Intelligence Analysts Use US Smartphone Location Data Without Warrants, Memo Says (nytimes.com) 26
An anonymous reader quotes a report from The New York Times: A military arm of the intelligence community buys commercially available databases containing location data from smartphone apps and searches it for Americans' past movements without a warrant, according to an unclassified memo obtained by The New York Times. Defense Intelligence Agency analysts have searched for the movements of Americans within a commercial database in five investigations over the past two and a half years, agency officials disclosed in a memo they wrote for Senator Ron Wyden, Democrat of Oregon.
The disclosure sheds light on an emerging loophole in privacy law during the digital age: In a landmark 2018 ruling known as the Carpenter decision, the Supreme Court held that the Constitution requires the government to obtain a warrant to compel phone companies to turn over location data about their customers. But the government can instead buy similar data from a broker -- and does not believe it needs a warrant to do so. "D.I.A. does not construe the Carpenter decision to require a judicial warrant endorsing purchase or use of commercially available data for intelligence purposes," the agency memo said.
Mr. Wyden has made clear that he intends to propose legislation to add safeguards for Americans' privacy in connection with commercially available location data. In a Senate speech this week, he denounced circumstances "in which the government, instead of getting an order, just goes out and purchases the private records of Americans from these sleazy and unregulated commercial data brokers who are simply above the law." He called the practice unacceptable and an intrusion on constitutional privacy rights. "The Fourth Amendment is not for sale," he said.
The disclosure sheds light on an emerging loophole in privacy law during the digital age: In a landmark 2018 ruling known as the Carpenter decision, the Supreme Court held that the Constitution requires the government to obtain a warrant to compel phone companies to turn over location data about their customers. But the government can instead buy similar data from a broker -- and does not believe it needs a warrant to do so. "D.I.A. does not construe the Carpenter decision to require a judicial warrant endorsing purchase or use of commercially available data for intelligence purposes," the agency memo said.
Mr. Wyden has made clear that he intends to propose legislation to add safeguards for Americans' privacy in connection with commercially available location data. In a Senate speech this week, he denounced circumstances "in which the government, instead of getting an order, just goes out and purchases the private records of Americans from these sleazy and unregulated commercial data brokers who are simply above the law." He called the practice unacceptable and an intrusion on constitutional privacy rights. "The Fourth Amendment is not for sale," he said.
Re: The Internet has stopped being useful. (Score:2)
If the telecoms give away the data voluntarily... (Score:4, Interesting)
The article says that according to the Supreme Court, the cops need a warrant to compel phone companies to hand over data. To keep them from giving away the data freely, you need another sort of law as well:
A prohibition on sharing private data with third parties. Then it would be illegal in the first place to sell the location data to a broker. Depending on how strict the rules are, it might also help to prevent things like the Facebook-Cambridge Analytica affair.
Semi-Offtopic:
The European GDPR is supposed to do something analogous in a broader sense. It has a few practical problems, but in general I think it is a step in the right direction.
It is also a headache for EU companies who want to store their data in a US Cloud service, and I hope it hurts plenty.
Re: (Score:3)
Re:If the telecoms give away the data voluntarily. (Score:5, Insightful)
Indeed.
The problem is not that the police are accessing commercial databases of location data.
The problem is that these databases exist.
Re: (Score:1)
+1, eminently correct. The creation of such databases, spanning so many people, over an extended period of time, is the real heart of the issue. Mass surveillance databases should not exist.
You don't need a week's worth of cell data to route a call to my phone. You need information on Right Now, and shouldn't be retaining anything.
"Once is happenstance. Twice is coincidence. Three times is enemy action." - Ian Fleming
Agreed. Also 5 times in two and half years (Score:2)
Agreed. Not that I know much about these databases.
It sounds creepy. Perhaps I should learn more.
I found this part of the summary quite interesting:
"Defense Intelligence Agency analysts have searched for the movements of Americans within a commercial database in five investigations over the past two and a half years"
I very much do not want the government tracking the population wholesale. In a country with over three hundred million people, once in a while there would be a good reason for DIA to need to kn
Quite the loophole.. (Score:1)
How difficult is it for a government to set up a company to haul in location data, to be used at will for "official" government agencies? null.
It is probable to assume this exists today, because this is rather easy to arrange.
It should be made illegal by law, if it isn't already, to broker such personal data.
Why? because it is unthinkable to obtain such data, as such data should be considered not existing in an investigation, criminal or not.
"Mr. Wyden has made
this is AMERICA! (Score:2)
Personal data should have a license. (Score:2)
This is where we're at now. I click through end-user licenses for countless things every day, but my most intimate details have no protection. I will gladly license my data in exchange for services, but I will not grant license to distribute without compensation.
I mean, if we've collectively decided that it's acceptable to accept a 10 page license agreement to pump gas, or start a car, then licensing of personal information is a no brainer. Problem solved.
YOU are the product (Score:2)
Obviously (Score:1)
Just a casual observation, maybe I'm wrong. The rise in big tech and their ability to collect information replaces and redirects all fallout from wikileaks and similar fiascoes. Big tech has investor approval and the government taking advantage via tax breaks and back patting has been obvious for several years. Was their ever any reason to not suspect this type of behavior was ensuing?
Not being aware of this is kind of like denying that Amazon was exhibiting monopolistic behavior when it sold books for less
They're not cops (Score:2)
Good, bad, or indifferent, you can't get far trying to invoke restrictions specific to cops on non-cops.
Should not need a warrant (Score:2)
This is no different than postcards vs. sealed mail. If you send something in an envelope, it is ILLEGAL for ANYBODY, including intelligence to open/read it. OTOH, if it is a postcard, then anybody can read it. Totally legal for any intel to look at it.
This is why I think that the west needs
Five? An excellent number (Score:2)
Sometimes things genuinely need to get done, where "process" is genuinely bad.
If they used this _five_ times over two and a half years -- that sounds like an _excellent_ number of times to side-step something that's overly burdensome in very few scenarios.
If this grows to five in 2021, and 50 in 2022, then we need to do something about it. At five, it's like how Amber Alerts were _meant_ to be used as opposed to how they _are_ used.
How can you buy stolen goods (Score:1)
without becoming part of the felony?
A warrant should be required for using the data (Score:2)
A warrant should be required for the government to look at or collect the data or pay others to do the same, regardless of it source.