Government Policy on Cell Phone Interception Technology

New paper: “Your Secret Stingray’s No Secret Anymore: The Vanishing Government Monopoly Over Cell Phone Surveillance and its Impact on National Security and Consumer Privacy,” by Christopher Soghoian and Stephanie K. Pell:

Abstract: In the early 1990s, off-the-shelf radio scanners allowed any snoop or criminal to eavesdrop on the calls of nearby cell phone users. These radio scanners could intercept calls due to a significant security vulnerability inherent in then widely used analog cellular phone networks: calls were not encrypted as they traveled over the air. In response to this problem, Congress, rather than exploring options for improving the security of cellular networks, merely outlawed the sale of new radio scanners capable of intercepting cellular signals, which did nothing to prevent the potential use of millions of existing interception-capable radio scanners. Now, nearly two decades after Congress passed legislation intended to protect analog phones from interception by radio scanners, we are rapidly approaching a future with a widespread interception threat to cellular communications very reminiscent of the one scanner posed in the 1990s, but with a much larger range of public and private actors with access to a much more powerful cellular interception technology that exploits security vulnerabilities in our digital cellular networks.

This Article illustrates how cellular interception capabilities and technology have become, for better or worse, globalized and democratized, placing Americans’ cellular communications at risk of interception from foreign governments, criminals, the tabloid press and virtually anyone else with sufficient motive to capture cellular content in transmission. Notwithstanding this risk, US government agencies continue to treat practically everything about this cellular interception technology, as a closely guarded, necessarily secret “source and method,” shrouding the technical capabilities and limitations of the equipment from public discussion, even keeping its very name from public disclosure. This “source and method” argument, although questionable in its efficacy, is invoked to protect law enforcement agencies’ own use of this technology while allegedly preventing criminal suspects from learning how to evade surveillance.

This Article argues that current policy makers should not follow the worn path of attempting to outlaw technology while ignoring, and thus perpetuating, the significant vulnerabilities in cellular communications networks on which it depends. Moreover, lawmakers must resist the reflexive temptation to elevate the sustainability of a particular surveillance technology over the need to curtail the general threat that technology poses to the security of cellular networks. Instead, with regard to this destabilizing, unmediated technology and its increasing general availability at decreasing prices, Congress and appropriate regulators should address these network vulnerabilities directly and thoroughly as part of the larger cyber security policy debates and solutions now under consideration. This Article concludes by offering the beginnings of a way forward for legislators to address digital cellular network vulnerabilities with a new sense of urgency appropriate to the current communications security environment.

Posted on May 21, 2014 at 9:51 AM6 Comments


Brent Longborough May 21, 2014 12:03 PM

Excellent article. Only one (minor) gripe: would have been so much more readable were the footnotes turned into endnotes.

Slime Mold with Mustard May 21, 2014 1:32 PM

Minor correction: In the mid 1980’s you required no “scanner”. Any AM/FM radio would get you random calls. FM for cell phones, AM for the “cordless” landlines. 99% of all content was “I’m on I-95, home in 10 minutes”. One time though, I got a drug dealer. He had given out his; real name, street address,and phone number. I called him and told him to shut up(tried to explain the issue). He responded by calling people he knew, asking if this were possible, and selling them DMA and pot. I called back. quoted his conversations back to him. Still didn’t “get it”. The fellow is undoubtedly rotting in some prison wondering where he went wrong.

dragonfrog May 21, 2014 3:19 PM

Our old TV picked up phones by tuning to the upper end of the UHF band and twiddling the fine-tuning knob. I’m not sure if those were cell phones or home cordless ones.

Figureitout May 21, 2014 11:52 PM

Already mentioned it here, but for those that don’t want to read the archives, my dad used to receive cell phone calls on his radio rig. No I don’t remember his particular setup at that time; but here’s my little funny story.

Used to play “spy” as a kid a lot. Got in trouble gathering “intel” (which consisted of sneaking around and seeing who all was in a house around our neighborhood, trust me, way more innocent than it sounds) by “the weird neighbor”; for the record, my friend was the one who blew our cover, not me :p. That image of the pissed off neighbor calling my family is still in my head…My dad didn’t even punish me, as he received calls indicating an affair this guy was having; which would explain why he was the only one pissed enough about little kids spying around, possibly spotting his mistress. Then again, the times have changed, and my childhood would be totally different now.

It’s a bad story for surveillance, but really, my dad should’ve never been able to receive that info from his radio. No, he doesn’t seek out this info; just listens for fun, the bands can be quite funny from time to time.

name.withheld.for.obvious.reasons May 30, 2014 7:55 AM

But the FISCR resolved this issue in the recent “FISC Amended Memorandum Opinion on Section 215 of the USA Parrot^h^h^h^htriot Act. Can someone tell me what’s wrong with the assert made in a footnote on page three of the included docket 13-109 (hint, what an elephant faces every day):

For purposes of this Order “telephony metadata” includes comprehensive communications routing information, including but not limited to session identifying information (e.g., originating and terminating telephone number, International Mobile Subscriber Identity (IMSI) number, International Mobile station Equipment Identity (IMEI) number, etc.), trunk identifier, telephone calling card numbers, and time and duration of call.
Telephony meta data does not include the substantive content of any communication, as defined by 18 U.S.C. § 2510(8), or the name, address, or financial information of a subscriber or customer. Furthermore, this Order does not authorize the production of cell site location information (CSLI).

Or have I missed something–just can’t name the program as this is only the order.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.