New York Court Says NYPD Must Get Warrants To Deploy Stingrays

from the take-that-Big-Blue dept

Another court has decided warrants must accompany Stingray use. (via the New York Times) The ruling handed down earlier this month clarifies the distinction between the records obtained and the records requested. In this case, police used a pen register request to deploy their Stingray device. As the court points out, Stingray devices grab a lot more than just phone numbers.

A pen register or trap and trace warrant is authorized under New York's CPL Art. 705.00. According to that Article, a pen register is a device that attaches to a landline phone to identify and record "the numbers dialed or otherwise transmitted" in outgoing and incoming calls." CPL 705.00 (1). In addition, CPL 705.00 (2) defines a trap and trace as a similar device to that of the pen register that identifies the "originating number" for a call. It should be noted, however, that Article 705 does not authorize the gathering of location information using a cell phone's Global Positioning system (GPS), nor does it authorize the gathering of additional information, that might include the content of a phone's calls or text messages by the use of a pen register and/or trap and trace order.

[...]

Thus, it is improper under New York Law to authorize the obtaining of any information from a suspect's phone other that the phone numbers dialed or otherwise transmitted in outgoing and incoming calls and/or an originating phone number.

As the court notes, the addition of GPS location info changes the matrix for law enforcement paperwork. It's not enough to settle for the lower requirements of a pen register order. Tracking and tracing people involves a higher statutory burden. And that's exactly what this is: to deploy a Stingray, a team of officers must fire one up and roam all over the place until they home in on their target. This is completely distinct from showing up at a telco office asking for dialed digits.

Additionally, the court points out that while the information obtained (the phone's location) might ultimately be a third party record accessible with a subpoena, the government can't be the third party collecting the records.

[U]nlike pen register device information or that provided by the CSLI, a cell site simulator device does not involve a third party. "The question of who is recording an individual's information initially is key." See US v Lambis, supra, citing In re US for Historical Cell Site Data, 724 F.3d 600 [5th Circ. 2013] [distinguishing between "whether it is the Government collecting the information or requiring a third party to collect or store it, or whether it is a third party, of its own accord and for its own purposes, recording the information"]. The Lambis court continued: "For both pen register information and CSLI, the Government ultimately obtains the information from the service provider who is keeping a record of the information. With the cell-site simulator, the Government cuts out the middleman and obtains the information directly." US v Lambis, Id.

By its very nature, then, the use of a cell site simulator intrudes upon an individual's reasonable expectation of privacy, acting as an instrument of eavesdropping and requires a separate warrant supported by probable cause rather than a mere pen register/trap and trace order such as the one obtained in this case by the NYPD.

Presumably, the NYPD was less than forthcoming about its Stingray use. In the opening of the opinion, the court points out the location the suspect was tracked to was completely unrelated to any information the NYPD already had in hand when it took its Stingray out for a spin.

Based upon the information gathered from this order for the defendant's cell phone, Detective Brown located and arrested the defendant three days later on April 15, 2016, inside of 1540 Sterling Place, Apartment 3E in Brooklyn, an address not previously identified as of any interest to this investigation.

The decision also notes Stingray use was "conceded" by the prosecution, suggesting it fought this disclosure for as long as it could.

This is good news for residents of New York and another small step towards a unified judicial view on Stingray deployments. Better yet, it has probably resulted in audible wailing and gnashing of teeth in the upper levels of the NYPD bureaucracy.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 21 Nov 2017 @ 10:49pm

    Warrants? Damn, MyNameHere is really not going to like this.

    reply to this | link to this | view in chronology ]

  • identicon
    David, 22 Nov 2017 @ 1:56am

    You know things are messed up

    when the Third Party Doctrine is actually used for tossing _out_ rather than admitting evidence.

    Now is just a minor pothole, to be sure: the police department will just hire a "third party" for operating its Stingray. I am sure that they can find a non-governmental criminal organization to do the job for them.

    reply to this | link to this | view in chronology ]

  • icon
    DannyB (profile), 22 Nov 2017 @ 5:59am

    How about disclosing the workings of Stingray?

    Now that Stingray can be used, with a warrant, what's the big secret?

    Why is Stingray guarded with a level of secrecy that rises to the level of a national security problem?

    What I'm getting at is how Stingray does what it does.

    Hypothesis:

    Stingray fools phones into thinking Stingray is a cell phone tower. In order to do this, either:

    1. The highly secure protocols are breached by Stingray having stolen crypto keys and / or credentials.

    2. The highly insecure protocols are easily breached.

    Either way would explain the extreme secrecy. In case 1, if the mobile network operators knew which credentials / keys were being used, they would revoke them, and all the mobile phones in the field would reject Stingray "cell towers". If these keys became widely known, then everyone including every high school kid would have their own stingray.

    In case 2, if the secret of the weak protocol and how to exploit it were known, everyone including every high school kid would have their own Stingray.

    If the public could build Stingrays, that would be unthinkable! Poor people could spy on the rich and powerful.

    reply to this | link to this | view in chronology ]

    • identicon
      David, 22 Nov 2017 @ 8:53am

      Re: How about disclosing the workings of Stingray?

      Now that Stingray can be used, with a warrant, what's the big secret?

      Correction: the court has decided that a Stingray cannot be used without a warrant.

      That does not magically make production, testing, and dissemination of Stingray devices legal. It does not even make use of the Stingray devices legal. The whole point of a warrant is to authorize exceeding the bounds of legality, and the legality is constrained to individual cases assuming that a Stingray device magically has turned up to be in the possession of law officers.

      That assumption, however, is far from a given.

      reply to this | link to this | view in chronology ]

      • icon
        DannyB (profile), 22 Nov 2017 @ 9:41am

        Re: Re: How about disclosing the workings of Stingray?

        As for your correction, aren't we saying the same thing? Stingray Use implies Warrant was obtained?

        I suspect that the production, testing, use of Stingray might actually be illegal, assuming it uses stolen crypto keys and/or credentials in order to merely function. I doubt that the warrant makes that legal. I suspect the court doesn't understand how Stingray works (because it is so secret) and if the court did understand, it would NOT be issuing warrants to use an illegal device to gather evidence for a prosecution.

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 22 Nov 2017 @ 10:41am

      Re: How about disclosing the workings of Stingray?

      In case 2, if the secret of the weak protocol and how to exploit it were known, everyone including every high school kid would have their own Stingray.

      It's no secret that pre-3G protocols are insecure: the phone authenticates to the network, but the network doesn't authenticate to the phone. Some stingrays just force the phone onto one of the insecure protocols.

      Not much is known about how they attack newer protocols without downgrading. But you should disable older protocols when possible and watch for any unexpected "roaming".

      reply to this | link to this | view in chronology ]

  • icon
    madasahatter (profile), 22 Nov 2017 @ 10:53am

    The warrant makes the evidence more open in court. Now a competent defense attorney can ask in open court how it works. If the question is dodged he now has grounds for a dismissal with prejudice.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 22 Nov 2017 @ 7:40pm

    Implications

    I guess that might imply that they can use 'soft' Stingrays by getting information from real cell phone towers given the third party doctrine. Which would be more powerful in urban areas as they have more smaller cell towers.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.