Document Freed By FOIA Shows How Much Data The FBI Can Obtain From Cellphone Service Providers
from the quite-a-bit-and-dating-back-for-quite-awhile dept
Other information derived or directly included in this presentation shows CAST (and?) crew are leveraging minimal oversight and precedent to hoover up data, including historical cell site location data, which now has some constitutional protection.
> One CAST member Vice found on LinkedIn noted their "special emphasis" on long-term tracking via historical cell site data, apparently occasionally in service of solving serious crimes.
===================================================
BLOGGER INSERT
FBI’s internal instructions for obtaining data from telecom operators published
The 139-page presentation, dated 2019, was created by the FBI Cellular Analytics Team.
Motherboard journalists managed to get acquainted with documents The FBI, which describes in unusual detail how bureaus and other law enforcement agencies obtain information from telecommunications companies about the location of mobile devices.
Most of the information presented in the documents is already known to the general public, for example, about how law enforcement agencies can obtain data from telecom operators’ subscribers using special court orders. However, the docs also shed light on exactly what information each operator collects and how long certain types of data are retained. Moreover, they provide screenshots of the tools the FBI provides to law enforcement agencies throughout the United States for analyzing data from cellular base stations.
[. . .] According to the presentation, CAST is helping the FBI, as well as federal and local law enforcement and judicial authorities, in forensic data on phone calls from base stations. In particular, the team is engaged in obtaining data from telecommunications companies, analyzing data from base stations showing which phones were in a specified location at a specified time, examining testimony of witnesses and verifying the actual coverage of base stations.
“When necessary, CAST uses industry standard equipment to determine the true geographic coverage of the cellular sector,” the presentation said.
CAST provides law enforcement with its own phone data visualization software tool called CASTViz for free.
“CASTViz can quickly and accurately record call data and base station data for lead generation and investigations,” the presentation said.
The presentation even contains screenshots of instructions for using CASTViz. . ."
===================================================
To that end, the FBI apparently operates its own software to help collect data from cell towers and cross reference it with whatever the agency can collect from other sources.
“CASTViz has the ability to quickly plot call detail records and tower data for lead generation and investigative purposes…"
__________________________________________________________________
INSERT: CASTViz is developed by CAST.
The most popular versions of this product among our users are: 8.5, 8.6, 9.0, 12.0 and 18.0. 
CASTViz 18.0
The name of the program executable file is CASTViz.exe. The product will soon be reviewed by our informers.
__________________________________________________________________
There's more to it.
A lot of what's discussed here has been discussed in the public sphere (courts, records requests, leaked documents, etc.), but even if the subject matter is familiar, it's entertaining and educational to see the FBI's (instructional) take on what is now a large part of current Fourth Amendment jurisprudence. It discusses everything from grabbing location data from burner phones to General Motors' OnStar in-vehicle systems.
> The document also makes it clear not all service providers are created equal. Some are far more useful than others.
The presentation provides more recent figures on how long telecoms retain data for. AT&T holds onto data such as call records, cell site, and tower dumps for 7 years. T-Mobile holds similar information for 2 years, and Verizon holds it for 1 year.
The slide also shows that AT&T retains “cloud storage internet/web browsing” data for 1 year.
AT&T has always been proactive with its data-sharing.
It has set up its own data centers where NSA analysts can grab communications and other data from AT&T internet backbones. This is on top of whatever it can offer on the telco side, including its millions of cell phone users. There are eight of these secret data centers in the United States. All of this helps explain why AT&T holds on to so much data for so long: it has plenty of federal customers to give it to.
> There's also some discussion of real-time tracking, which is governed by far fewer precedential decisions. The DOJ enacted a warrant requirement (with plenty of exceptions) for Stingray device use, but hasn't done the same for real-time tracking via cell service providers. As it stands now, the Third Party Doctrine is controlling, which means warrants aren't needed and if it's a close call, a variety of exceptions would likely make use of these tools a "good faith" effort, legally speaking.
It's a good peek into the FBI's data collection habits, one that also shows how much cell providers collect and retain, which may provide guidance for privacy-minded individuals in the market for a new service provider.
