Aug 012015
 

In a letter dated July 28, 2015, the FBI said it could neither confirm nor deny that it has contract J-FBI-09-211, which has to do with “Landshark” restricted software used with the Harris StingRay. This document is referenced in FBI letters to Harris Corporation in which the FBI notifies Harris of its approval of a law enforcement agency’s non-disclosure agreement. This non-disclosure agreement is required before the law enforcement agency can purchase a cell site simulator such as a StingRay, KingFish, or HailStorm from Harris Corporation.

The letter from the FBI states,

Please be advised that upon reviewing the substantive nature of your request, we can neither confirm nor deny the existence of records responsive to your request pursuant to FOIA exemption (b) (7) (E) [5 U.S.C.§552 (b)(7)(E)]. The mere acknowledgment of whether or not the FBI has any such records in and of itself would disclose techniques, procedures, and/or guidelines that could reasonably be expected to risk of circumvention of the law. Thus, the FBI neither confirms nor denies the existence of any records.

Contract J-FBI-09-211 is referenced in the following documents:

Jun 182015
 

In a letter dated June 8, 2015, the FBI responded to my request for a copy of the April 6, 2010, agreement between the FBI an Harris Corporation. This April 6, 2010, agreement is referenced in the approval of law enforcement agency’s non-disclosure agreements that are required before the law enforcement agency can purchase a cell site simulator such as a StingRay, KingFish, or HailStorm from Harris Corporation.

The letter from the FBI states,

Please be advised that upon reviewing the substantive nature of your request, we can neither confirm nor deny the existence of records responsive to your request pursuant to FOIA exemption (b) (7) (E) [5 U.S.C.§552 (b)(7)(E)]. The mere acknowledgment of whether or not the FBI has any such records in and of itself would disclose techniques, procedures, and/or guidelines that could reasonably be expected to risk of circumvention of the law. Thus, the FBI neither confirms nor denies the existence of any records.

However, although the FBI will neither confirm nor deny the existence of the April 6, 2010, agreement, it is referenced in letters from the FBI to Harris Corporation dated June 14, 2012 and February 13, 2013. This refusal to confirm or deny the existence of a document or specific information is known as a Glomar response, named for the Central Intelligence Agency’s response to a FOIA request about its Global Marine front company and its attempt to salvage a Soviet submarine. A portion of the text from both letters states,

The Federal Bureau of Investigation (FBI) has an approved non-disclosure agreement (NDA) in place with the captioned law enforcement agency. In accordance with the cited restricted software agreement and the April 6, 2010 agreement between the FBI and the Harris Corporation, your notification to the FBI of the agency’s intent to purchase, and our execution of the NDA, meets the FBI’s advance coordination requirement. Therefore, the Harris Corporation is permitted to sell the state-and-local version of the Stingray product with the restricted software to the…

Jun 082015
 

In a response to a public records request from April 22, 2015, on June 1, the Pennsylvania State Police released a redacted administrative regulation for the use of “Telecommunication Identification Interception Devices” also known as cell site simulators, IMSI catchers or Stingrays. Administrative regulation AR 9-16 references Pennsylvania’s Wiretapping and Electronic Surveillance Control Act and specifically refers to interception of electronic communications.

The Pennsylvania State Police FAQ on cell site simulators (CSS) claims that the CSS “cannot intercept the content of voice calls or text messages” nor can it obtain “cellular telephone numbers…of any user of a cellular device.” While the specific technical details and capabilities of the two Harris HailStorm devices owned by the Pennsylvania State Police are not known, the claim that the Harris HailStorm cell site simulators cannot obtain the cellular telephone numbers of cellular devices appears to be incorrect. In fact, the name IMSI catcher refers to the devices’ ability to capture the International Mobile Subscriber Identity, which is the device’s phone number.

For more information about the Pennsylvania State Police cell site simulators, see the excellent work by Dustin Slaughter at The Declaration and the Pennsylvania Right to Know Act request at MuckRock.

Pennsylvania purchase orders for Harris StingRay II to HailStorm Upgrade

Update: 6/26/15 – Text was updated to correct a mistake. It can still be seen in strikeout.

