Feeds

Court limits in-car FBI spying

But only because it crippled some safety features

  • alert
  • submit to reddit

Next gen security for virtualised datacentres

An appeals court this week put the brakes on an FBI surveillance technique that turns an automobile driver's on-board vehicle navigation system into a covert eavesdropping device, after finding that the spying effectively disables the system's emergency and roadside assistance features.

The case arose from a 2001 FBI surveillance operation in Las Vegas, in which agents obtained a court order compelling a telematics company to secretly activate the stolen vehicle recovery feature in a customer's car. The feature, designed to listen-in on car thieves as they cruise around in a stolen auto, turns on a dashboard microphone and pipes conversations out over a cellphone connection - normally to the company's response center, but in this case to an FBI listening pos0t.

After initially complying for 30 days, the company asked a federal judge to block the order. It lost, and filed the appeal with 9th U.S. Circuit Court of Appeals while complying with the order. The proceeding were handled in strict secrecy, and the text of the final ruling omits the name of the company. Geri Lama, a spokesperson for General Motors subsidiary OnStar, says it wasn't them.

Court records strongly point to OnStar's Texas-based competitor ATX Technologies, which makes the "Tele Aid" systems used in Mercedes vehicles: the description fits the Tele Aid systems, and the Dallas-based attorney listed as arguing the appeal is also representing ATX in unrelated civil litigation in Texas. ATX spokesman Gary Wallace said he couldn't immediately comment.

Emergency Services Blocked

Under federal law, the FBI can obtain court orders compelling telecommunications companies, ISPs, landlords and others to assist the Bureau in spying on customers. But the law requires that surveillance in such cases be conducted "unobtrusively and with a minimum of interference with the services" provided by the company. With the navigation system's cellular link dedicated full time to eavesdropping, the system had no way to communicate with the company's response center if the roadside assistance or emergency reporting features were activated, according to the court's split 2-1 decision.

"Pressing the emergency button and activation of the car's airbags, instead of automatically contacting the Company, would simply emit a tone over the already open phone line," the majority wrote. "[T]he FBI, however well-intentioned, is not in the business of providing emergency road services, and might well have better things to do when listening in than respond with such services... The result was that the Company could no longer supply any of the various services it had promised its customer, including assurance of response in an emergency."

The decision, released Tuesday, is only binding in the 9th Circuit, which covers eight western U.S. states and Hawaii. Other federal circuits have not addressed the issue.

Despite the reversal, David Sobel, an attorney with the Electronic Privacy Information Center, says the ruling is not a victory for privacy. "Although the bottom line is that the surveillance order was rejected, the real effect of it is that this kind of monitoring is permissible as long it does not interfere with the service," says Sobel. "It underscores the fact that it's becoming increasingly difficult to escape the reach of surveillance capabilities."

Copyright ©

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
prev story

Whitepapers

Best practices for enterprise data
Discussing how technology providers have innovated in order to solve new challenges, creating a new framework for enterprise data.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?