Christopher Soghoian is a graduate student at Indiana University busily working on his Ph.D. dissertation addressing public policy issues relating to surveillance. In the course of his work he discovered something startling: a single telecommunications service provider, Sprint Nextel, has provided law enforcement authorities with the GPS coordinates of its customers some eight million times—apparently without its customers knowing anything about it. The information came in the course of remarks delivered by Paul W. Taylor, a Sprint executive at the October 11-13, 2009 conference of ISS World America, an organization for law enforcement surveillance support systems.
As TPM’s Justin Elliott notes, most phones today have the ability to track location. This is required by federal law, in theory so that if you dial 911, law enforcement will be able to ascertain your whereabouts and send assistance. But the tracking capability has other potential uses. In fact, it may make a tracking device every bit as effective as one of those ankle bracelets put on persons subject to house arrest—more effective, if users are not aware that they are being tracked. Sprint insists that subscribers can turn the GPS function off if they wish. But an expert interviewed by TPM says that Sprint can almost certainly reactivate it remotely.
In 1999, Congress passed a law requiring annual reporting of “pen registers and tap and trace devices” so that Congress could monitor the use of new technologies for electronic surveillance. This reporting requirement is imposed on the Department of Justice. However, Soghoian notes (I believe correctly) that the Justice Department has simply ignored the law and the obligations it imposes. This is one area in which the Justice Department apparently feels free to do what it wishes, including violating criminal statutes, whenever it feels national security is challenged. It is also free to rope telecommunications service providers into collaboration, assuring them that it will use its law enforcement monopoly to insure that criminal statutes they are jointly violating will not be enforced. This was the criminal enterprise engineered by the Bush Justice Department to subvert FISA. But so far there is little evidence of the Obama Administration charting a different course, or insisting on accountability for their predecessors.
It’s reasonably clear that Sprint is not alone. In his paper, Soghoian points to the harmonious relationship that has arisen between telecommunications service providers—oblivious to federal and state criminal law requiring them to protect the privacy of their customers—and the Justice Department. This relationship was best demonstrated in the extraordinary legislative machinations that the Justice Department engaged in—including the manipulation of potential criminal investigations against at least one member of Congress, which might have been a felony itself—to secure retroactive immunity for telecommunications service providers. So far, the Justice Department has demonstrated consistent contempt for Congress’s efforts to oversee this chilling relationship. And Congress seems too timid to call them on it.