Agencies collected data on Americans’ cellphone use in thousands of ‘tower dumps’
By Ellen Nakashima,
Federal, state and local law enforcement agencies conducting criminal investigations collected data on cellphone activity thousands of times last year, with each request to a phone company yielding hundreds or thousands of phone numbers of innocent Americans along with those of potential suspects.
Law enforcement made more than 9,000 requests last year for what are called “tower dumps,” information on all the calls that bounced off a cellphone tower within a certain period of time, usually two or more hours, a congressional inquiry has revealed.
The little-known practice has raised concerns among federal judges, lawmakers and privacy advocates who question the harvesting of massive amounts of data on people suspected of no crime in order to try to locate a criminal. Data linked to specific cell towers can be used to track people’s movements.
The inquiry, by Sen. Edward J. Markey (D-Mass.), into law enforcement’s use of cellphone data comes amid growing scrutiny of the bulk collection of geolocation data overseas and of Americans’ phone records in the United States by the National Security Agency.
Tower dumps raise in the law enforcement context some of the same concerns presented by the NSA’s mass collection of phone records without a warrant, when large amounts of data on law-abiding citizens are gathered to find clues about a small number of suspects, privacy advocates and some industry lawyers say. But unlike the NSA collection, which is bound by court-imposed rules on retention and use, the standards for obtaining tower data and the limits on its use by a plethora of agencies are inconsistent and unclear.
“This isn’t the NSA asking for information,” said Markey, who is planning to introduce legislation this month to restrict law enforcement’s use of consumers’ phone data, including ensuring that tower dumps are narrowly focused. “It’s your neighborhood police department requesting your mobile phone data. So there are serious questions about how law enforcement handles the information of innocent people swept up in these digital dragnets.”
Markey’s investigation, based on a survey of eight U.S. phone companies, has also revealed that carriers, following requests from law enforcement agencies, are providing a range of other records as well. Those include GPS location data, Web site addresses and, in some cases, the search terms Americans have entered into their cellphones.
Markey’s legislation, which does not focus on NSA or other intelligence agencies’ programs, would require a warrant to obtain GPS location data, impose limits on how long carriers can keep customers’ phone data, and mandate routine disclosures by law enforcement agencies on the nature and volume of requests they make of carriers. The proposal would not require a warrant for tower dumps.
Markey is pushing for standardized rules on law enforcement’s use of cellphone data, which has come under question in the courts. One federal judge this year, in a rare public ruling, required a warrant for tower dumps. The judge also ordered the prosecutor to destroy non-
relevant data and — in an unprecedented move — to notify all non-suspects that their records had been collected.
Some companies Markey surveyed did not provide full responses. But in general, the survey reflects a greater reliance on cellphone data of all types, including text messages and call histories, by law enforcement.
“The industry as a whole in recent years experienced a substantial increase in these demands: the number of requests to Verizon Wireless has approximately doubled in the last five years, a trend that appears to be consistent with the industry in general,” the company’s general counsel, William B. Petersen, said in a letter to Markey.
Civil liberties advocates are alarmed.
“Tower dumps violate the privacy of hundreds or thousands of innocent people at a time, most of whom will never learn their location information was obtained by the government in order to find the proverbial needle in the haystack,” said Christopher Soghoian, principal technologist at the American Civil Liberties Union.
Following a digital trail
According to the industry, there are 330 million cellphones in use in the United States. Americans are texting, calling and moving about with devices that track their locations and enable them to surf the Internet. Those actions leave digital trails that companies log for business or technical reasons — and that can be invaluable for investigators on the trail of a murderer or a bank robber.
“Location information is a vital component of law enforcement investigations at the federal, state and local levels,” FBI spokesman Christopher Allen said.
A senior Justice Department official, who was not authorized to talk on the record and so spoke on the condition of anonymity, said: “The data is useful if you think about the need to identify the location of drug traffickers — where are they at various points in their criminal dealings? It would be useful if you have a shooting by gang members. How do you figure who was at the scene of the shooting?”
In one notable instance, the FBI in 2010 located two bank robbers in Arizona, whom prosecutors had dubbed the “High Country Bandits,” through the use of tower dumps. The men had robbed 16 banks at gunpoint in Arizona, New Mexico, Colorado and Utah.
Investigators traced the trail of the robbers by analyzing cellphone records from the towers closest to four of the more remote Arizona banks. “Investigators believed it would be extremely unusual for a cellphone number to appear on two or more” of the towers servicing the areas of the banks on the robbery dates, according to an FBI special agent in a March 2010 criminal complaint.
The FBI received more than 150,000 phone numbers in the dump, according to the complaint. Its analysis turned up only one number that bounced off the towers on the dates of three of the robberies. That number belonged to one of the robbers.
One former federal prosecutor familiar with the practice said federal agents make requests “a few dozen” times a year, typically in bank robbery cases. The vast majority of requests are made by state and local police agencies. Sprint, for instance, reported that it had provided tower dumps to agencies 6,000 times last year.
Some companies have fought to narrow the requests. One industry lawyer said his company fought an order that sought dumps from “any cell towers” that served a particular address for a 13-hour period. “We’re worried that we’re being asked a lot to give away all this data,” said the lawyer, who was not authorized to speak on the record and so talked on the condition of anonymity. “We just think the law is being exploited.”
Warrants not always needed
In general, the data may be obtained with a showing to a judge that it is relevant and material to a criminal investigation based on a 1986 statute, the Electronic Communications Privacy Act. That is a lower standard than for a warrant, which is based on probable cause that the data will yield evidence of a crime.
The senior Justice Department official said a warrant is not required because the Supreme Court has held that Americans have no expectation of privacy in “dialing” data, such as the phone numbers they called. That is information given to the phone company by the customer, and the court has held that it is not protected by the Fourth Amendment, he said.
But privacy advocates and some industry lawyers are increasingly questioning the applicability of court rulings that predate the digital explosion, which has enabled mass collection of data.
In May, a federal magistrate judge in Texas insisted on a warrant for a tower dump that he said would have applied to 77 towers in a four-mile radius in a five-minute period, yielding “hundreds or even thousands of telephone numbers.”
“The cell-site location records at issue here currently enable the tracking of the vast majority of Americans,” wrote Brian L. Owsley, a federal magistrate judge in the Southern District of Texas, in an opinion denying the original request. “Thus, the collection of cell-site location records effectively enables ‘mass’ or ‘wholesale’ electronic surveillance, and raises greater Fourth Amendment concerns than a single electronically surveilled car trip.”
Another concern is how long the data are kept. Allen, the FBI spokesman, said that “the FBI only collects and maintains information that has investigative value and relevance to a case.” That could be indefinitely, former U.S. officials said.
The D.C. police department said it sometimes uses such data but does not keep them. Other jurisdictions, including Fairfax and Prince George’s counties, declined to comment on their retention practices.
According to industry officials, prosecutors are asking more often for groups of Internet protocol, or IP, addresses for people who have viewed a video or a photo or logged into a Web site.
According to Markey’s investigation, AT&T and T-Mobile are providing Web site addresses, which can include search-term data, to law enforcement. AT&T says it requires a court order. T-Mobile says it requires a warrant.
Verizon Wireless reported that it does not provide real-time GPS location data to law enforcement agencies but that it does provide near-real-time data on calls and text messages once they’re made, spokeswoman Debra Lewis said.
Cecilia Kang contributed to this report.