Justice Dept. Uses Airplanes To Spy On Cellphones

US marshals hunt for suspects by flying over cities with technology that tricks cellphones on the ground into giving up their identification codes.
8 Robots Making Waves
8 Robots Making Waves
(Click image for larger view and slideshow.)

The US government has risen above the notion of sweeping up cellphone data in bulk from wireless network operators, but not in the way you might hope. Rather than score warrants to cull real-time data from carriers such as AT&T and Verizon, the US Marshals Service is going over the carriers' collective heads -- literally. The agency has put a device on small Cessna airplanes that fly at low altitude, mimicking cell towers and tricking cellphones on the ground into giving the government what it wants -- your identification and location.

This isn't some Orwellian nightmare, insists The Wall Street Journal. Citing multiple sources familiar with the government's programs, the Journal says the US Marshals Service (part of the Department of Justice) has been using this data collection method since 2007.

The planes are based at five metropolitan areas around the country, but together can reach most of the population. Each plane has a black box aboard that pretends to be a cell tower from the country's wireless network operators. Cellphones are led to believe it is the strongest cell tower around and connect to it automatically, because that's what they are programmed to do. The phones ping the device even when they aren't being used. Once identified, suspects' locations can be pinpointed to within about 10 feet, or a specific room inside a building. Each box can collect data from tens of thousands of phones from a single flight.

[No surprise: Americans Doubt They Can Protect Their Privacy.]

Digital Receiver Technology makes the black boxes, sometimes referred to as dirtboxes. DRT is a subsidiary of Boeing.

The Journal's sources wouldn't say how often the planes go up, nor how long they stay aloft, but they insist the program follows the letter of the law. The idea behind the program is to identify and locate suspected criminals and terrorists through their phones. The problem is that it identifies everyone in the area, not just the suspects. Once the suspected criminals are located, the device "releases" non-suspect phones. The device not only grabs identification data, but can also interrupt service, jam calls, and even snag data, such as photos and documents, from the phones in question. That spiffy new encryption baked into Android 5.0 Lollipop and iOS 8? Yeah, it doesn't provide any defense.

Verizon insisted it had no knowledge of the program and said its network plays no role. AT&T and Sprint declined to comment.

ACLU chief technologist Chris Soghoian said it's "a dragnet surveillance program. It's inexcusable and it's likely -- to the extent judges are authorizing it -- [that] they have no idea of the scale of it."

The program is similar to technology being used on the ground by the Federal Bureau of Investigation called a Stingray. The Stingrays are put in cars and sweep neighborhoods for suspects. Rather than collect data from tens of thousands of people at a time, like the airplane, the Stingray collects data from several hundred. Civil liberties groups have sued to gather more information about the Stingrays. You can be sure they're already drafting similar legal action to learn more about this plane-based program.

The government says this method is very effective at locating suspects, but it wouldn't elaborate on who it has caught. Apparently it is much quicker and more accurate than sifting through the live data generated by the network operators themselves.

The Justice Department didn't comment on the Journal's article.

This raises tons of questions. What are your thoughts?

Get the latest information to migrate your systems, services, and applications to the next level at Enterprise Connect. Cisco, Microsoft, Avaya, and Oracle will lead the keynote lineup, and thought leaders from enterprises and vendors will cover the full range of platforms, services, and applications that will simplify your migration to next-gen communications and collaboration systems. Register for Enterprise Connect with code DIWKWEB to save $100 off the early-bird rate. It happens in Orlando, Fla., March 16 to 19.

Editor's Choice
Brian T. Horowitz, Contributing Reporter
Samuel Greengard, Contributing Reporter
Nathan Eddy, Freelance Writer
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Cynthia Harvey, Freelance Journalist, InformationWeek
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing