Do the Police Need a Search Warrant to Access Cell Phone Location Data?

The US Supreme Court is deciding a case that will establish whether the police need a warrant to access cell phone location data. This week I signed on to an amicus brief from a wide array of security technologists outlining the technical arguments as why the answer should be yes. Susan Landau summarized our arguments.

A bunch of tech companies also submitted a brief.

Posted on August 17, 2017 at 6:12 AM • 61 Comments

Comments

Mr. SunshineAugust 17, 2017 6:31 AM

I guess it all depends on the judge.

Certainly law enforcement has taught itself that any former guaranteed rights of the individual are null and void when it comes to: Security.

Many judges have come around to that view also. Some/many of them on the Supreme Court.

Meanwhile, Congress is too busy arranging donations to get re-elected to bother with basic governance or existential issues like this.

And the President.....?

StephenAugust 17, 2017 6:51 AM

^^Probably depends on which circuit you happen to reside in, unless they decide to simply ask for a federal one under a secret court under secret laws with evidently absolute jurisdiction.

zzzAugust 17, 2017 7:45 AM

If they get it illegally from the NSA, all they have to do is parallel construction to hide that fact... they got trained on that.

Edwin FinchAugust 17, 2017 9:39 AM

>Do the Police Need a Search Warrant to Access Cell Phone Location Data?

Not in Blighty they don't. Thanks to Theresa May's Snooper's Charter, up to 50 so-called "police forces" (that includes anything from the Department of Health to the Gambling Commission) can access your device location on the fly without the inconvenience of a troublesome warrant.

https://www.theguardian.com/uk-news/2017/jan/13/police-warrant-search-mobile-phones-campaigners-privacy-international

DanielAugust 17, 2017 10:18 AM

While I appreciate whatever boost your name might offer my hope is that the Court takes the opportunity to revisit the "third party doctrine" in its entirety. It is this doctrine that is the Pandora's Box that has unleashed all the pandemonium.

BardiAugust 17, 2017 10:39 AM

On a jury that had to consider this very issue (in addition to the kidnapping and theft) when cell phones were, rightly so, referred to as bricks .

The prosecutor wanted us to use cell tower data, just the fact that one of the bad guy's cell was in contact with different cell towers, along with time, to infer routing and timing data.

It was a several week trial in which we felt all parties involved should go to jail. The involved perps ended up admitting to the entire issue, I think their attorneys were unnerved that the jury even considered this issue.

Chairman MaoAugust 17, 2017 11:02 AM

@ SCHNEIER

Cell site location information is no longer confined to crude approximations, but has become increasingly sophisticated and precise. The majority of Americans now carry their phones at nearly all times, largely unaware that the devices are automatically creating a detailed and lasting record of their locations and movements. In the hands of law enforcement, these records have the potential to reveal a wide range of information about individuals’ habits, activities, and associations.

Simple answer: Possession is 9/10ths of the law. Ownership is only 1/10th of the law. But, Who owns "data"? The person who owns the disk drive? No. The person who paid the electric bill to write the "data" to the disk drive subject to seizure.

FOURTH AMENDMENT: [POSSESSION] The right of the people to be secure in THEIR [PERSONAL] persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

SIMPLE SOLUTION: Get rid of your cellphone like I did.

Chairman MaoAugust 17, 2017 11:14 AM

@ SCHNEIER

Cell site location information is no longer confined to crude approximations, but has become increasingly sophisticated and precise. The majority of Americans now carry their phones at nearly all times, largely unaware that the devices are automatically creating a detailed and lasting record of their locations and movements. In the hands of law enforcement, these records have the potential to reveal a wide range of information about individuals’ habits, activities, and associations.

PS.

It's like Google Voice and Google Hangouts.

Sign up. See what happens.

What happens? You give your telephone number to Google. Google confirms your primary phone number.

How? You get a return phone call from Washington, DC.

Is Google in DC? No.

Who is? NSA, CIA, FBI, DOJ, and Russian spies.

LOL

parabarbarianAugust 17, 2017 11:19 AM

In the current climate this will probably prove ultimately futile. If the data exists and the authorities want it they *will* get a hold of it on way or another. The real problem is that the data even exists at all. If the providers did not gather location data or destroyed it after a short time, there would be no reason for controversy. The police could still get a warrant to track a particular phone but there would not be a mountain of historical data just waiting to be scooped up and mined.

BobAugust 17, 2017 12:06 PM

Unfortunately, those are not strong arguments against law enforcement restriction. Somebody tell me how they feel about the emergency location thing. I use a phone where I can take the battery out. It was a top sale point for me.

You have tools against police harassment. Given priorities, I am not sure I am supposed to care. We are talking about parole management and crime investigation. Faraday that.

Chairman MaoAugust 17, 2017 12:12 PM

@ Bob

You have tools against police harassment. Given priorities, I am not sure I am supposed to care. We are talking about parole management and crime investigation. Faraday that.

Not. Cellphones are valuable tools for white collar criminals in the CIA, NSA, DOJ, FBI, KGB, and KPCB.

There are laws against insider trading on Wall Street and elsewhere.

There are no laws against "intel" officers spying on CEOs to conduct covert wars and espionage.

Darron WykeAugust 17, 2017 1:12 PM

@Mao
You should loosen the tinfoil around your head. It's cutting off bloodflow to what could arguably be called critical facilities.

Sancho_PAugust 17, 2017 1:17 PM

Well, I guess I’d oppose that amici brief.
In fact, let me go one step further [1].

CSLI data should not only be open to law enforcement (the term seems overly broad) but to all interested parties, like journalists and private investigators of all color. Public!