Jun 072015
 

In a May 28, 2015, response to a public records request, the Minnesota Department of Public Safety, Bureau of Criminal Apprehension (BCA), released an unredacted non-disclosure agreement with the Federal Bureau of Investigation (FBI). Despite releasing the unredacted NDA, the BCA still claims that portions of the Harris Corporation Terms and Conditions, descriptions of what it purchased and their prices are still exempt from disclosure:

It should be noted that portions of these documents have been redacted pursuant to Minnesota Statute 13.82, subd. 25 as they would reveal deliberative processes or investigative techniques of this agency that would disclose the existence of and the capabilities provided by cellular exploitation equipment to the public. Disclosure of the redacted portions of the documents would reveal sensitive technological capabilities possessed by the law enforcement community and may allow individuals who are the subject of investigation to employ countermeasures to avoid detection by law enforcement.

Credit goes to Rich Neumeister and the Minneapolis Star Tribune for forcing the Minnesota BCA to release a redacted NDA between the BCA and FBI in November 2014.

In this latest release, the BCA included unredacted and redacted versions of the NDA, entitled “Re: Acquisition of Wireless Collection Equipment/Technology and Non-Disclosure Obligations” and dated June 5, 2012.

The BCA also released an email from the FBI, advising it on how to prevent the NDA from being publicly disclosed.  That email from a Supervisory Special Agent at the FBI states,

Hello Andrew,

(U/LES) Thank you for talking with me yesterday about your pending disclosure request. As stated in our conversation, the protection of cell site simulator (CSS) information is a concern for all law enforcement agencies in the U.S. In light of the importance of the lawful usage of the CSS gear, my unit would like to assist you in protecting the data associated with the CSS gear from exposure to counter measures in criminal, terrorism, and foreign intelligence investigations. The first layer of protection for the CSS gear is the Non Disclosure Agreement (NDA), which your agency has signed in order to receive the CSS gear. From our conversation yesterday, my understanding is that you are being asked to disclosure all or part of the NDA. In order to clarify our position, I have attached a letter that the FBI has created for the purpose of articulating the law enforcement and legal support for protecting the NDA. We can send a signed copy of the letter to a government official, if you believe that will assist you in protecting the NDA. Please note that the letter is marked (LES).

(U/LES) In addition, you mentioned that the requestor has claimed that other disseminations of CSS information have appeared in the public view, which classifies them as “public record” pursuant to Minnesota’s laws, and therefore are subject to disclosure by your agency. When possible, would you be willing to send a sample of such information as we may be able to clarify the circumstances of the dissemination? Some disseminations may have been conducted unlawfully and therefore should not be considered “public record” or be subject to further authentication. In addition, we would like to be in a position to assist you in determining the scope and type of your pending response, so if we could set up a meeting with our FBI legal counsel and your office, that would be greatly appreciated.

A comparison of the redacted and unredacted versions of the NDA shows that the information redacted had nothing to do with the technical details or capabilities of the Harris Corporation equipment, but were mostly about preventing disclosure to the public, news media, and judicial system. One heavily redacted paragraphs states that the BCA should seek dismissal of a case in order to prevent disclosure of information about the Harris Corporation equipment. The document also redacted portions of FBI addresses, the name and division of the Assistant Director at the FBI, and the other signatories from the BCA. Here is the remaining text that was redacted in the NDA:

in press releases, in court documents, during judicial hearings, or during other public forums or proceedings

for the sale of the equipment/technology.

met the operator training standards identified by the FBI and’ are certified to conduct operations.

coordinate with the FBI in advance of its use of the wireless collection equipment/technology

the wireless collection equipment/technology or any software, operating manuals, or related technical documentation (including its technical/engineering descriptions) and capabilities)

concerning the wireless collection equipment/technology or any software) operating manuals, or related technical documentation (including its technical/engineering description(s) and capabilities)

wireless collection equipment/technology or any software, manuals, or related technical documentation

in any civil or criminal proceeding, use or provide any information concerning the Harris Corporation wireless collection equipment/technology, its associated software, operating manuals, and any related documentation (including its technical/engineering description(s) and capabilities) beyond the evidentiary results obtained through the use of the equipment/technology including, but not limited to, during pre-trial matters, in search warrants and related affidavits, in discovery, in response to court ordered disclosure, in other affidavits, in grand jury hearings, in the State’s case-in-chief, rebuttal, or on appeal, or in testimony in any phase of civil or criminal trial, without the prior written approval of the FBI. If the Minnesota Bureau of Criminal Apprehension learns that a District Attorney, prosecutor, or a court is considering or intends to use or provide any information concerning the Harris Corporation wireless collection equipment/technology, its associated software, operating manuals, and any related documentation (including its technical/engineering description(s) and capabilities) beyond the evidentiary results obtained through the use of the equipment/technology in a manner that will cause law enforcement sensitive information relating to the technology to be made known to the public, the Minnesota Bureau of Criminal Apprehension will immediately notify the FBI in order to allow sufficient time for the FBI to intervene to protect the equipment/technology and information from disclosure and potential compromise.

