to be the “electronic equivalent of dragnet ‘general searches’ prohibited by the Fourth Amendment.” It maintains that “no statutes or regulations” currently exist to address “under what circumstances ‘Stingrays’ can be used.” There is very little case law to properly limit law enforcement use.

“Stingrays” are capable of “stealing” cellphone data, according to journalist Ryan Gallagher. “The Stingray can be covertly set up virtually anywhere—in the back of a vehicle, for instance—and can be used over a targeted radius to collect hundreds of unique phone identifying codes, such as the International Mobile Subscriber Number (IMSI) and the Electronic Serial Number (ESM). The authorities can then home in on specific phones of interest to monitor the location of the user in real time or use the spy tool to log a record of all phones in a targeted area at a particular time.”

The ACLU is one of a number of groups that is being confronted with shameless secrecy as it tries to figure out how law enforcement agencies in the country are using “Stingrays” in violation of constitutional privacy rights. It sent public records requests to 36 state and local law enforcement recently and received a response from a law firm representing the city of Sunrise, Florida, that was nearly identical to how the CIA has tried to conceal its use of drones to target and kill terrorism suspects.

“The City cannot and will not acknowledge whether any records responsive to the Request exist and, if any responsive records do exist, cannot and will not publicly disclose those records,” the response read. “Not only would the mere production of a single record responsive to these requests, even if entirely redacted, reveal the existence of confidential surveillance techniques, but it would also compromise both active and future criminal investigations.”

The law firm argued it could not even provide information related to closed investigations because, though an “investigation of a particular individual” may have been “terminated” that “does not mean the records are no longer exempt from disclosure” if the records “include leads to other cases and other suspects.”

ACLU attorney Nathan Freed Wessler, whose name appears on the public records request from the city of Sunrise, contends this kind of a response has no basis in Florida law. A government agency is “required to respond to a public records request by searching for and releasing relevant documents.” But, even more significantly, this response is inept if not flat-out disingenuous.

“The Sunrise Police Department has already publicly acknowledged that it owns at least one Stingray,” Wessler explains. “A document posted on the city’s public website reveals that in March 2013 the Police Department investigated purchasing a $65,000 upgrade to its existing Stingray device, as well as other related technology and services.”

He adds, “An agency cannot acknowledge a fact in one context, but then refuse to confirm or deny the same information in response to a public records request. Sunrise’s response might be laughable if it weren’t such a bald violation of government transparency laws.”

The Florida Department of Law Enforcement (FDLE) appears to be similarly abusing the law. In response to a records request from the ACLU, it refused to disclose any records and would not inform the ACLU of how many documents were being withheld and why.

FDLE did acknowledge in a few “heavily redacted records” that the agency had spent $3 million on “Stingrays.” It has agreements with local and regional law enforcement agencies for these devices. These agencies are prohibited under a non-disclosure agreement from sharing details on the nature of the agreements. Other than that, FDLE broadly invoked four exemptions in the state’s public records law—that such information would reveal “trade secrets,” “criminal justice information,” “federal criminal history” records and information on “surveillance techniques.”

The ACLU believes that FDLE redacted text of the “non-disclosure agreement” it has signed. This cannot possibly be covered under any exemptions.

Also, FDLE applies a “confidentiality notice” to its email replies to requests, which treats the content as “privileged” or “confidential.” This means the “dissemination, distribution, copying or other use of this information” is a violation of law to FDLE. How is that proper or legitimate under a public records law that is supposed to favor transparency?

Any records related to agreements with wireless service providers such as AT&T, T-Mobile, Verizon, Sprint Nextel or US Cellular, were kept secret. Records of communications, licenses, waivers or agreements with the Federal Communications Commission, FBI or Florida Public Service Commission, which involve “cell site simulators” were kept secret. Data on the number of investigations in which “cell site simulators have been used” and the “number of those investigations that have resulted in prosecutions” was kept secret. Records of cases where law enforcement used “Stingrays” in the course of their investigation and applications for search warrants where data from these devices were used were not provided.

Harris Corp., as the Associated Press recently reported, established an agreement with the city government of Tucson, Arizona, to not “discuss, publish, release of disclose any information” on products from the company without the company’s “written consent.” The corporation is to receive notice when the city receives a public records request.

There have been multiple instances where local news media contact agencies only to be met with secrecy. Media organizations point out information online, but law enforcement maintains they have an agreement with Harris they must respect by preventing records from being provided to news media. Journalist Beau Hodai and the ACLU of Arizona sued the Tucson Police Department for this conduct.

A corporation contracting surveillance technology to state and local governments has taken it upon itself to concoct policy in direct conflict with state law and instructed government agencies they must comply.

This secrecy deliberately avoids public debate, ensuring that a corporation can reap profits because it does not have to deal with the possibility of having the law or the constitution get in the way of sales of technology or services to government agencies. It also may be a clever way for governments to avoid having to disclose to citizens the secret surveillance capabilities, which law enforcement is amassing. However, it is quite blatantly lawless conduct on the part of cities and states to conceal mass surveillance technology that courts may not approve because they can violate innocent persons when used in an investigation.

Previous post

Top Ten At Ten 3/25/2014

Next post

#MH370: The Doppler Effect, the Undisputed Facts and a Theory

Kevin Gosztola

Kevin Gosztola

Kevin Gosztola is managing editor of Shadowproof. He also produces and co-hosts the weekly podcast, "Unauthorized Disclosure."