Senators, judges, politicians, advisers, governors, attorneys, lawyers, think tanks, mayors, big business(wo)men, President and family, donors, ambassadors, banksters, …
They have to think about that idea - Not me, John Doe.

This isn’t “nothing to hide, …”, it’s only that I’m not important.
Transparency and “we all shall be equal” is the only means to drain the swamp of corruption.

[1] Not sure if I’m serious, however, I have no voice.

@Daniel: The TPD came to my mind, too.

Ross SniderAugust 17, 2017 1:19 PM

@Darron

Please be civil. We want to keep a healthy comment community here on Schneier's blog.

Plus, Mao bring up really good points that's backed by lots of historical (and recent) evidence. It's a bit much to try labeling him.

Intelligence agencies work all the time with corporations and when they don't cooperate, intelligence agencies are willing and legally enabled to subvert them. Bruce Schneier himself has written about this, the Snowden documents indicated it, Joe Nacchio of Qwest provided great exposition about being on the end of it, Binney and other whistleblowers have described it, and the law does have these authorities carved out.

BobAugust 17, 2017 1:49 PM

@Mao
That's a fair point: non-law enforcement agencies falling under the same umbrella.
That game is a revolving door and I creep away because everyone looks guilty. It is why I try and concentrate on individual privacy as a core principle.

It sounds contradictory to what I posted above but consider an over-arching theme with parolees: people gripe about the cellular thing but have no problem with CORI.

The legal system has offloaded CORI data to third-party background companies like Intelius. It was a way for the CORI system to make money for upkeep.

If you do anything to prevent a parolee from assimilating, finding a place to sleep and job, you are setting him up to commit a worse crime to survive. There are people that act like champions of justice when they are part of the problem. The DOJ Recidivism Report does not admit to this fact. So, my priority would be with CORI maintenance. The sale point was the same as neighborhood watch and violent offender. The general CORI was wrong for that. It was do-gooders that can't figure out cause and effect.

KevinAugust 17, 2017 2:21 PM

1. of course there should be someone else than the police who decides on whether the police can access the data or not. Checks and balances. So the answer to me is obviously yes.

2. If you ask me, this is nothing that a court should decide. This is a task for the legislative power. The congress should decide.

Chairman MaoAugust 17, 2017 2:37 PM

@ Bob @ ALL

That's a fair point: non-law enforcement agencies falling under the same umbrella.

EXAMPLE: Rednecks at "FUSION Centers" have nice Wall Street successes, too.

Let's not forget all the politicians who go to Congress with empty pockets and strike it rich on $150K per year.

BobTAugust 17, 2017 2:50 PM

Police already do a triangulation/signal strength form of cellphone tracking in real time for incoming calls. In Chicago, I occasionally hear the dispatcher commenting that the caller is (for example) reporting hearing gunshots at X when the cell tower the call is coming in from is at Y, several miles away. This implies some type of real-time information about call origin coupled with the incoming calls...

Chairman MaoAugust 17, 2017 3:01 PM

@ ALL

Notice that I said I dumped my cellphone. Why? Am I a criminal? No. Do I have anything to hide? No. But, I *know* how "their system" works, now.

Background: "FISA" court is BS. Why?

Long story short: I had a "holy caca" moment.

Back in 2010, I set up a VPN between my new phone any my own network. While adjusting my firewall to accomodate the VPN, I discovered "MILITARY TRAFFIC" in my LAN.

Where was it coming from? My VPN "stripped" away the cellco "NAT address" and revealed the military IP address segments of 25.x.x.x and 26.x.x.x &/or the IPv6 addresses. Do you know what those are? One is US DISA. The other is UK Ministry of Defence.

It was coming from my cellphone. I got rid of it within 30 days.

TRUTH BE KNOWN: The "FISA Court" can sweep up anything by swapping out your DHCP-assigned address with a foreign address even if you are an American (or Brit).

See my Google Voice example above.

Sad, but true. I learned that crazy, greedy, white collar criminals are everywhere now. Especially in govt.

BobAugust 17, 2017 4:26 PM

@Mao
Back in 2004, I caught a sigint ip that would not have been noticed on a 1sec interval diagnostic. That ip was revealed because their were people out there that are doing diligent work on mappings. It wouldn't happen again; a lot has changed since.

I have also lived next to train tracks. It would pass and have the multi-band power to shut down my laptop. It was plugged into the wall. Maybe I sound like an amateur for not knowing about signal warfare, but enough people complained until the train stopped doing that.

Some other points I thought about:
The cop:civilian ratio is poor. I'm not terribly paranoid about it... oh wait... Trump. I love when presidents skip congressional approval and use police state to solve problems.

Chairman MaoAugust 17, 2017 4:39 PM

@ Bob

I fail to see your point. Randomness is randomness.

But, if you were like me, you would've gone to the telco and confirmed like I did.

A salesman of the same cellco had exactly the same problem on his phone.

65535August 17, 2017 4:55 PM

Cell Site Location Information [CSLI] can be clearly misused by Police and private detectives. A cell phone attached to an individual with timestamps and location data is dangerous. This has to change.

Yesterday’s NSA surveillance methods are today’s police fishing expedition methods.

