No More Warrantless Cellphone Tracking for the Feds

The new Justice Department regulations will prevent its agents from monitoring phones without a warrant, but will not apply to state and local law enforcement.

Luca Bruno / AP

The Justice De­part­ment said Thursday it will re­quire its law-en­force­ment agents to get a war­rant be­fore us­ing tech­no­logy that tracks the loc­a­tion of cellphone users by pos­ing as cell­phone towers.

The cellphone-track­ing tech­no­logy, which sweeps up identi­fy­ing in­form­a­tion from every mo­bile device with­in range in or­der to find a tar­get device’s loc­a­tion, has been met with cri­ti­cism from pri­vacy ad­voc­ates who have raised con­cerns about the wide­spread data col­lec­tion it makes pos­sible.

Some­times called Stin­grays after a pop­u­lar mod­el used by law en­force­ment, the cell-site sim­u­lat­ors op­er­ate by mimick­ing a cell­phone tower and es­tab­lish­ing connec­tions with nearby devices search­ing for a cell sig­nal. When devices connect to the sim­u­lat­or, they trans­mit identi­fy­ing informa­tion. Po­lice can single out a device and use the direc­tion and strength of the sig­nal to ac­quire its location.

The Justice De­part­ment has his­tor­ic­ally re­mained highly se­cret­ive about the tech­no­logy, of­ten push­ing state and loc­al po­lice to stay si­lent about their us­age of the sim­u­lat­ors.

Stin­grays do not re­ceive GPS in­form­a­tion, and may not be used to in­ter­cept commu­nic­a­tion to and from mo­bile devices, or the data stored on them, according to the Justice De­part­ment.

In ad­di­tion to re­quir­ing war­rants, the de­part­ment also set data-re­ten­tion and deletion stand­ards, stip­u­lat­ing that all data must be de­leted once the tar­get of the cel­lu­lar sur­veil­lance has been iden­ti­fied and set­ting up audit­ing pro­grams to make sure the de­le­tion stand­ards are fol­lowed.

The policy ap­plies to Justice De­part­ment law en­force­ment only, and does not ex­tend to state and loc­al po­lice. Ac­cord­ing to re­cords ob­tained by the Amer­ic­an Civil Liber­ties Uni­on, 53 agen­cies in 21 states and the Dis­trict of Columbia own and op­er­ate Stin­grays.

Pri­vacy ad­voc­ates hailed the an­nounce­ment as a con­struct­ive step, but poin­ted out loop­holes and short­com­ings in the policy.

“Dis­turb­ingly, the policy does not ap­ply to oth­er fed­er­al agen­cies or the many state and loc­al po­lice de­part­ments that have re­ceived fed­er­al funds to pur­chase these devices,” said Nath­an Freed Wessler, an ACLU staff at­tor­ney, in a Thursday state­ment. “In ad­di­tion, the guid­ance leaves the door open to warrantless use of Stin­grays in un­defined ‘ex­cep­tion­al cir­cum­stances,” while permit­ting re­ten­tion of in­no­cent-bystand­er data for up to 30 days in cer­tain cases.”

Ad­voc­ates are push­ing for le­gis­la­tion to re­quire all law en­force­ment to ob­tain war­rants for cell-site track­ing tech­no­logy. Pro­pos­als from Senator Ron Wyden, and Representatives Jason Chaf­fetz and Dar­rell Issa, would re­quire every po­lice de­part­ment to ap­ply for war­rants be­fore us­ing a sim­u­lat­or.