The state of Massachusetts has enforced the requirement for police officers to obtain a warrant before accessing GPs and real-time smartphone location data.
Highlighted by the release of thousands of confidential US National Security Agency (NSA) documents to the media in 2013 by whistleblower and former NSA contractor Edward Snowden, the mass surveillance activities of US law enforcement is of concern.
One particular program, the bulk collection of phone metadata, phone call, and text records, raised the ire of citizens and the outrage of privacy advocates worldwide.
The NSA took the brunt of the criticism and the storm which followed prompted citizens to adopt privacy-conscious services — such as virtual private networks (VPNs) and encrypted messaging systems — as well as vendors to implement end-to-end encryption across communication services.
The US intelligence agency has now, years later, proposed that the Trump Administration drop the controversial program due to logistics and both legal and compliance issues which are seen to outweigh intelligence benefits.
In the meantime, US law enforcement in various states has been pushing the boundaries as to what is acceptable when it comes to data requests from ISPs, technology vendors, and phone companies.
Aside from encryption cracking attempts and the use of fake profiles across social media for spying purposes, law enforcement also may attempt to gain access to citizen GPS and real-time location data from mobile devices during investigations.
In one well-publicized case, Commonwealth of Massachusetts v. Almonor, the police requested that a phone carrier “ping” a murder suspect’s device, which in turn, gave law enforcement access to GPS and the coordinates of the smartphone.
See also: Facebook asked to clamp down on cops creating fake accounts
The suspect was then tracked to a private home.
In this case, law enforcement argued that it was perfectly acceptable to use this data to find someone as long as the information was less than six hours old. A trial court disagreed and an appeal was lodged.
The Electronic Frontier Foundation (EFF), a non-profit privacy and rights group, then filed an amicus brief together with the ACLU and the Massachusetts Association of Criminal Defense Lawyers.
The EFF argued that as mobile devices have become such a central hub in our daily lives — for managing our communications, work, and finances — as well as becoming products we are now rarely without, police agencies should have to obtain a warrant to access information relating to them.
The Massachusetts Supreme Judicial Court agreed, saying that “by causing the defendant’s cell phone to reveal its real-time location, the Commonwealth intruded on the defendant’s reasonable expectation of privacy in the real-time location of his cell phone.”
TechRepublic: How to build trust in cybersecurity among your employees
In addition, the court said that “society’s expectation has been that law enforcement could not secretly and instantly identify a person’s real-time physical location at will,” and “allowing law enforcement to immediately locate an individual whose whereabouts were previously unknown by compelling that individual’s cell phone to reveal its location contravenes that expectation.”
The EFF has been pleased by the decision and believes that law enforcement “pinging” mobile devices via telecom firms is arguably unacceptable manipulation — as these vendors would not naturally do so as during normal business practice.
Such side-steps paved the way for police to access this data without the need for a warrant, but that does not mean that technicalities of this nature are deemed socially acceptable and permissible.
CNET: Facebook’s privacy woes have a price tag: $3 billion or more
“We’re heartened that the Massachusetts court took these issues seriously and made clear that the police must get a warrant, whether they access historical cell phone location data or whether they cause a phone to send its real-time location,” the EFF added.
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0
Credit: Source link