From the Legal Brief:

“…sensitive medical information about individuals could be determined by monitoring CSLI. Given the high and growing precision of CSLI data in urban areas, a surveillance target’s CSLI could reveal with a high degree of confidence that the target visited an oncologist, a plastic surgeon, a psychiatrist, an addiction rehabilitation facility, or an abortion clinic.50 Even a single contact in the cell site coverage areas containing one of these facilities could enable a prediction about the medical needs of the surveillance target. More frequent contacts would simply verify and increase the government’s certainty about the medical condition of the target... if the target is widely known as a mergers and acquisitions specialist and the target visits both the offices of a startup and the campus of a larger company, it could be inferred that the purchase of the startup may be in the works. If the target is a government employee and the target visits the offices of a newspaper prior to the publication of a story revealing government malfeasance, the government would similarly be able to infer the source of the story. Because each CSLI location data point also includes a timestamp,51 an individual data point has the potential to convey even more detailed or nuanced information. For example, churches and community centers frequently offer different programs at different times of the day and on different days of the week. CSLI data showing that a surveillance target visited a church at 10:00 am on Sunday morning could lead to an inference of religious observance; CSLI showing that the target visited that same church at 8:30 pm on Thursday, when an Alcoholics Anonymous meeting is scheduled to take place, could lead to a very different inference.52 The same is true of scheduled lectures at community centers or universities, movie showtimes, or political rallies…”

See the pages 27 to 36:

https://assets.documentcloud.org/documents/3932663/Carpenter-Amicus-Brief-Technology-Experts.pdf

This is far too much personal information being handed over to police and private detectives. It should be banded or highly restricted.

Worse, the same information on police cannot be had by citizens who higher said police. This is the “one way mirror” problem created by this type of surveillance. This also has to stop.

Chairman MaoAugust 17, 2017 5:06 PM

@ 65535

This is far too much personal information being handed over to police and private detectives. It should be banded or highly restricted.

Worse, the same information on police cannot be had by citizens who higher said police. This is the “one way mirror” problem created by this type of surveillance. This also has to stop.

Agreed.

Unfortunately, there is too much profit in the status quo.

As far as "Trump" goes, Trump has no knowledge of computers beyond "Twitter." His "advisors" can con him even more than the lifetime white-collar criminals.

He's just trying to stay alive in the midst of the deep state profiteers.

There's only one solution. Dump your cellphone. This is where the "customer/victim" still has the power of "consent."

Unfortunately, most people are too stupid to realize it. They'd rather bitch to the very white collar criminals who are shafting them. I

AndrewAugust 17, 2017 5:24 PM

@mao
Dumping the phone is not an option. You will be located anyway by face recognition cameras.

How about a law that every phone has a hardware switch that turn off every single sensor/microphone/camera unless you are engaged in a call?
Or you want to take pictures?

Chairman MaoAugust 17, 2017 5:43 PM

@ Andrew

Dumping the phone is not an option. You will be located anyway by face recognition cameras.

I disagree. The bulk of the problem comes from your hip pocket.

As Bill Joy said regarding the birth of the "smartphone" -- "These change everything. These know who you are; and, where you are."

The movie, "The Matrix" was a message or prophesy -- however you want to look at it. Keaunu Reeves dumps his cellphone to dump Agent Smith. Or, he uses it to put Agent Smith on a wild goose chase.

When you dump your phone, just duct tape it to the underside of the bumper on an 18-wheeler.

:)

BobAugust 17, 2017 5:59 PM

@Mao
Consider if you live next to a base/NAS and how you bought the phone. Hindsight, I would not have thrown the phone away. I would have kept watching it. Your VPN trick may prove useful. I wouldn't trust the service carriers to not profile you, but if you purchased a jailbroken phone with exposed filesystem, like from Amazon, who knows what you got. It peaks my interest though.

I know that military multi-band decoders and prybar extend beyond base boundaries. They take that right. You can pass all of the laws against civilian agencies and even intel, and they still have sigint which is always taken off the table.

BTW, tin foil hats work. Don't knock it.

Chairman MaoAugust 17, 2017 6:07 PM

@ Bob

Yup. The VPN trick is a good one.

However, also note the use of proxies these days. Check your "https:///" certificates and compare for matches between your phone and the destination site -- between both your phone and the site; and, between an isolated (not yours) desktop computer and the destination site.

I suspect the carrier(s) may have gotten wise to the VPN trick. Consider the date of my discovery -- 2010.

PhAugust 17, 2017 6:11 PM

I would not want the police to have all my location data.
But i would not mind very much if the police were to ask my provider if i was at a certain location at a certain time connected to a crime, as long as they would share that info with all parties involved.

Chairman MaoAugust 17, 2017 6:26 PM

@ Ph

I would not want the police to have all my location data.

Today, the auto mfrs are putting these devices in the dash of your car.

Add GM OnStar stuff, too.

You are being tracked like a criminal who is forced to wear an ankle tracking device OR a cow with a bell around your neck OR an fugitive slave.

I don't care what political affiliation you associate yourself with. This situation that I described should be your wake up call.

Like Trump has articulated: We are ALL Americans and we all bleed the same blood.

Like it or not. You don't own the phone system. But, The Masters of the Universe do.

PhAugust 18, 2017 3:52 AM

@Mao

Most of your underlying assumptions about me are false.

You make valid assumptions about most americans, but
Please repeat after me, "USA is not the world."

I do like the song America by Rammstein though, it's mostly correct.

Ismar DuderijaAugust 18, 2017 5:36 AM

The real question is who is going to know or can prove if they are listening in or not? In other words who is policing the police? Given what we know of other gov agency practices so far the picture is very bleak.

AvocadoanAugust 18, 2017 7:38 AM

It's interesting that everyone's reaction to this type of thing is not the same as commenter Chairman Mao's: to dump their cell phones. This reveals that people have different value prioritizations. Chairman Mao values his privacy over the convenience and other benefits of a cell phone, whereas for others who keep their cell phones, this is apparently reversed. (Sure, they might want the law to provide them more privacy, but what really happens is they will read a story like this one, get a little worked up, write some comments online, and forget about it in a week while they continue to use their phones.)

