Tuesday, August 4, 2020

Are The Feds Using 'Stingray' Technology Against Rioters?

The Intercept has a pretty full article about the possibility that the Feds--multiple agencies engaged in protecting federal property--may be gathering information on the violent rioters via what's known as 'Stingray' technology:

A guide to stingray surveillance technology, which may have been deployed at recent protests.

I believe we had a discussion about this technology sometime back, perhaps in the comments. Anyway, the article will give you a working knowledge of what's involved--how the technology works, what information is gathered, how that information can be used, what are the legal restrictions.

To start with the legal aspects, to use Stingray the feds need a search warrant based on probably cause--but only in the case of criminal investigations:

The Justice Department requires federal agents to obtain a probable cause warrant to use the technology in criminal cases, but there is a carve-out for national security. Given that President Donald Trump has referred to protesters as “terrorists,” ..., it’s conceivable that surveillance conducted at recent demonstrations has been deemed a national security matter — raising the possibility that the government may have used stingray technology to collect data on protesters without warrants.
the Justice Department policy ... also includes a carve-out for “exigent circumstances” that are not clearly defined. Federal agents are not required to seek a warrant to use the technology in cases involving such circumstances.

That's from the article, but it's worth quoting DoJ's own announcement of their policy, because it goes a bit further in explaining things and enunciates another type of exception--one for "exceptional circumstances" where obtaining a warrant would be impractical. That would probably be the case in the fluid and violent circumstances of rioting. However, those exceptions would be moot if DoJ regards their investigations as involving national security:

Additionally, the policy makes clear that cell-site simulators may not be used to collect the contents of any communication in the course of criminal investigations.  This means data contained on the phone itself, such as emails, texts, contact lists and images, may not be collected using this technology. 
While the department has, in the past, obtained appropriate legal authorizations to use cell-site simulators, law enforcement agents must now obtain a search warrant supported by probable cause before using a cell-site simulator.  There are limited exceptions in the policy for exigent circumstances or exceptional circumstances where the law does not require a search warrant and circumstances make obtaining a search warrant impracticable.  Department components will be required to track and report the number of times the technology is deployed under these exceptions.

My own opinion is that there's a high probability that what's going on is being treated as a national security matter, and that federal agencies have acquired vast amounts of information about the people behind these violent events.

As for what Stingray is and so forth, here are a few excerpts to give you a general idea. Bear in mind that this is only the basics--the article goes into far more detail about how this technology can be used. The capabilities, especially in a national security setting, are quite extensive.

What is a stingray? 
Stingray is the generic name for an electronic surveillance tool that simulates a cell phone tower in order to force mobile phones and other devices to connect to it instead of to a legitimate cell tower. In doing so, the phone or other device reveals information about itself and its user to the operator of the stingray. Other common names for the tool are “cell-site simulator” and “IMSI catcher.” 
How does the stingray work? 
Phones periodically and automatically broadcast their presence to the cell tower that is nearest to them, so that the phone carrier’s network can provide them with service in that location. They do this even when the phone is not being used to make or receive a call. When a phone communicates with a cell tower, it reveals the unique ID or IMSI number (International Mobile Subscriber Identity) associated with the SIM card in the phone. The IMSI number identifies that phone and its owner as a paying customer of a cell carrier, and that number can be matched by the carrier to the owner’s name, address, and phone number.
A stingray masquerades as a cell tower in order to get phones to ping it instead of legitimate cell towers, and in doing so, reveal the phones’ IMSI numbers. 
What can law enforcement do with the IMSI number? 
Law enforcement can use a stingray either to identify all of the phones in the vicinity of the stingray or a specific phone, even when the phones are not in use. Law enforcement can then, with a subpoena, ask a phone carrier to provide the customer name and address associated with that number or numbers. They can also obtain a historical log of all of the cell towers a phone has pinged in the recent past to track where it has been, or they can obtain the cell towers it’s pinging in real time to identify the user’s current location. By catching multiple IMSI numbers in the vicinity of a stingray, law enforcement can also potentially uncover associations between people by seeing which phones ping the same cell towers around the same time. 
If law enforcement already knows the IMSI number of a specific phone and person they are trying to locate, they can program that IMSI number into the stingray and it will tell them if that phone is nearby. Law enforcement can also home in on the location of a specific phone and its user by moving the stingray around a geographical area and measuring the phone’s signal strength as it connects to the stingray. ...

