e dot dot dot
a mostly about the Internet blog by

April 2019
Sun Mon Tue Wed Thu Fri Sat
 
       


Court Documents Show Canadian Law Enforcement Operated Stingrays Indiscriminately, Sweeping Up Thousands Of Innocent Phone Owners

Furnished content.


A wide-ranging criminal investigation involving eleven suspects has resulted in the reluctant disclosure of Stingray data by Canadian law enforcement. The Toronto PD and the Royal Canadian Mounted Police joined forces to deploy a surveillance dragnet that swept up thousands of innocent Canadians, as Kate Allen reports for the Toronto Star.

Toronto police and RCMP officers deploying controversial “Stingray” surveillance technology over a two-month period swept up identifying cellphone data on more than 20,000 bystanders at malls, public parks and even a children’s toy store.As police sought cellphone data for 11 suspects in a 2014 investigation, they deployed a Stingray — also known as an IMSI catcher — at three dozen locations, including the middle of Yorkville, at the Dufferin Mall, at Vaughan Mills Mall, near Trinity Bellwoods Park, near Kensington Market, and at a Toys ‘R’ Us store in Richmond Hill.
These sweeps occurred years before either law enforcement agency admitted to possessing and deploying Stingray devices. In prior years, Canadian prosecutors dropped charges rather than discuss the devices in open court. This case must have been too big to let go. It involved 50 raids, 112 arrests, and a plethora of charges ranging from gun possession to murder.Multiple defendants are now challenging the evidence derived from the multiple Stingray deployments, arguing that it was gathered unlawfully. The courts may decide to see it the defendants' way, but it's unlikely these deployments broke the agencies' own policies. Pretty much every law enforcement agency anywhere that has acquired a Stingray has deployed first and developed policies after their Stingray use could no longer be kept secret. The agencies involved here are no exception:
An RCMP spokesperson said that policy regarding deployment and resting time is “still being developed,” and that interim guidelines state that the devices will generally operate for three minutes, though may be operated for longer periods under certain circumstances and if permitted by a judge.
From what's contained in the tracking logs submitted as evidence in these cases, there appears to have been very little done to limit the tracking of non-suspects.
According to the logs, police deployed the device at three dozen locations between March 18 and May 23, 2014. In all, the device logged approximately 25,000 captures. The same cellphones may have been captured more than once in that time, since police used the device multiple times at some locations; with those repeat locations excluded, a minimum of 20,000 bystanders in Toronto and the GTA saw their cellphone data swept up.
At one location -- a condo where a target was suspected to live -- law enforcement operated the device for nearly ten minutes, sweeping up 1,400 cellphones.Many of the logs show violations of the limitations law enforcement set for itself when applying for a warrant. The officer obtaining the affidavit failed to mention the device's ability to act as a tracking device. The officer also stated the device would only be operated for three minutes at a time, followed by two minutes of "rest" -- a minor concession meant to limit the impact on phone operation in the area. Instead of doing either of these things, officers switched frequencies every three minutes, running the device pretty much uninterrupted during each deployment.This whole thing started out with the RCMP farming out the warrant request to a novice -- one who probably swore to his own "training and expertise" while combining boilerplate cribbed from other warrants with his subject matter inexperience.
According to court documents, the Toronto police sergeant who obtained the warrant testified he had never used an IMSI catcher before, and that he copied and pasted a set of “standard” wording used in a warrant for a previous case. The RCMP’s program manager for deployment of the technology testified that the standard wording was written “by people that are not operators of the equipment so they didn’t fully understand the capabilities and how it operated.
To reiterate: the Stingrays were (and are) being deployed in an operational policy vacuum. According to a statement given to the Star, the policies the RCMP said it would draw up after it publicly admitted it owned and used Stingrays still aren't in place. An interim policy, instituted in 2017, is the only internal legal framework guiding Stingray use. In practice, this means the RCMP isn't controlling deployments. In this case, it also meant sending an amateur to do a professional's job when it came to securing a warrant. Put it all together and you have the mess both law enforcement agencies created by simply assuming no one would ever find out they'd been using these devices.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 02-Apr-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Facial Recognition Tech Now Capable Of Getting You Kicked Out Of The Mall

Furnished content.


Facial recognition tech continues it kudzu-like growth. It's not just government contractors providing tech for law enforcement and security agencies. It's also making inroads in the private sector -- a place where there's even less oversight of its use.Cameras everywhere have long been part of retailers' operations. But retailers are now adding third party facial recognition software to the mix, further increasing the chance innocent people will be punished for software screw-ups.