Of course it's also possible that people's revealed preferences are not in fact more authentic than their expressed preferences, due to the fact that much human behavior is irrational or otherwise beyond the control of our intellectual faculties. In this case, maybe people do value privacy more than convenience etc. but are experiencing some kind of behavioral glitch that makes them unable to act on their actual prioritization of values.

I suspect the designers of cell phones and cell phone apps have something to do with this, since they make no secret about studying cognitive psychology carefully in order to exploit it to make their products more appealing and even addictive.

But the majority of the problem is in our society's lack of a cultural tool by which we stop and ask ourselves "Does this piece of technology really provide me a benefit without compromising my values?" The Amish have such a tool (the ordnung) but we do not.

dunmoreAugust 18, 2017 8:10 AM

In a few weeks I will be driving up the East Coast to New Hampshire. For a few bucks I will take your cell phone with me, keep it charged, and even make some calls to your friends. This will give you time to commit your nefarious schemes at home, while appearing to be out of town.

Bruce SchneierAugust 18, 2017 8:33 AM

"While I appreciate whatever boost your name might offer my hope is that the Court takes the opportunity to revisit the "third party doctrine" in its entirety. It is this doctrine that is the Pandora's Box that has unleashed all the pandemonium."

I agree.

If you read the history of it, it seems that it was never intended to be so broad or so universal. And today, where *everything* we hold private is shared with a third party because that's how the technology works, it just doesn't make any sense.

anonymous August 18, 2017 10:07 AM

@Chairman Mao

At least Rogers is using address in the 25.x.x.x. range as private IP addresses. I am pretty sure other cellphone company must do it with other range. Do not mistake that with the uk ministry of defence

GSKAugust 18, 2017 10:45 AM

I think it should go a step further, and that given the ubiquity of cell phones and the intimate nature of their use by most of us, they should qualify for protection under the 5th amendment.

AvocadoanAugust 18, 2017 11:11 AM

@Bruce:

today, where *everything* we hold private is shared with a third party because that's how the technology works, it just doesn't make any sense.

We have choices about what technology to use. People are increasingly moving to technology options that work by sharing with a 3rd party, but other options are still there for those whose value hierarchies place privacy above convenience.

Or, there might be a case to be made that new technologies are forced on us. Would you agree with such a case?

What I think is interesting is how we parse technology options. Is a cell phone really less private or secure than a landline? For any given technology there are probably a lot of arguments to be made for or against whether it supports a given value.

Would you agree we need a (better/common) framework for having those discussions?

Chairman MaoAugust 18, 2017 11:23 AM

@anonymous

@Chairman Mao

At least Rogers is using address in the 25.x.x.x. range as private IP addresses. I am pretty sure other cellphone company must do it with other range. Do not mistake that with the uk ministry of defence

What planet are you from? Did you read some propaganda and then immediately believed it? (Read RFC1918).


Next, why did a cellco "spook" admit it? He also asked me if I thought their practices were illegal or unethical?

I told you , "Long Story Short"

Chairman MaoAugust 18, 2017 4:24 PM

@ Avocadoan

(Sure, they might want the law to provide them more privacy, but what really happens is they will read a story like this one, get a little worked up, write some comments online, and forget about it in a week while they continue to use their phones.)

And, the title (and intro) to this thread is:

Do the Police Need a Search Warrant to Access Cell Phone Location Data?


The US Supreme Court is deciding a case that will establish whether the police need a warrant to access cell phone location data. This week I signed on to an amicus brief from a wide array of security technologists outlining the technical arguments as why the answer should be yes. Susan Landau summarized our arguments.

A bunch of tech companies also submitted a brief.

Sounds like a bunch of people decided to get together and TAKE &/OR waste a lot of time and public money to argue about nothing.

I'm telling you how bad the situation really is. BUT...

This reveals that people have different value prioritizations.


That's what I refer to as the Take A Shower at Auschwitz Syndrome. Most Jews believed they were taking a shower offered by some really nice Nazi's.

TROJAN HORSE. The way our country is currently headed is a civil war. Like Nazi Germany. THEN you'll realize why my information is so relevant and important to this thread. Personally, I don't even think Schneier knows what I know about this particular subject.

Just remember, the difference between a live fish and sushi is: One bites the hook.


Chairman MaoAugust 18, 2017 5:00 PM

@ Schneier

If you read the history of it, it seems that it was never intended to be so broad or so universal. And today, where *everything* we hold private is shared with a third party because that's how the technology works, it just doesn't make any sense.

What will the Supreme Court rule be when the data is shared with the DOD on a DOD network? (DISA, NIPRnet, etc.) The next question is who consents to the sharing? The end user? Or Google and the rest of them.

That's the case in fact.

I already know the answer.

BobAugust 18, 2017 5:35 PM

@Ph
I agree with you on the "police must show you" issue.

I know that some local court systems are not giving defendants their full rights, which extend beyond Miranda. Your rights extend to evidence disclosure list from the DA holding and court filing cabinet. This is denied regularly to control cases. After all, public defenders eat lunch with the judges and prosecutors. Most defendants do not realize they are owed that(they are sitting in a cell). You can smoke a court if you know that.

65535August 18, 2017 5:53 PM

@ Daniel and Bruce S.

“…my hope is that the Court takes the opportunity to revisit the "third party doctrine" in its entirety.”

I agree. It is far too broad. It should be given tightly controlled and balanced with the US privacy rules. When combining the third party doctrine with the grossly overused “National Security” frame work it is a travesty. The combination violates the US Constitution in many areas. Privacy is trample in the stampede for “National Security” and profit oriented “data mining”.

@ Chairman Mao

I agree with your basic argument. A cell phone on a person with location and time stamp data is a disaster. I like you VPN idea and your tapping a cell phone to a 18 wheeler.