at the request of the FBI, seek dismissal of the case in lieu of using or providing, or allowing others to use or provide, any information concerning the Harris Corporation wireless collection equipment/technology, its associated software, operating manuals, and any related documentation (beyond the evidentiary results obtained through the use of the equipment/technology), if using or providing such information would potentially or actually compromise the equipment/technology. This point supposes that the agency has some control or influence over the prosecutorial process. Where such is not the case, or is limited so as to be inconsequential, it is the FBI’s expectation that the law enforcement agency identify the applicable prosecuting agency, or agencies, for inclusion in this agreement.

equipment/technology and any associated software, operating manuals, or related documentation (including its technical/engineering description(s) and capabilities)

in any news or press releases, interviews, or direct or indirect statements to the media.

wireless collection equipment/technology, its associated software, operating manuals, and any related documentation (including its technical/engineering description(s) and capabilities)

UPDATE: June 18, 2015 – It turns out that the Minnesota BCA accidentally released the unredacted NDA. And I thought that someone there had come to their senses.

 

May 262015
 

In response to a January 28, 2015, public records request and after I sent $1.14 to cover the cost of copies, the Phoenix Police Department sent a copy of its February 11, 2013, non-disclosure agreement with the Federal Bureau of Investigation.

With other non-disclosure agreements from the Minnesota Bureau of Criminal Apprehension, Erie County Sheriff’s Office, San Bernardino County Sheriff’s Office, Baltimore Police Department, and Ventura County Sheriffs Office, we can readily determine what text was redacted from the NDA. Nearly all of the redactions are references to hiding information about the StingRay from the judicial system.

From the bottom of the first page, the words “to employ countermeasures” were redacted from the sentence “Disclosing the existence of and the capabilities provided by such equipment/technology to the public would reveal sensitive technological capabilities possessed by the law enforcement community and may allow individuals who are the subject of investigation wherein this equipment/technology is used to employ countermeasures to avoid detection by law enforcement.”

Near the top of the third page of the NDA, the words “during pre-trial matters, in search warrants and related affidavits, in discovery, in response to court ordered disclosure, in other affidavits, in grand jury hearings, in the State’s case-in-chief, rebuttal, or on appeal, or in testimony in any phase of civil or criminal trial,” were redacted from the sentence “The Phoenix Police Department shall not, in any civil or criminal proceeding, use or provide any information concerning the Harris Corporation wireless collection equipment/technology, its associated software, operating manuals, and any related documentation (including its technical/engineering description(s) and capabilities) beyond the evidentiary results obtained through the use of the equipment/technology including, but not limited to, during pre-trial matters, in search warrants and related affidavits, in discovery, in response to court ordered disclosure, in other affidavits, in grand jury hearings, in the State’s case-in-chief, rebuttal, or on appeal, or in testimony in any phase of civil or criminal trial, without the prior written approval of the FBI.”

At the bottom of the third page, the words “seek dismissal of the case in” were redacted from the sentence “In addition, the Phoenix Police Department will, at the request of the FBI, seek dismissal of the case in lieu of using or providing, or allowing others to use or provide, any information concerning the Harris Corporation wireless collection equipment/technology, its associated software, operating manuals, and any related documentation (beyond the evidentiary results obtained through the use of the equipment/technology), if using or providing such information would potentially or actually compromise the equipment/technology.”

Later in the same paragraph, the words “control or influence over the prosecutorial process” were redacted from the sentence “This point supposes that the agency has some control or influence over the prosecutorial process.”

Also in the same paragraph, the words “prosecuting agency, or agencies” were redacted from the sentence “Where such is not the case, or is limited so as to be inconsequential, it is the FBI’s expectation that the law enforcement agency identify the applicable prosecuting agency, or agencies, for inclusion in this agreement.”

At the bottom of the fourth page, the words “the civil or criminal discovery process” were redacted from the sentence “In the event that the Phoenix Police Department receives a request pursuant to the Freedom of Information Act (5 U.S.C. § 552) or an equivalent state or local law, the civil or criminal discovery process, or other judicial, legislative, or administrative process, to disclose information concerning the Harris Corporation wireless collection equipment/technology, its associated software, operating manuals, and any related documentation (including its technical/engineering description(s) and capabilities), the Erie County Sheriff’s Office will immediately notify the FBI of any such request telephonically and in writing in order to allow sufficient time for the FBI to seek to prevent disclosure through appropriate channels.”