FBI intends to award contract for CASTViz Development and Support Services
The FBI intends to negotiate a one-time, sole source, fixed price contract with CACI, Inc. to obtain Development and Support for FBI-owned CASTViz system. CACI, Inc. is the original developer of the source code and customization of for the FBI-owed CASTViz system and is the only vendor authorized to perform engineering services on the FBI’s customized CASTViz system.
As a result of that collaborative effort between National Geospatial Agency (NGA) and the FBI CAST Unit, CASTViz was created as a free tool for law enforcement to use for visualization and basic analysis of cellular telephone records. CASTViz is a propriety cellular analysis/mapping software application that sits on an individual’s computer and does not require any outside server support. CASTViz automated the processing and mapping of call detail records from various telecommunication providers. CASTViz does not store or collect the data used in the program. CASTViz does not transmit any ingested data to any outside third party. Finally, CASTViz provides an extensive analytical function to better understand telephonic data patterns.
Here's the FBI's Internal Guide for Getting Data from AT&T, T-Mobile, Verizon
CASTViz 1.1
Hot Topic in Forensics: The FBI Cellular Analysis Survey Team (CAST)
The strong demand in criminal cases for historical cellular location information has created opportunities for law enforcement to extend the limits of what is possible. The FBI Cellular Analysis Survey Team (CAST) is promoting a new methodology that it claims greatly improves the precision of historical cell sector analysis.
Figure 1. Historical cell sector analysis has a range of error that extends throughout the entire sector.
The FBI CAST says it can dramatically enhance location accuracy using the historical cell site sector information plus timing information inherent in a cellular network. Because historical GPS or other precise location data is not typically collected and stored on a cell phone or by the network, the reliability and accuracy of the FBI CAST enhanced cell site analysis based on cell sector plus timing and power information is unknown.
To be clear, the FBI CAST enhanced cell site analysis is not E911 location information that is calculated in real time from a burst of GPS data sent by the cell phone or a hybrid of available GPS data and network data collected from three or more cell towers. CAST relies on historical signal data that a network measures and calculates for purposes other than providing its customers with precise location information.
Figure 2. A timing band based on network measurements of round trip time for a signal.
Traditional historical cell sector analysis is not precise. It provides a cell site sector as the location for the target phone.
As shown in figure 1, accuracy is limited to the radius of the serving sector, which is typically measured in miles. CAST says it can increase location precision with a “timing band” primarily based on the time it takes a signal to travel from a cell tower to a cell phone and back. A typical timing band involving one cell tower is illustrated in figure 2. The cellular industry, however, considers the accuracy of time banding to be poor, and highly variable over different environments.
When multiple timing bands intersect, the FBI CAST claims it can provide a pinpoint location as shown in figure 3 based on RTT data. The cellular industry considers the accuracy of RTT location data to be low, primarily because signals travel multiple paths. Even when CAST lacks network timing information, it maintains that it can accurately create a cell phone footprint
Figure 3. A timing band based on network measurements of round trip time for a signal.
within a cell sector based on an after-the-fact survey of signal power collected during a drive-test. The cellular industry does not recognize this method to determine location. In any of its various forms, the CAST enhanced historical cell site analysis delivers on its promise of more precise location information. The FBI cannot, however, demonstrate its reliability or accuracy.
A public defender trial team recently made this very point when it challenged the FBI CAST claim that it could reliably map the historical location of a target cell phone within a cell sector based on a drive-test conducted ten months after-the-fact. . ."
[. . .] The FBI CAST has very simplistic answers to these complex questions that amount to a “trust me because I say so” opinion about reliability. A Special Agent is unqualified to assess the reliability of the data collection or interpretation. And the shortcut of “because the network functions it must be reliable” does not answer the question about reliability and accuracy of location services. While signal timing and power information is inherent to network operations, the precision of that data is determined by business necessity. It follows that network data collected for one purpose is not always reliable for another purpose. For example, the network must measure signal time to sync voices, but the degree of precision needed to prevent pauses during a two-way simultaneous radio communication falls short of the precision needed of signal time measurements to accurately calculate location. In fact, the contrary is more likely true because a cellular carrier does not want to collect historical location information about its customers because of privacy concerns.
> A prospective cellular customer is more likely to choose a network that does not collect and store her historical location information.
The tremendous demand for the FBI CAST enhancement of cell sector information with signal timing or power information will create many more opportunities to challenge its admissibility."
No comments:
Post a Comment