Back, to the situation. These cell phone are so widely used that kids bring them into my "Cell phone free" house!

I have found those Faraday cage style bags useful, very thick layers of tinfoil wrapped around them helpful, and plain kitchen iron pots to hold my kids guest’s cell phones when they are in my “Cell phone free” house.

The problem is both legal and technical. On the technical side you cannot shut off many newer iPhones. They are sealed. As such they act as a non-airgapable beacon, microphone and camera. On the legal side Bruce S. has shown how these CSLI location data provide police and others who really don’t need the data with a complete picture of your movements and habits. It is a huge fishing expedition on the part of police. This unacceptable!

Chairman MaoAugust 19, 2017 9:47 AM

@ 65535

https://www.dhs.gov/sites/default/files/publications/digital-strategy/25-point-implementation-plan-to-reform-federal-it.pdf


SUMMARY: Written in 2010, it reads like an infomercial for Google and Amazon.

We now live under a Orwellian Dictatorship run by secret agents of domestic and foreign corporations and governments.

The American Republic and Democracy is gone. Elections don't matter. The "Deep State" is made up of ~7500 shell corporations puppeted by domestic and foreign secret agents. (7500 DISA contractors)

My discovery in 2010 was the tip of the iceberg.

Schneier's Supreme Court Amicus is MOOT. The Sixth Plank of the Communist Manifesto is: 6. Centralization of the means of communication and transportation in the hands of [Google aka "Alphabet"].

I think the Supreme Court should issue a proclamation in their decision that The Bill of Rights has been repealed by a conspiracy between prior administrations and California Marxists.

Put THAT on the 6 o'clock news.

Chairman MaoAugust 19, 2017 10:18 AM

FOOTNOTE:

Vivek Kundra is from India.

Kundra and Chopra previously worked in Governor Tim Kaine's administration.[24]


From Wikipedia

Democratizing Data[edit]

Vivek Kundra launched the Data.gov platform on May 21, 2009[28] with the goal of providing public access to raw datasets generated by the Executive Branch of the Federal Government to enable public participation and private sector innovation.[29] Data.gov draws conceptual parallels from the DC Data Catalog launched by Kundra when he was CTO of Washington, D.C., where he published vast amounts of datasets for public use. Immediately after the Data.gov launch, the Apps for America[30] contest by the Sunlight Foundation challenged the American people to develop innovative solutions using Data.gov. San Francisco,[12] the City of New York,[11] the State of California,[31] the State of Utah,[32] the State of Michigan,[33] and the Commonwealth of Massachusetts[34] have launched public access websites modeled after Data.gov. Internationally, over 46 countries have launched open data sites patterned after Data.Gov, some using the U.S. Data.gov software which was made open source and made available on GitHub. Additionally, states, cities and counties have launched sites, notably[35]some cities in Canada, and the UK are following suit.[36]

On December 9, 2010, Kundra published the "25 Point Implementation Plan to Reform Federal Information Technology Management", which included Cloud First as one of its top priorities for achieving IT efficiency. Cloud First required each agency to identify three cloud initiatives.[47] He announced his decision to leave the federal government and join Harvard University within 7 months of this strategy, too short for any of cloud first initiatives to have demonstrated cost savings.[48] After a short 5 months at Harvard he left to join Salesforce.com, a cloud SaaS and PaaS provider.

The first major cloud project during his tenure was GSA's migration of e-mail/Lotus Notes to the Gmail and Salesforce.com's platform. GSA awarded a contract for e-mail in December 2010 and a five-year contract to Salesforce in August 2011.[48] A September 2012 Inspector General report found the savings and cost analysis not verifiable and recommended GSA update its cost analysis. GSA office of CIO was unable to provide documentation supporting its analysis regarding the initial projected savings for government staffing and contractor support. The audit found that the agency could neither verify those savings nor clearly determine if the cloud migration is meeting agency expectations despite initial claims that indicated 50% [49] cost savings [50]

The Federal Chief Information Officer is responsible for directing the policy and strategic planning of federal information technology investments as well as for oversight of federal technology spending. Until Kundra, the position had previously been more limited within the Office of Management and Budget where a federal chief information officer role had been created by the E-Government Act of 2002.[22] The Federal CIO establishes and oversees enterprise architecture to ensure system interoperability and information sharing and maintains information security and privacy across the federal government. According to President Obama, as Chief Information Officer, Kundra "will play a key role in making sure our government is running in the most secure, open, and efficient way possible".[1] To further President Obama's overall technology agenda, Vivek Kundra, Jeffrey Zients, the Chief Performance Officer, and Aneesh Chopra, the Chief Technology Officer, will work closely together.[23]


Government 2.0[edit]
Government 2.0 or Gov 2.0 refers to government policies that aim to harness collaborative technologies and interactive Internet tools to create an open-source computing platform in which government, citizens, and innovative companies can improve transparency and efficiency.[47] Put simply, Gov 2.0 is about "putting government in the hands of citizens".[48] Gov 2.0 combines interactive Web 2.0 fundamentals with e-government and increases citizen participation by using open-source platforms, which allow development of innovative apps, websites, and widgets. The government’s role is to provide open data, web services, and platforms as an infrastructure.[49]


Kundra and Chopra previously worked in Governor Tim Kaine's administration.[24]


PUT ALL OF THAT IN YOUR INDIAN HASH PIPE AND SMOKE IT.

GOVERNMENT 2.0

Chairman MaoAugust 19, 2017 11:51 AM

Bribery and laundering ....

