Feeds

US cops blew more than $26m buying 1.1m cell phone files from telcos

And you thought your data plan was pricy

Internet Security Threat Report 2014

An investigation by Senator Edward Markey (D-MA) into the monitoring of cellphones has found that US police paid telecommunications companies more than $26m to hand over location information, metadata, and sometimes the content of their customers' messages to cops in the US last year.

Senator Markey sent letters to the major US mobile providers asking how they handled requests from law enforcement, and found that last year telcos passed over 1.1 million records about customers to federal, state, and local law enforcement officials. For this cooperation T-Mobile banked about $11m, with Verizon bagging a little under $5m, and AT&T getting "approximately $10,298,000" in fees.

"Have no doubt, police see our mobile devices as the go-to source for information, likely in part because of the lack of privacy protections afforded by the law," said Christopher Calabrese, legislative counsel at the ACLU’s Washington Legislative Office.

"Our mobile devices quite literally store our most intimate thoughts as well as the details of our personal lives. The idea that police can obtain such a rich treasure trove of data about any one of us without appropriate judicial oversight should send shivers down our spines."

While the total number of customers investigated by the police appears to have dropped from the 1.3 million records requests Markey noted in 2011, last year's figures are underreported, he said, since Sprint declined to provide numbers on the grounds that it depended on how you counted such requests.

Markey also said the police requested more than 9,000 dumps of cell tower data in which every mobile in range of a base station is logged, warning this could mean tens of thousands more Americans were surveilled.

"As law enforcement uses new technology to protect the public from harm, we also must protect the information of innocent Americans from misuse," said Senator Markey, a member of the Commerce, Science and Transportation Committee.

"Disclosure of personal information from wireless devices raises significant legal and privacy concerns, particularly for innocent consumers. That is why I plan to introduce legislation so that Americans can have confidence that their information is protected and standards are in place for the retention and disposal of this sensitive data."

Worryingly, telcos also seem happy to hand over the content of some messages on very limited pretexts. AT&T shares stored texts or voicemails older than 180 days old with a subpoena, while Verizon requires a warrant for disclosing text messages, but not necessarily for voicemails. T-Mobile requires a warrant for both text and voicemail messages.

"We need a 4th amendment for the 21st century," Markey said. "If the police want to know where you are, we should know why. When law enforcement access location information, it as sensitive and personal as searching an individual's home and should be treated commensurately." ®

Beginner's guide to SSL certificates

More from The Register

next story
Bladerunner sequel might actually be good. Harrison Ford is in it
Go ahead, you're all clear, kid... Sorry, wrong film
Euro Parliament VOTES to BREAK UP GOOGLE. Er, OK then
It CANNA do it, captain.They DON'T have the POWER!
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
Forget Hillary, HP's ex CARLY FIORINA 'wants to be next US Prez'
Former CEO has political ambitions again, according to Washington DC sources
prev story

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.