Intelligence agencies everywhere wanted ways to monitor social media to see — and often stop — protests spreading. Even then, knowledge about what these companies were offering, and what the governments were using, was highly restricted. But in May , an intelligence contractor named Edward Snowden left for Hong Kong with a trove of top-secret material that detailed the N.
These revelations changed the conversation about electronic surveillance overnight. Few countries have the resources to build or buy a program like Prism, but they can afford the services of NSO Group. Lucas gave to Mr. Arnold, the former Booz Allen manager. In the fall of , an Ethiopian dissident who had been living in the United States for more than two decades opened an email attachment. The Word document, written in his native Amharic, admonished him for his political activities.
In reality, the document was the attack: an embedded macro — unseen bits of computer code — covertly installed a spyware program called FinSpy on his computer. The spyware, which is made by Gamma Group, an Anglo-German company, can record every keystroke, call or text on an infected device. For several months, according to security experts who later conducted a forensic analysis of his computer, his activity was sent back to a server in Ethiopia. The spyware transmitted dozens of his Skype and internet phone calls, copies of emails, and even swept up the web search history of his ninth-grade son.
He never knew this spyware was operating in the background of his computer until he was approached by Ms.
Trump likely target of pricey ‘Sting Ray’ cell-phone surveillance devices found near White House
Galperin of the Electronic Frontier Foundation, who suspected he was being monitored. In , the foundation sued the Ethiopian government for illegal wiretapping on behalf of the dissident, an American-Ethiopian dual citizen. The goal of the suit, according to Ms. Galperin, was to set a legal precedent that could be used to place limits on the spyware market. Unconvinced that new export regulations would work, Ms. Galperin and her team hoped that the American court system could. They lost the suit. But Ms. Galperin still believes the legal system offers one of the best tools for holding people and governments accountable for spying.
Around the same time, momentum was building in calls for further regulation of the private spy industry. The mounting outrage over these sorts of sales increased support for reforms proposed by Britain and France to the Wassenaar Arrangement , the pact signed by more than 40 countries, including the United States, that helps determine what sort of dual-use and weapons technologies are regulated.
Among the new proposals was an attempt to include surveillance technology, such as spyware, in that pact. In the United States, this translated initially into a proposal to require export licenses for surveillance software. So far, no one has come up with a good solution for how to regulate this industry.
At a recent arms show in Abu Dhabi, WiSpear, a surveillance company, was openly advertising a mobile surveillance system fit for a Hollywood villain: a black van equipped with a suite of equipment that the company claims can spy on a phone several hundred meters away. Customers can also buy a drone to hack phones.
Sign up for our limited-run newsletter.
Mobile Phones - The New York Times
Even those who work in cybersecurity believe the industry requires oversight. But what to do is another question. Snowden, whose revelations helped shine light on the technology that fuels this market, offers a radical proposal: ban private spyware. Officials at the time said surveillance video and receipts for suspicious purchases helped identify him.
Officers who have used the warrants said they showed promise in finding suspects as well as witnesses who may have been near the crime without realizing it. The searches may also be valuable in cold cases. A warrant last year in Florida, for example, sought information on a murder from A Florida Department of Law Enforcement spokeswoman declined to comment on whether the data was helpful. In a home invasion in Minnesota, for example, Google data showed a phone taking the path of the likely intruder, according to a news report and police documents. But detectives also cited other leads, including a confidential informant, in developing suspects.
Four people were charged in federal court. According to several current and former Google employees, the Sensorvault database was not designed for the needs of law enforcement, raising questions about its accuracy in some situations. Edens, the California intelligence analyst.
The Supreme Court’s Biggest Decisions in 2018
And even if a location is recorded every few minutes, that may not coincide with a shooting or an assault. The Google unit handling the requests has struggled to keep up, so it can take weeks or months for a response. In the Arizona investigation, police received data six months after sending the warrant. In a different Minnesota case this fall, it came in four weeks. Location data is a lucrative business — and Google is by far the biggest player, propelled largely by its Android phones.
In , the company introduced Location History , a feature for users who wanted to see where they had been. Sensorvault stores information on anyone who has opted in, allowing regular collection of data from GPS signals, cellphone towers, nearby Wi-Fi devices and Bluetooth beacons. People who turn on the feature can see a timeline of their activity and get recommendations based on it.
Google apps prompt users to enable Location History for things like traffic alerts. Information in the database is held indefinitely, unless the user deletes it.
- Chinese border guards put secret surveillance app on tourists' phones | World news | The Guardian;
- hack iphone 6s Plus to spy on girlfriend.
- iphone catch my cheating boyfriend spy?
- gps track your phone.
Ernsdorff, the Washington State prosecutor, adding that if companies were collecting data, law enforcement should be able to obtain a court order to use it. Current and former Google employees said they were surprised by the warrants. Brian McClendon, who led the development of Google Maps and related products until , said he and other engineers had assumed the police would seek data only on specific people.
The practice raises novel legal issues, according to Orin Kerr, a law professor at the University of Southern California and an expert on criminal law in the digital age. One concern: the privacy of innocent people scooped up in these searches. Several law enforcement officials said the information remained sealed in their jurisdictions but not in every state. In Minnesota, for example, the name of an innocent man was released to a local journalist after it became part of the police record. Investigators had his information because he was within feet of a burglary.
Reached by a reporter, the man said he was surprised about the release of his data and thought he might have appeared because he was a cabdriver.
These searches also raise constitutional questions. The Fourth Amendment says a warrant must request a limited search and establish probable cause that evidence related to a crime will be found. Warrants reviewed by The Times frequently established probable cause by explaining that most Americans owned cellphones and that Google held location data on many of these phones.
The areas they targeted ranged from single buildings to multiple blocks, and most sought data over a few hours. In the Austin case, warrants covered several dozen houses around each bombing location, for times ranging from 12 hours to a week. Google responds to those orders, but Mr. Kerr said it was unclear whether multistep warrants should pass legal muster. Some jurisdictions require investigators to return to a judge and obtain a second warrant before getting identifying information. With another warrant, investigators can obtain more extensive data, including months of location patterns and even emails.
Those reviews will begin with those now before the court, verdicts linked to people currently serving prison sentences and cases brought by defense lawyers, the Justice Ministry said in a letter to Parliament.
Your Apps Know Where You Were Last Night, and They’re Not Keeping It Secret
A spokesman for the director of public prosecutions said that Denmark was informing the European authorities about the errors, but that he was not aware of any implications for trials or investigations in other countries. The idea that the data errors might have led to incorrect prosecutions in Denmark is unsettling, said Mikael Sjoberg, the head of the Association of Danish Judges. It will take some effort to re-establish the trustworthiness of such data in court, said Mr.