United States law enforcement agencies are requesting user information such as "text messages, caller locations and other information" at an alarming rate—at least 1.3 million requests last year alone—according to cellular carriers.
This is our new age of digital law enforcement: The cops are coming for your cell phones, and the law is too dumb to stop them.
Over the past five years, Verizon has seen the number of requests increase by 15 percent a year, coming to 260,000 in 2011. AT&T alone has seen the number of requests triple, ballooning to over 700 per day. Under normal circumstances, a subpoena can net your basic account info like your name, address, and credit card number, which is bad enough. Beyond that, law enforcement needs a court order or a warrant to frack your texts, calls, and locations. But 230 of those 700 daily requests that AT&T is fielding are designated emergencies, which circumvent the typical court order process. Emergencies, as noted in Verizon's letter to Representative Edward J. Markey, are supposed to involve "danger of death or serious physical injury."
AT&T notes that the number of requests, assuming each was for a different customer, affected approximately 0.25 percent of its 100 million customers. That figure is supposed to seem small, but it's still about a quarter million, or 1 in 400. Here's AT&T's breakdown of the number of requests, by type:
And that's not all. The 1.3 million figure from last year is probably on the low end, since records are incomplete for these types of requests. Also, certain types of requests, like a cell tower "dump" looking for who was near a certain tower at a certain time, can return "hundreds or even thousands" of names to police. The process is common enough to become its own branch within carriers:
To handle the demands, most cell carriers reported employing large teams of in-house lawyers, data technicians, phone "cloning specialists" and others around the clock to take requests from law enforcement agencies, review the legality and provide the data.
And are customers ever alerted that their data has been tracked, unless it turns up as evidence? Certainly not during an ongoing investigation, or from a tower dump. But wouldn't it make sense for there to be a cutoff date where customers must be alerted? (We've reached out to carriers about their practices regarding this.)
While Fourth Amendment rights for many types of inquiries have decades, even centuries of legal precedent to fall back on, digital information still seems to be a wild west of blanket searches and "digital dragnets." And everyone seems to be getting it wrong. The Times notes that the FBI has come under fire for using emergency requests improperly, and carriers who cooperated with the Bush administration's secret counterterrorism eavesdropping were sued. Add the fact that antiquated document laws make your digital records much more easily attainable after six months—because clearly you don't want them if you've left them lying around for so long—and the whole system seems like an innavigable anachronism.
We forget this, but communication has become massively more sophisticated in a relatively minuscule amount of time. That progress has been put to both good and stupid use, but it's also allowed for not just better criminal infrastructure (all of whom have probably watched The Wire), but new and more creative ways for criminals to incriminate themselves. Just look at WTFriday from week to week. And while no one expects law enforcement to fight digital communication brush fires with a fire brigade pail line, we need a system in place that makes sense in the here and now.
We're past the point where cops are too dumb to keep up with us digitally. They're onto us, and the situation's tick-tocked to the scary phase where law has no applicable mechanisms to handle law enforcement ransacking our data. Until the carriers or the courts step up, your only course of action is to start making iPhone-sized tin foil hats. [NY Times]