Cyrus Farivar

How sensitive are local cops when it comes to disclosing information about stingrays, the fake cell phone towers used to track targeted phones? Apparently, they're sensitive enough to involve the United States Marshals Service with an ongoing case in Florida.

After being informed of a straightforward public records request to learn more about the Sarasota Police Department's use of stingrays, the US Marshals suddenly moved the stack of paper records hundreds of miles away. It's a move that will frustrate ongoing efforts by the American Civil Liberties Union (ALCU) to access the documents in question.

Serving as an outgoing United States magistrate judge, Brian Owsley had decided that one of his final judicial acts would be to unseal more than 100 of his own judicial orders involving digital surveillance that he himself had sealed at the government’s request.

But not long after Judge Owsley's move in 2013, a US district judge vacated Owsley’s order and resealed them all. That order itself was then sealed.

"I don't think it's that normal," Judge Owsley said.

In a rare move, the media company Dow Jones filed a new motion with the US District Court in the Southern District of Texas asking it to unseal all such documents and to make them available publicly online. The motion was filed in conjunction with a new report from The Wall Street Journal (Dow Jones is the newspaper’s parent company) showing that the sealing of such court files is on the rise. Those orders initially had been sealed as they had involved forms of digital surveillance that the government doesn’t want revealed, including the use of pen/trap orders, tower dumps, and stingrays (devices that act as fake cell phone towers).

California has become the largest state to pass some version of the “4th Amendment Protection Act” in one of its lawmaking bodies.

The Golden State’s senate passed the bill, and the bill likely will come before the state assembly later this summer. As currently drafted, the California bill prohibits “the state from providing material support, participation, or assistance to any federal agency attempting the illegal and unconstitutional collection of electronic data or metadata, without consent, of any person not based on a valid warrant that particularly describes the person, place, and thing to be searched or seized or a court order, or in accordance with judicially recognized exceptions to warrant requirements.”

State Senator Ted Lieu (D-Torrance), who authored the bill, told Ars that the bill is a “substantive and symbolic” way to counter the effects of the National Security Agency (NSA). Lieu is an Air Force veteran who served as a prosecutor in the Judge Advocate General corps, and he currently serves as a Lt. Colonel in the Air Force reserves.

Federal agents have been known to use “remote access searches” against a target computer whose location is unknown or outside of a given judicial district in past and ongoing cases: a Colorado federal magistrate judge approved sending malware to a suspect’s known e-mail address in 2012.

But similar techniques have been rejected by other judges on Fourth Amendment grounds. If this rule revision were to be approved, it would standardize and expand federal agents’ ability to survey a suspect and to exfiltrate data from a target computer regardless of where it is.

The American Civil Liberties Union (ACLU) published a 21-page memorandum with comments and recommendation to the DOJ. Specifically, the ACLU fears “jurisdictional overreach,” which under the new rules would allow a magistrate judge in any district to impose a “remote access search warrant” in any other district. The memo is authored by Nathan Freed Wessler, Chris Soghoian, Alex Abdo, and Rita Cant, who are attorneys and fellows at the ACLU.

“Unlike terrorism investigations [...], remote searches of electronic storage media are likely to occur with great frequency. The proposed rule is not a minor procedural update; it is a major reorganization of judicial power.” The ACLU also raised the troubling implications of granting the power of a single warrant to conduct vast digital searches.

In a rare public rebuke of American prosecutors’ request on accessing a person’s e-mail, a federal magistrate judge in the District of Columbia has denied a government warrant request to search an unnamed user’s e-mail address, citing the request as being over broad.

According to the March 7, 2014 court opinion and order, the case involves alleged corruption and conspiracy by a defense contractor, and “for purposes of this opinion, the details of the investigation -- which remain under seal on the Court’s docket -- are irrelevant.” Citing a key 2010 appellate ruling establishing a warrant requirement (at least in one United States federal judicial district), Judge John Facciola observed, “[T]he government continues to submit overly broad warrants and makes no effort to balance the law enforcement interests against the obvious expectation of privacy e-mail account holders have in their communications.”

As a magistrate, Judge Facciola has the power to grant search and arrest warrants -- and he has done so numerous times in his nearly 17 years on the bench. Legal scholars note that this case is the latest example of increasing judicial scrutiny in recent years against the government’s overreach in its attempt to gather digital data in criminal investigations.

“I think it reflects a growing recognition that we can't treat e-mail as a separate, less-protected form of communication, either as a matter of law or as a matter of practice,” Brian Pascal, a research fellow with the University of California, Hastings Law School, told Ars. “It's just how we talk these days.”

In a new federal court filing, the Electronic Frontier Foundation has asked for a preservation order similar to one that it already received years ago in one National Security Agency-related case (Jewel v. NSA) to be extended to a second case (First Unitarian Church of Los Angeles et al v. NSA) that the group filed after former National Security Agency contractor Edward Snowden began leaking NSA documents.

Such an order compels the government to retain everything it collected even after the standard five-year deletion period, so that the plaintiffs can pursue civil discovery and if necessary, prove that their calls were among those swept up.

In the filing to Judge Jeffrey White, the EFF also said that it wants the United States government to “disclose the steps it has taken to preserve evidence and to disclose whether it has destroyed telephone records, Internet metadata records, Internet or telephone content data, or any other evidence potentially relevant to these lawsuits.”

Days after new documents provided by Edward Snowden showed that the National Security Agency was deploying malware allowing it to pose as Facebook and other sites in order to intercept data, the NSA is now denying this characterization and insisting that what it does is legal.

With Turbine, no humans are required to exploit phones, PCs, routers, VPNs. “NSA uses its technical capabilities only to support lawful and appropriate foreign intelligence operations, all of which must be carried out in strict accordance with its authorities,” says the document, which was published on the NSA’s Twitter account. (Yes, the NSA has a Twitter account.)

"Technical capability must be understood within the legal, policy, and operational context within which the capability must be employed. NSA's authorities require that its foreign intelligence operations support valid national security requirements, protect the legitimate privacy interests of all persons, and be as tailored as feasible. NSA does not use its technical capabilities to impersonate US company websites. Nor does NSA target any user of global Internet services without appropriate legal authority. Reports of indiscriminate computer exploitation operations are simply false.”

In a speech before the RightsCon conference in San Francisco, deputy assistant secretary of State Scott Busby expressed official approval for the President’s January 2014 policy that established clearer guidelines about state-driven bulk data collection and surveillance.

Busby said that the US “continues to support strong cybersecurity, including strong encryption protocols.” Busby presented the government’s case as to how, why, and under what conditions American government officials should be allowed to conduct digital surveillance. His speech was approved by all branches of the US government, including the Office of the Director of National Intelligence.

“US signals intelligence collection follows the principle that surveillance should not be arbitrary. The new Policy Directive states that signals intelligence activities shall be as tailored as feasible,” Busby added. “We prioritize obtaining data through public sources, as opposed to non-public signals intelligence collection. When decisions about surveillance are made, we assess whether the benefits of surveillance outweigh its risks, and whether there are other, less-intrusive alternatives that might accomplish our foreign intelligence requirements.”