The possibilities are limited largely only by the imagination of the investigators.


  1. I believe we had a discussion about this technology sometime back, perhaps in the comments.

    I told about J.E. Dyer's speculation that the FBI used Stingray to intercept Russian Ambassador Kishlayk's phone conversation with Flynn.

    Kishlyak had just been informed at the State Department that 35 Russian diplomats were being expelled. As Kishlak rode away from the State Department, he phoned Flynn, and that conversation was recorded by the FBI's Stingray. Therefore, the FBI did not get the transcript from the NSA, from British Intelligence or from anyone else.

    That was how the Stringray came up in previous comments here.

    1. Ah, that's right. Thanks.

      Of course Dyer was totally wrong, as we've seen.

  2. Stingray is not that important for this application.

    Feds can get most, or more same info / records from a cell phone tower.

    Feds also have all data for cell phone sent to a giant data warehouse.

    Antifa trains per project Veritas to use runners and limit cell phone use, due to security concerns.

    1. Wouldn't Stingray allow for more targeted collection? I realize that modern automated sorting can handle vast amounts of data ...

    2. IF they dial down the sensitivity of the Stingray receiver, it only "shakes hands" with phones within a short range of the Stingray, which gives a much smaller list of cell "serial numbers of interest" that are in close proximity of the Stingray.

      IOW, doing so reduces the proportion of cell phones of dis-interest that connect to the Stingray.

      I would guess the real action is doing the meta-data network analysis on the phone of interest. The Stingray doesn't do that. That's where the cell phone company meta data records come in. They just use the stingray to get serial numbers of phones of interest, and use those to request the meta data.

      As an aside, it seems to me the manner in which the Feds handled things in Portland were specifically designed to maximize the duration of time over which they collected cell data from the anarchist/marxists rioting every night, rather than calling in the scooper trucks from Soylent Green and clearing the streets in 24-48 hours.

      This suggests Barr is playing a long game against these radical rioters bent of the overthrow of the government.

      People who know about meta data analysis lead me to believe that even if the rioters used burner phones, assuming there is sufficient robust data on each user prior to using the burners, it is possible to id the people using burner phones by their meta-data "signatures." It's described as being something of a digital signature of each person.

      I'm betting the meta data of interest is the calls they make not during the riots at night, but the ones they make before or after each nights festivities. That's the call/email data that exposes the networks and the associated command/control structure of these revolutionary groups.

    3. Thanks for the clarifications--it makes sense to me. I agree that Barr--who will certainly be the one who decides on overall strategy--is probably playing a 'long game.' Specifically, I'd bet he wants to identify the funding flows and go for the sources of money.

      My experience with this type of investigation dates back to the early to mid 90s, so pretty primitive by comparison. I did once do an analysis that combined physical surveillance with phone activity into one chart that I constructed. It was a big hit with the jury and got two convictions that wouldn't have happened otherwise in a case that remains one of the biggest of its type. That sort of evidence can be super effective.

    4. If you want an overview of the power of metadata analysis (and this is just the basics -- the advanced stuff, I am told, is WAY beyond what's described here)-- read this article -- it's about how the British would have used meta data analysis to figure out who was organizing the effort to revolt against Britain in 1776:

      It's called "Finding Paul Revere." Prepare to have your mind blown.

      >> <<

    5. re: I did once do an analysis that combined physical surveillance with phone activity into one chart that I constructed.

      Now that's in real time.

  3. And if the feds have your name and address, they can identify those rioters who are likely to have committed the federal crime of crossing state lines to riot.

  4. The Intercept is hyping the Stingray as a way of broaching a civil rights violation by the Feds, i.e. using a surveillance technique without jumping through all the hoops regarding probable cause requirements.

    The Stingray is used for a very targeted location so as to quickly collect and confirm the germane device information. In that way the more robust calling network using meta-data can be generated. Generally, you need a target's number to initiate seeding of the target user's network with its contacts.

    If burner phones are being used, then a Stingray would be useful, presuming the target and his location is known.

    Like every other media site, The Intercept needs eyeball traffic to monetize for funding, so what's a little hyperbole and hyperventilating...