Feeds

Court limits in-car FBI spying

But only because it crippled some safety features

  • alert
  • submit to reddit

The Essential Guide to IT Transformation

An appeals court this week put the brakes on an FBI surveillance technique that turns an automobile driver's on-board vehicle navigation system into a covert eavesdropping device, after finding that the spying effectively disables the system's emergency and roadside assistance features.

The case arose from a 2001 FBI surveillance operation in Las Vegas, in which agents obtained a court order compelling a telematics company to secretly activate the stolen vehicle recovery feature in a customer's car. The feature, designed to listen-in on car thieves as they cruise around in a stolen auto, turns on a dashboard microphone and pipes conversations out over a cellphone connection - normally to the company's response center, but in this case to an FBI listening pos0t.

After initially complying for 30 days, the company asked a federal judge to block the order. It lost, and filed the appeal with 9th U.S. Circuit Court of Appeals while complying with the order. The proceeding were handled in strict secrecy, and the text of the final ruling omits the name of the company. Geri Lama, a spokesperson for General Motors subsidiary OnStar, says it wasn't them.

Court records strongly point to OnStar's Texas-based competitor ATX Technologies, which makes the "Tele Aid" systems used in Mercedes vehicles: the description fits the Tele Aid systems, and the Dallas-based attorney listed as arguing the appeal is also representing ATX in unrelated civil litigation in Texas. ATX spokesman Gary Wallace said he couldn't immediately comment.

Emergency Services Blocked

Under federal law, the FBI can obtain court orders compelling telecommunications companies, ISPs, landlords and others to assist the Bureau in spying on customers. But the law requires that surveillance in such cases be conducted "unobtrusively and with a minimum of interference with the services" provided by the company. With the navigation system's cellular link dedicated full time to eavesdropping, the system had no way to communicate with the company's response center if the roadside assistance or emergency reporting features were activated, according to the court's split 2-1 decision.

"Pressing the emergency button and activation of the car's airbags, instead of automatically contacting the Company, would simply emit a tone over the already open phone line," the majority wrote. "[T]he FBI, however well-intentioned, is not in the business of providing emergency road services, and might well have better things to do when listening in than respond with such services... The result was that the Company could no longer supply any of the various services it had promised its customer, including assurance of response in an emergency."

The decision, released Tuesday, is only binding in the 9th Circuit, which covers eight western U.S. states and Hawaii. Other federal circuits have not addressed the issue.

Despite the reversal, David Sobel, an attorney with the Electronic Privacy Information Center, says the ruling is not a victory for privacy. "Although the bottom line is that the surveillance order was rejected, the real effect of it is that this kind of monitoring is permissible as long it does not interfere with the service," says Sobel. "It underscores the fact that it's becoming increasingly difficult to escape the reach of surveillance capabilities."

Copyright ©

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.