[W]ith facial recognition, getting caught in one store could mean a digital record of your face is shared across the country. Stores are already using the technology for security purposes and can share that data -- meaning that if one store considers you a threat, every business in that network could come to the same conclusion.One mistake could mean never being able to shop again.
Kogniz, the company behind one strain of shopper-oriented facial recognition tech, says no retailers are currently sharing data and recordings with other retailers. At this point (if Kogniz is to be believed), retailers are still operating within their own silos. But that could change. And it could change without notice. There's nothing in place legislation-wise that regulates this market. The government isn't keeping an eye on these developments, leaving it up to companies to self-regulate. They've responded by doing nothing.
Without any legal restrictions, companies can use facial recognition without limits. That means being able to log people's faces without telling customers their data is being collected.Two facial recognition providers told CNET that they don't check on their customers to make sure they're using the data properly. There are no laws requiring them to.
This means there's no baseline for accuracy and no limits on sharing or retention. This also means law enforcement can ask to be added to the "sharing" list without running afoul of legal restrictions. False positives could result in bans and/or visits from local law enforcement. One Kogniz client is already sharing its login with local law enforcement, ensuring the government gets pinged every time the system registers a hit.Even the companies providing this tech directly to government agencies are unconcerned about how it's used.
Gemalto, a digital security company, has been providing facial recognition to the Department of Homeland Security, which uses it at US exits to log foreign visitors leaving the country.[...]"Once the customer has it, they're going to operate with the standards that they define," said Neville Pattinson, Gemalto's senior vice president for government programs. "It's not our responsibility to have involvement past the point of delivery."
Fair enough. But the federal government has also decided they need to do almost nothing. Self-regulation isn't working any better in the public sector. That's why the EFF and ACLU are pushing for someone -- anyone -- to start acting like the adults in the room. Fortunately, a handful of local governments are stepping into the legislative void.
In late January, San Francisco supervisor Aaron Peskin proposed legislation to completely ban the city's government agencies from using facial recognition. State lawmakers across the US have suggested similar legislation, like in Washington and Massachusetts.
This is a good step forward, if extremely geographically-limited. Tech development has always moved faster than the government. But that excuse is pretty hollow when it comes to facial recognition tech. The government has been an aggressive early adopter. The legislators are late to the party, but at least they're finally starting to arrive.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 02-Apr-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



April 2019
Sun Mon Tue Wed Thu Fri Sat
 
       







RSS (site)  RSS (path)

ATOM (site)  ATOM (path)

Categories
 - blog home

 - Announcements  (0)
 - Annoyances  (0)
 - Career_Advice  (0)
 - Domains  (0)
 - Downloads  (3)
 - Ecommerce  (0)
 - Fitness  (0)
 - Home_and_Garden  (0)
     - Cooking  (0)
     - Tools  (0)
 - Humor  (0)
 - Notices  (0)
 - Observations  (1)
 - Oddities  (2)
 - Online_Marketing  (0)
     - Affiliates  (1)
     - Merchants  (1)
 - Policy  (3743)
 - Programming  (0)
     - Bookmarklets  (1)
     - Browsers  (1)
     - DHTML  (0)
     - Javascript  (3)
     - PHP  (0)
     - PayPal  (1)
     - Perl  (37)
          - blosxom  (0)
     - Unidata_Universe  (22)
 - Random_Advice  (1)
 - Reading  (0)
     - Books  (0)
     - Ebooks  (0)
     - Magazines  (0)
     - Online_Articles  (5)
 - Resume_or_CV  (1)
 - Reviews  (2)
 - Rhode_Island_USA  (0)
     - Providence  (1)
 - Shop  (0)
 - Sports  (0)
     - Football  (0)
          - Cowboys  (0)
          - Patriots  (0)
     - Futbol  (0)
          - The_Rest  (0)
          - USA  (0)
 - Technology  (1000)
 - Windows  (1)
 - Woodworking  (0)


Archives
 -2024  March  (115)
 -2024  February  (168)
 -2024  January  (146)
 -2023  December  (140)
 -2023  November  (174)
 -2023  October  (156)
 -2023  September  (161)
 -2023  August  (49)
 -2023  July  (40)
 -2023  June  (44)
 -2023  May  (45)
 -2023  April  (45)
 -2023  March  (53)
 -2023  February  (40)


My Sites

 - Millennium3Publishing.com

 - SponsorWorks.net

 - ListBug.com

 - TextEx.net

 - FindAdsHere.com

 - VisitLater.com