Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sprint Revealed Customer GPS Data 8 Million Times

Posted by kdawson on from the tap-o-matic dept.

An anonymous reader sends along Chris Soghoian's blog entry revealing that Sprint Nextel provided law enforcement agencies with its customers' GPS location information over 8 million times between September 2008 and October 2009. The data point comes from a closed industry conference that Soghoian attended, at which Paul Taylor, Electronic Surveillance Manager at Sprint Nextel, said: "[M]y major concern is the volume of requests. We have a lot of things that are automated but that's just scratching the surface. One of the things, like with our GPS tool. We turned it on the web interface for law enforcement about one year ago last month, and we just passed 8 million requests. So there is no way on earth my team could have handled 8 million requests from law enforcement, just for GPS alone. So the tool has just really caught on fire with law enforcement. They also love that it is extremely inexpensive to operate and easy, so, just the sheer volume of requests they anticipate us automating other features, and I just don't know how we'll handle the millions and millions of requests that are going to come in." Soghoian's post details the laws around disclosure of wiretap and other interception data — one of which the Department of Justice has been violating since 2004 — and calls for more disclosure of the levels of all forms of surveillance.

4 of 315 comments (clear)

  1. Re:automated tool for locating cells? by megamerican · · Score: 5, Informative

    Automated tool for locating cells? wow that sounds like an invitation for disaster and abuse. So what happens first, someone hacks it, or it's used in a 1984 style manner? (my guess is the latter has already happened/happening.)

    Your latter guess has been mandated by law since the passage of the 1996 telecommunications act. Your cell phone can be listened to and tracked anywhere within coverage area as long as your cellphone has its battery inserted.

    --
    If you have something that you dont want anyone to know, maybe you shouldnt be doing it in the first place -Eric Schmidt
  2. Re:Just Sprint, or others as well? by Tynin · · Score: 5, Informative

    Sorry for replying to myself. After some more research I found a ruling by the DoJ (discussed on /. here) that what Sprint is giving the police is protected by the 4th Amendment and would need a warrant to be issued before providing that data. Yet that isn't happening. I read the article, I'm still not sure how this could be legal.

  3. Re:automated tool for locating cells? by LOLLinux · · Score: 5, Informative

    Oh and let's look at who actually voted against the act here: Notice how only 1 Republican voted against it in the Senate while 4 Democrats did. And how it wasn't voted against by a single Republican in the House while 15 Democrats did. Even the abstainers don't paint the Republicans in a good light on this one. Only 1 Rep abstained in the Senate while 2 Dems did while 4 Dems in the House abstained while 0 Reps did. And before I get labeled a Liberal or a Democrat, I'm a centrist who votes for the Libertarians.

  4. Out-of-date laws are the culprit by ManConley · · Score: 5, Informative

    While the Lenihan order and decision did say that the government cannot demand location information without a search warrant, that decision has been appealed by the current administration. And even if the DOJ loses that appeal, the decision would only apply to a limited section of the country - other courts could decide differently.

    The bigger issue is that electronic communications laws are badly out-of-date. There are so many grey areas and loopholes that Sprint and the DOJ can easily argue with a straight face that GPS records are not protected by the Constitution, are not protected by federal or state law, can be demanded without a search warrant, can even be voluntarily handed over with no process whatsoever, do not have to be logged, and do not require anyone ever to tell the person whose location information was collected that they were tracked. And while the courts often do get it right eventually, that's a really slow battle - we need a better approach than that.

    We (the ACLU) are launching a new campaign, Demand Your dotRights, to push companies and lawmakers to provide real protections for our personal information. The "Electronic Communication Privacy Act," which is supposed to protect information like GPS records, was passed in 1986(!) - it just doesn't fit any more.

    We hope you will all sign on and join our efforts to push Sprint, lawmakers, and others to respect individual privacy. It clearly won't be an easy battle (seeing how Sprint is actually proud of its "over 8 million GPS record requests served" title), but with enough support, we hope to make a difference - and we could use your help!