Other less interesting redactions included the names of people in the Phoenix Police Department, the name of the Assistant Director of the FBI’s Operation Technology Division (Amy Hess), and the phone numbers for the Assistant Director of the FBI’s Operation Technology Division and the Unit Chief of the Tracking Technology Unit.

May 192015
 

On May 19, 2015, the Tacoma Police Department released a February 13, 2013, letter from the FBI to Harris Corporation permitting it “to sell the  state-and-local version of the Stingray product with the restricted [“Landshark”] software to the Tacoma Police Department.”

The complete text of the letter:

Attention: Patricia Sciandra

Re: Contract J-FBI-09-211 “Landshark” Restricted Software Request Approval – Tacoma Police Department

Dear Ms. Sciandra:

The Federal Bureau of Investigation (FBI) has an approved non-disclosure agreement (NDA) in place with the captioned law enforcement agency. In accordance with the cited restricted software agreement and the April 6, 2010 agreement between the FBI and the Harris Corporation, your notification to the FBI of the agency’s intent to purchase, and our execution of the NDA, meets the FBI’s advance coordination requirement. Therefore, the Harris Corporation is permitted to sell the state-and-local version of the Stingray product with the restricted software to the Tacoma Police Department.

W. L. Scott Bean, III
Chief, Technical Surveillance Section
Operational Technology Division

May 162015
 

On February 27, 2015, California Senator Jerry Hill introduced SB 741, which “would require that require local governing bodies in California to take public comment before implementing cell phone intercept technology.

SB-741 was discussed at a meeting of the California Senate Judiciary Committee on May 12, 2015. After opening remarks by Senator Hill, Tracy Rosenberg of the Bay Area Civil Liberties Coalition spoke in favor of the bill and Aaron Maguire of the California State Sheriff’s Association spoke against the bill.

Maguire said,

We are in respectful opposition to the bill. We’re in opposition to actually several bills that are currently moving through both houses. And really it is sort of a philosophical disagreement. I agree wholeheartedly with the author about the checks and balances that we have in our system in terms of the legislature appropriating certain money and the executive branch utilizing those funds, but I think what we have here is something that goes a little bit too far, which is where the state is mandating that certain items be placed on the board agenda which is, so, with whether it’s with respect to unmanned aerial vehicles or whether its this type of technology or other tactics or other things, we just think that this simply just goes too far and for those reasons, we’re in opposition. Thank you.

After Maguire’s remarks, Senator Joel Anderson asked, “When you use this type of technology, is it considered wiretapping?” Maguire responded, “To be honest with you, Senator Anderson, as far as I know, laws with regard to state, federal, and Fourth Amendment are followed.” Committee Chair Senator Hannah-Beth Jackson noted, “That’s sort of not exactly an answer. So do you have an answer to that?” However, it was Rosenberg who responded, noting that law enforcement frequently seeks an order for a pen register, which is technology for landline telephones that judges understand. Orders for pen registers also have the advantage of not requiring probable cause – they only require that the information likely to be obtained is relevant to an ongoing criminal investigation.

Towards the end of the hearing, Senators Mark Leno and Joel Leno both requested to be added as co-authors to the bill, which was passed unanimously.

Click here for the audio of the SB 741 hearing – a total of 12 minutes and 30 seconds.

May 042015
 

Previously, the Ventura County Sheriff released a heavily redacted non-disclosure agreement with the FBI and similarly redacted terms and conditions from Harris Corporation (See http://www.cehrp.org/ventura-county-sheriff-has-a-stingray/).

Today, I received the following responses to my appeal:

 

Apr 132015
 

In a February 13, 2015, response to my public records request, the Boston Police Department indicated that it had records responsive to my request, but “The information you have requested is exempt from disclosure by MGL c. 4 s. 7(26)(f) and (n). Disclosure of the information contained in these documents would not be in the public interest and would prejudice the possibility of effective law enforcement.”

As the public records request only asked for information related to Harris Corporation equipment, this indicates that the Boston Police Department has a Harris Corporation cell site simulator, probably a StingRay.

Apr 132015
 

In a February 18, 2015, response to my public records request, the New York Police Department indicated it had records responsive to my request, but “In regard to the documents(s) which you requested, I must deny access to these records on the basis of Public Officers Law Section 87(2)(e)(iv) as such information, if disclosed, would reveal non-routine techniques and procedures.”

This indicates that the New York Police Department has a cell site simulator.