FBI RAIDS OFFICE OF CIO VIVEK KUNDRA: NEW OBAMA APPOINTEE NOT UNDER INVESTIGATION

https://www.wired.com/2009/03/kundra-all-ok-w/


D.C. Technology Official Arrested on Bribery Charges

http://www.washingtonpost.com/wp-dyn/content/article/2009/03/12/AR2009031201426.html


Is U.S. CIO Vivek Kundra a cooked goose?

http://www.networkworld.com/article/2234890/cisco-subnet/is-u-s--cio-vivek-kundra-a-cooked-goose-.html


Vivek Kundra's Crime: Shoplifted Some Shirts From J.C. Penney

http://www.businessinsider.com/vivek-kundras-crime-shoplifted-some-shirts-from-jc-penney-2009-3

BobAugust 19, 2017 12:07 PM

@Mao
Yeah, except none of it is critical revealing data, unfiltered by the govt. Pipe dream. Certain people in certain fields are looking for critical data and getting brickwalled. It will always be that way in the US. An agency's job is not to provide transparency to the people, but provide an illusion with disjointed dataset while reconnoitering for the White House or Congressional committee. Our govt does not want the embarrassment of citizens discovering something before they do. Even when they say it isn't fake, it is false front.

When you become surgical with data diving, you will understand. Here are some examples:
CDC - Avian Bird Flu and US prevalence with farming; you get a presskit for stupid journalists with disjointed data on a state level. Different data for different states. They send you to WHO which only posts a handful of stats in SEAsia. Not what you are looking for, nor do they tell you swine have receptors for both swine flu and avian flu. That is the mutation point.
CDC - endometriosis in the Houston megaplex area, given it is one huge dioxin laced EPA Superfund site.

And my demographic favorite missing data: per state annual bachelor grad versus new full-time job growth, in respect to job recycle. Many states produce more grads than new jobs, proving lack of competition mechanism in our crappy higher education, reinforced with insane high student visa. Great money train.

Still others dig through FAOStat finding no water resource data. That is because it is considered a matter of national security. I also find the food price volatility index to be a joke because it assumes the US will never have problems (the formula uses the US as a base factor).

You get the picture. Sometimes, it is not about the data but how you put it together and awareness of what is missing or what you really need. We can dream a little dream but all I see is a front. Superficial information and govt statisticians will always say it is not their job to draw conclusions. It is all cauterized. It is also a rare sight to see a defense attorney actually doing his job.

Chairman MaoAugust 19, 2017 12:33 PM

@ Bob

Yeah, except none of it is critical revealing data, unfiltered by the govt.

Yes it is.

The Indian Hash Smoker graduated from shoplifting cheap shirts to .... IT master for Tim Kaine... to CIO of government IT in Obama's Whitehouse ... to salesforce ... to managing government data... to managing healtcare data... while Twittering about The Dictator's Handbook and the new unicorn of "invaluable data."

To me, it's as revealing as Debbie Wasserman Shultz ... and her IT felon.

Wanna bet the two are bosom buddies?

Chairman MaoAugust 19, 2017 2:12 PM

@ Bob

PS. I also find it interesting that Kundra became Obama's technology CIO while at the same time he only has a degree in psychology BUT his bestest friend Acar was into fake birth certificates.

Maybe Schneier should be pissed off cuz he was passed over for the job so that an Indian shoplifter psych-major who knew a good birth certificate forger could have it instead.

http://www.washingtonpost.com/wp-dyn/content/article/2009/03/12/AR2009031201426.html

BobAugust 19, 2017 2:14 PM

@Mao
No. Your statement doesn't mean anything to me. Resumé or some epic saga doesn't equal intelligence or conviction. I would view that person as a social engineer that didn't cut his teeth on anything. A self-promoting entrepreneur and a tax suck. You missed my idea on professional granular detail. We have agencies that step over each others' feet, and then this third-party guy that wants to do something else on Obama's Council On Re-inventing a Broken Wheel. Yeah, he just got on the train. Just because someone learns to program data presentation, only means they still have no place with specialization. Basic. That is what some would call opaque, not transparency.
//
I would rather refocus on the idea that the major underlying fear is the militarization of police departments. They want to black bag everything like they never came off the battlefield. I wouldn't blame cops for ditching the pointless shiny uniform for ACU, but I despise the subculture and binary attitude. We know how they do. Meanwhile, the local courts are channel-stuffing cases because the jails are filled up with potheads. They do this to themselves. Now introduce data intel on top of that.

We should craft strong arguments and pushback that details what the limits are, not excluding the social perimeter we have mentioned already. This is because lawyers and politicians will tunnel, divert, intimidate so they can portray our argument as narrow. Whoever is in charge needs to solve any weak points.

Chairman MaoAugust 19, 2017 2:44 PM

@ Bob

No. Your statement doesn't mean anything to me. Resumé or some epic saga doesn't equal intelligence or conviction.

Did they send you to a special school to learn out to splatter strawman arguments all over the wall.

Maybe this will mean something:

https://archives.fbi.gov/archives/washingtondc/press-releases/2010/wfo080610c.htm

IMRAN ** AWAN ** -- Debbie Wasserman Shultz's favorite IT guy.

FARRUKH ** AWAN ** -- one of Kundra's 'associates' in the FBI memo. Again, Kundra was a shoplifter who became a psych major to become WH CIO to a head of SalesForce.Com to a head dude in a healthcare data warehouse "OUTCOME.COM" recentley valued a $5.5Billion.

(I bet Trump wishes he knew more about computers, now! He wouldn't need to build hotels. Billionaires can now just steal cheap shirts, data, and use Photoshop?

