AS LONG as your mobile phone is on, your wireless carrier keeps track of your location. It’s relatively easy, technologically and legally, for law enforcement to obtain and sort through phone companies’ so-called geolocation records. State and local police — not just federal officials — are collecting these records in investigations that have nothing to do with national security, the domain in which debates on surveillance have occurred lately.
A Gannett investigation published last week examined 125 law-enforcement agencies in 33 states and found that a quarter have conducted a “tower dump,” in which they demand that phone companies surrender all the records of phone activity collected from a particular cell tower or two over a given, usually brief, period of time. Those records do not contain the content of phone conversations — police need a search warrant for that — but they do include location information — which police can usually obtain by meeting a lower legal standard. According to a separate congressional survey of eight telecommunications firms, law enforcement agents across the country requested more than 9,000 tower dumps last year.
The theory is that police will narrow in on a suspect and ignore the rest of the information. Law enforcement officials say that ready access to these records is a valuable asset in criminal investigations. In 2010, The Post’s Ellen Nakashima noted , the FBI used tower dumps to track a group of serial bank robbers; of the thousands of phone numbers interacting with the cell towers nearest several robbery locations, only one showed up at every site — the perps’.
Critics admit that new technologies have handed law enforcement useful surveillance tools. But they rightly argue that protections against misuse haven’t kept up. A decades-old distinction between communications content, which boasts strong legal protections, and phone records, which do not, is less comforting now that law enforcement can easily collect and analyze new sorts of records, such as location data, in invasive ways. It used to take many officers to tail a suspect continuously — a big commitment of resources that protected against the over-collection and misuse of information. Now, with the right order in hand, all it takes is a visit with the phone company.
Lawmakers — state and federal — should draw new lines. Some have already proposed requiring a warrant for geolocation data. It’s worth debating under which circumstances that might make sense; for example, long-term tracking, whether of individual suspects or lots of people using the same cell tower, would be a good candidate for a higher legal standard. Other proposals include requiring that geolocation requests be as narrowly tailored as possible, with clear explanations for their requested scope. Requirements should not be too burdensome in emergency situations — following a kidnapping, say. But law enforcement officers could be required to produce a reviewable, after-the-fact document explaining why they invoked emergency powers.
Most important is to prevent the misuse of innocent Americans’ location records caught up in any dragnet search. There should be strict procedures on handling and retaining tower-dump information; anything irrelevant to a bona-fide investigation should be ignored and then discarded. Once police find the needle, they shouldn’t go searching through the rest of the haystack.