Is Your Cellphone Under Surveillance?

CREDIT: Faraways / Shutterstock.com View full size image

Don't assume that just because you're not a criminal, law enforcement doesn't know where you are or who you're talking to.

If you have been anywhere near someone who has been named in an investigation, a history of your whereabouts, pulled from geolocation data provided by your wireless carrier, could be in the hands of authorities.

"If you're innocent, you don't have anything to worry about, is a common justification," Alan Butler, privacy advocate with the Electronic Privacy Information Center (EPIC), told TechNewsDaily. "That's simply not sufficient."

This week Congressman Edward J. Markey (D-Mass) released the first report documenting the number and types of requests made to wireless carriers by law enforcement. In 2011, federal, state and local law enforcement agencies made more than 1.3 million requests of wireless carriers for for customer data, an annual increase of 15 percent each year since 2007.

Butler points out two big problems. As required by law, carriers complied with wiretapping requests — turning over phone records, text messages and geolocation information. However, the standard for obtaining a person's location-based data is lower than for other data, which requires a warrant. In other words, it's much easier for law enforcement to find out where you were than to read your text messages. Further, authorities can obtain the location history of anyone who has associated with an individual related to an investigation. Say you ran into an old friend at the grocery store who just happened to be a possible witness to a crime — oops, there goes your data.

['Girls Around Me' — Unexpected Consequences of Sharing Data]

Laws passed in the 1980s, such as the Electronic Communications Privacy Act of 1986, have not kept up with technology and need to be updated with safeguards, Butler said. EPIC recently filed briefs in the New Jersey Supreme Court arguing that disclosure of historical and real-time cell phone location information violates a reasonable expectation of privacy and thus requires a warrant under the Fourth Amendment. This amendment protects citizens against unlawful searches and seizures.

About 15 percent of the requests made by law enforcement were denied by carriers' review teams, mostly because of insufficient or improper paperwork. Of the top four wireless providers, only T-Mobile said it had identified "misuse of cell phone tracking by authorities," in response to Markey's probe. T-Mobile referred two cases of misuse to the FBI. 

T-Mobile said it had also seen several instances in which people posed as police officers to get customer records. These requests were denied. Despite all being larger than T-Mobile, AT&T, Verizon and Sprint said they had never seen misuse by authorities or people posing as authorities.

The second problem involves many more people — and you could easily be one of them. Some of the requests by law enforcement were for "cell tower dumps," in which carriers provide all the phone numbers of cell users connected with a specified tower during a certain timeframe — suspects and regular folks alike.

“Law enforcement agencies are looking for a needle, but what are they doing with the haystack?" Rep. Markey said in a statement.

Butler agreed. "Each request could cover tens of thousands of unquestionably innocent people," he said. "And what companies and law enforcement do with the data remains unclear."

Companies should promptly remove any collected data that's not relevant or necessary, Butler said. Wireless companies have varying data retention policies. For instance, Cricket retains data for a particularly short period compared to others.

But there is no policy that covers how law enforcement uses and stores the data it receives from carriers, or how long it retains the information.

"As more people switch to all-time cell phone use," Butler said. "They need to realize that it  comes with a cost to their privacy."

This story was provided by TechNewsDaily, a sister site to LiveScience.