I didn't even need a search warrant for the data because Kundra gave it to Google and WaPo?
)

QUOTE:

During his guilty plea, Bansal admitted that between September 2005 and March 12, 2009 he and his company paid more than $700,000 in bribes to Yusuf Acar, Farrukh Awan and to a cooperating witness, who were then employees of the District of Columbia Office of the Chief Technology Officer. Acar and Awan previously pled guilty to federal charges and are scheduled to be sentenced on August 12, 2010.

Bansal and AITC paid the bribes in exchange for the public officials (1) improperly favoring Bansal and his companies, AITC and Integrated IT Solutions, Inc. (IITS), for award of contracts with the Office of the Chief Technology Officer; (2) ensuring that contractors proposed by Bansal, AITC and IITS were approved; (3) falsely approving time sheets and invoices for AITC and IITS employees which represented overbilling; (4) falsely approving time sheets for AITC and IITS employees which were actually “ghost employees” and performed no work; and (5) falsely certifying receipt of software purchased through Bansal and AITC. Bansal and AITC also admitted to engaging in 17 transactions, each over $10,000, that involved the bribe money and which utilized financial institutions.

“Mr. Bansal's sentence of 20 months in federal prison should make it clear to those who would engage in kickback schemes and seek to bribe public officials that these actions have consequences in the District of Columbia,” said U.S. Attorney Machen. “Whenever anyone violates the public trust and breaks the law, we will prosecute them vigorously.”

BobAugust 19, 2017 6:20 PM

@Mao
That's my deal though, I fail by default. I am so numb about it. Most voters have this attitude of "don't spend all the tax dollars at once." I feel like the corruption is so deep a tertiary system is not a fix. The real fix is going in and cleaning heads out with gasoline, re-educating agencies on morality and respect. Personally, I have already written off the govt and it is important to not rely on its existence. It is not like they protect my interests.

This judication that we are talking about here is more about procedural limits than anything. It is so broad that it looks like a CALEA rehash. Exposing data to me? Don't care. Defendants need rights ensured so that evidence hasn't been loaded with nonsensical stalking.

Whitecollar crime? I'm not getting caught up in it. I wonder why. Maybe users and abusers become codependent on each other. Not trying to one-up you, but I kinda quarantine it. I've been burned by key institutions just like the next guy. You just have to let the idiots play and don't look them straight in the eyes or turn your back. If that's what you want to make this hearing about, its not. They will sideline the whitecollar stuff. Bet on it.

Correct me, but it sort of sounds like you are reaching for a citizens' ubiqtorate/overwatch that will never happen as long as two dominant parties do the same thing and prevent other parties from forming. I have no qualms in telling people I have been looking at Sweden and Iceland's Pirate Party really hard. Iceland, as small as it is, has no fewer than 6 parties, and a deadlock is healthy every now and then. But they generally can't afford the extravagant bs the US spews out. Our problem is govt sprawl and dependency. Tax recycle systems prove that.

Chairman MaoAugust 19, 2017 6:47 PM

@ Bob

I hear you. It sounds like you are succumbing to the system's "grand design" to wear people down to a state of utter hopelessness.

Of course, Apathy is the last stage before collapse.

Edmund Burke[?]: "The only thing necessary for the triumph of evil is that good men do nothing," ev

I suggest you read this article. It's "on point."

http://www.veteranstodayarchives.com/2012/03/19/the-nine-stages-of-civilization-were-in-the-seventh-apathy/

THE FINAL PARAGRAPH READS:

And thus the stage will soon be set for America’s shift from Apathy to the eighth stage of a civilization’s collapse, Dependence on the State which will be quickly followed by Bondage to the State and Orwell’s prophetic words will finally become a reality ~ “There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live ~ did live, from habit that became instinct ~ in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized.”

If you’re not outraged, you’re on life support.


I also like what Noah Webster said on the subject (the Original Webster's Dictionary). It's also "on point."

When you become entitled to exercise the right of voting for public officers, let it be impressed on your mind that God commands you to choose for rulers, just men who will rule in the fear of God. The preservation of a republican government depends on the faithful discharge of this duty; if the citizens neglect their duty and place unprincipled men in office, the government will soon be corrupted; laws will be made, not for the public good, so much as for selfish or local purposes; corrupt or incompetent men will be appointed to execute the laws; the public revenues will be squandered on unworthy men; and the rights of the citizens will be violated or disregarded. If a republican government fails to secure public prosperity and happiness, it must be because the citizens neglect the divine commands, and elect bad men to make and administer the laws. Intriguing men can never be safely trusted. (Noah Webster’s Advice to the Young and Moral Catechism, pgs. 36-37)

Don't give up yet.

BobAugust 19, 2017 9:31 PM

@Mao
That would be totally true except I am fortunate enough to focus on other things. It is not like I let govt workers tread over me. As you mentioned, I do strawdog the situation, but not Wickerman myself. There are people that feed off the system from start to finish, citizens or govt workers. Those are most at risk.

I would use the word 'disenfranchised' but that is not really strong enough. I call this Zenarchy. That is my opinion, but it is more of an insult by Buddhists and Daoists than truth.

Many see the US as a repeat of the Roman Empire, and there is a popular book on it:
Are We Rome? by Cullen Murphy
[https://www.amazon.com/Are-We-Rome-Empire-America/dp/0547052103/ref=sr_1_27?s=books&ie=UTF8&qid=1503195067&sr=1-27&keywords=United+States+Roman+Empire]
I thought it was tedious but interesting at times.

Many think China is already the new empire. That is where we put our money. Good link, but my retort would be sometimes you have to break a system or let it break before rebirth. If you don't get what you want, the predicted behavior will bring things to a head. It is unfortunate that innocents fall prey in the meantime. Not in control, let it break and you will still be proven right.

