By George Bedell
How do you feel about the NSA collecting your phone records? If it doesn’t bother you, don’t read any further. Another law enforcement practice that may be overstepping the Fourth Amendment is drawing attention. Many local law enforcement agencies have begun using International Mobile Subscriber Identity (IMSI) catchers to locate cellphones. When an IMSI is active, it collects the data from every cellphone in range.
According to the ACLU, ISMI devices have been sold to at least 48 law enforcement agencies in 20 states and the District of Columbia. Harris Corporation manufacturers the IMSI devices, which it has sold as StingRay, Kingfisher, and Triggerfish. When activated, a StingRay mimics a cellphone tower, which prompts cellphones to transmit information to the StingRay that identifies the particular phone. Unlike a pen register or trap-and-trace device, which is dedicated to an individual phone line, the StingRay prompts every active cellphone in range to provide its identifying information. In addition to identifying information, the StingRay collects traffic data (i.e. texts, numbers called, emails). The StingRay’s range can be several miles, so it can collect information from scores of phones in heavily populated areas.
In 2013, Investigator Christopher Corbitt of the Tallahassee Police Department testified that the department had used an IMSI device “200 or more times.” After Corbitt’s testimony in the prosecution of a charge of robbery with a deadly weapon, the State Attorney’s Office offered one defendant a plea to a second-degree misdemeanor rather than disclosing additional information about how StingRays operate. The Washington Post reported that during an appeal of a separate Tallahassee Police Department case, it came out that the department used StingRays 200 times without obtaining warrants. However, at 4,300 uses of StingRays since 2007, the Baltimore Police Department eclipses Tallahassee’s numbers.
Special Agent Bradley S. Morrison, chief of the FBI’s Tracking Technology Unit, Operational Technology Division, has executed at least two affidavits in support of memoranda in opposition to motions to compel discovery concerning ISMIs. In a 2014 affidavit, he stated that disclosure of information about the ISMIs would provide “adversaries” the ability to “take countermeasures designed to thwart the use of this technology.” He refers to “foreign powers,” “national security investigations,” “terrorism,” “counterterrorism,” and “counterintelligence investigation” and asserts that the information about ISMIs is “considered homeland security information under the Homeland Security Act.” In a 2011 affidavit, Morrison acknowledged that information from “innocent, non-target devices” may be “incidentally recorded,” but he asserted that the FBI purged all information from a device “at the conclusion of a location operation.” In other words, the FBI is engaging in electronic catch and release of private information of cellphone users every time it turns on an ISMI.
If ISMI information is vital to counterintelligence investigations and protecting the country from foreign powers and terrorists, why is it being used to investigate routine street crime? Why invite scrutiny to an essential tool used to protect national security? ISMIs were being sold and used at the local level at will, while cases challenging warrantless searches of cellphones were winding their way toward the Supreme Court of the United States. In Riley v. California, the court decided that police need a warrant to search even the most rudimentary cellphones. Also, the U.S. Court of Appeals for the Second Circuit held that the Patriot Act did not authorize the NSA to collect bulk telephone data. The FBI and local law enforcement agencies continue to use ISMIs, so challenges to their use are on the horizon.