I would also argue that the steps before this were important, also failed. We built our empire on ponzi schemes, stacking lies. My fear is that gen-Z will have something nasty to deal with. Americans believe what happens elsewhere can not happen here. I beg to differ. The logical conclusion to unchecked policy is socialism. The GOP will never admit that to themselves. It's not what I espouse, but no one does preventative. Civil unrest... look at Germany. Shades of future.

Chairman MaoAugust 20, 2017 12:39 AM

@ Bob

Again, I hear you.

PARTS of America are like Rome as depicted in the movie, "Gladiator" and PARTS are like the Manson Ranch. Typically east and west coasts; but, pockets exist everywhere.

Hopefully, this will put it into perspective: We are dealing with a bunch of psychopaths in positions of influence. As you said, "they suck" ... aka vampires of a kind. You can take the Daoisms and the Buddisms, the Islams, and even the Pope, and all the rest of them out of the equation of analysis. That's what *they* WANT you to believe.

It's simpler than that. As psychopaths, they surround themselves with sociopaths. Psychopaths want the power of god. They seek "an edge" causing them to pervert things like the internet and "the cloud" into tools for their own self-aggrandizement; and, self preservation since they are like the former DC CTO/WH CIO -- simple, common thieves.

THE RESULT: People like Schneier feel the need to visit the Supreme Court to "beg" for some sort of relief from an Orwellian 1984 scenario caused by these vampires -- that he WILL NOT get. At the same time, a chill goes down my spine when I consider his obsession with squids (a primitive, spineless, bottom feeder that has a LOT of "suckers" on it!)

Anyway, the solution is simple. I've already stated it. Beware of the Trojan Horses.

As to your own life 'experience', I'd change my surroundings if I were you without resorting to Iceland (at least for now).

Food for thought.

Maybe we can watch a bunch of politicians perform a ritual human sacrifice at a Spirit Cooking dinner during the eclipse! (Just kidding but then again who knows what these animals will resort to?)

Hope you have a good weekend.


nobodyAugust 22, 2017 1:31 AM

The document focuses on so called stingrays or false base stations. While those are getting cheaper (about 1500 Dollar + laptop), the gov ones are more expensive, the real risk lures somewhere else....

On the backend side from the operator, if govs get an interface to the core network with full access, the location tracking can be done much accurately (technical reasons related to phone reconnect behavior).

And once they have access, there are many interesting commands which can be issues, even if you don't intercept calls. Data payload and metadata is also very "chatty" in terms of privacy.

Mall MosquitoAugust 22, 2017 2:39 PM

To answer the question: Do the police need a search warrant to access cell phone location data?

Of course they don't. It's right at their fingertips at the so-called fusion centers which were hastily but permanently and irrevokably set up as a knee-jerk one-way ratcheting curtailment of our liberties in the wake of 9/11.

It's just that if the police confess in court that they originally obtained the data without a warrant, and the jury discovers that the warrant presented in court was not obtained by bona fide probable cause, but by a parallel construction, there is the remote chance that the jury might nullify the presumption of probable cause for the particulars of the case presented in court.

But the lawyers and judges will never let that happen.

So back to reality, again. No, the police don't need probable cause for anything. America is firmly under the thumb of the dictatorship of the proletariat until our final defeat and death.

"... and as a sheep before her shearers is dumb, ..."

Screaming Fat PigAugust 24, 2017 7:12 PM

No the police don't need a warrant to access cell phone location data.

They just ask one of the "anonymous" hackers to acquire the information.

CuriousAugust 27, 2017 8:46 PM

Has anyone considered the reasons pay phones lost popularity and availability?

Chairman MaoAugust 27, 2017 10:25 PM

@Curious

Has anyone considered the reasons pay phones lost popularity and availability?

Availability is the real problem.

Payphones have always been a "public necessity." They even removed payphones from QTs and other convenience stores. Even jails and courthouses (with cellphone bans)!! Can you believe that crap?

When you want to spy on everyone, you do everything you can to force them to buy or use a profitable item like a cell phone.

Large Mouth BassAugust 27, 2017 11:06 PM

@Chairman Mao

The payphones are all tapped and bugged and under surveillance by the NSA, which forwards the information (sans warrant/probable cause) to the local PD. Invariably some local mobster got busted on a drug deal at a payphone in that part of town, (namely the red-light district where the jails and courthouses are located,) and he vandalized the phone in retaliation once his lawyer got him out of jail.

Land lines used to be "party lines" many years ago, and these days it's a whole different party listening in. Change your mode of thinking, and communicate more by snail mail, face-to-face, or e-mail.

You don't have that false sense of security with plaintext e-mail, and snail mail requires manual labor to intercept, open, read, and make copies, something even the most fascist government cannot afford at 49 cents per letter without at least some modicum of probable cause.

A cell phone is a locator beacon that doubles as a miniature mobile broadcasting station for spooks. You could talk shit with your buddies on your cell phone if you wanted to social-engineer the spooks listening in, but for the most part it just isn't worth the bother.

Emergency? 911? You gotta be kidding me. Do you really want to go to the mental hospital and be certed and committed for mental insanity? Because it sure ain't the cops who show up on those calls, (not unless you're a really cute girl, in any case,) and if you break your leg, the docs just cut it off anymore, and do an emergency amputation (no time for a second opinion) because they went $500,000 in debt for medical school and they don't even know how to set a broken bone in a cast, and besides, they make more money selling all that medical equipment for amputees.

Chairman MaoAugust 28, 2017 1:16 AM

@Large Mouth Bass

I understand the problem completely.

My overall point is that the spy industry don't just want to listen in, they want to put a tape recorder AND tracking device on you.

Slaves in Louisiana in 1800 had more freedom and privacy than a person who carries a cellphone in the 21st century.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.