EPIC v. FBI - Stingray / Cell Site Simulator

Top News

  • D.C. Circuit: California Water Well Information Exempt from Public Disclosure: The D.C. Circuit Court of Appeals has ruled that information about a government project to manage water in the California is exempt from disclosure under the Freedom of Information Act. The Court found that Exemption 9, which covers "geological and geophysical information…concerning wells," permitted the Bureau of Reclamation to withhold information about well location and depth information. "Congress enacted FOIA to 'permit access to official information long shielded unnecessarily from public view,'" the Court said. However, the D.C. Circuit rejected the arguments of environmental group AquAlliance that the legislative history indicated the exemption only applied to oil and gas wells; the Court said it should "assume that Congress meant what it said, and said what it meant." EPIC frequently fights overbroad agency withholding of public records. In EPIC v. FBI, a FOIA lawsuit seeking release of FBI privacy assessments, a court sided with EPIC and agreed that the agency did not justify withholding records under a FOIA exemption for law enforcement procedures and techniques. (May. 11, 2017)
  • EPIC v. ODNI: EPIC Anticipates Release of Report on Russian Hacking: In a Freedom of Information Act lawsuit EPIC v. ODNI, EPIC anticipates the May 3 release of the Complete Assessment of the Russian interference in the 2016 presidential election. In January 2017, the Director of National Intelligence released a limited, declassified version report about the "multi-pronged attack" on democratic institutions. EPIC filed a FOIA suit for public release of the Complete Assessment of Russian interference. As EPIC explained in an op-ed in The Hill and statements to Congress, the "public has a right to know the details when a foreign government attempts to influence the outcome of a U.S. presidential election." In accordance with the briefing schedule in the case, the ODNI must release all non-exempt portions of the Complete Assessment on May 3, 2017 to EPIC. EPIC is also pursuing two related FOIA cases as part of the Democracy and Cybersecurity Project. In EPIC v. FBI, EPIC is seeking records concerning the FBI's investigation of Russian interference. In EPIC v. IRS, EPIC is seeking release of President Trump’s Tax records. (May. 2, 2017)
  • EPIC Urges Senate Committee to Investigate FBI's Massive Biometric Database: EPIC has sent a statement to the Senate Judiciary Committee for an upcoming FBI oversight hearing. EPIC urged the Committee to investigate the FBI's Next Generation Identification system, a massive biometric database. EPIC has sought to ensure that the FBI database complies fully with the federal Privacy Act which the Bureau has opposed. EPIC explained to the Senate Committee that an individual's ability to control disclosure of identity "is an essential aspect of personal security and privacy." In a leading FOIA lawsuit, EPIC v. FBI, EPIC also uncovered documents which revealed high error rates in the biometric system. EPIC has filed a FOIA lawsuit against the FBI for information about the agency's plans to transfer biometric data to the Department of Defense. (May. 1, 2017)
  • EPIC Urges House Oversight Committee to Explore FBI's Use of Biometric Data: EPIC has sent a letter to the House Committee on Oversight concerning "Law Enforcement's Use of Facial Recognition Technology." EPIC urged the Committee to investigate the FBI's Next Generation Identification program. EPIC explained that an individual's ability to control disclosure of identity "is an essential aspect of personal security and privacy." The FBI biometric database is one of the largest in the world, but the FBI has opposed privacy safeguards that EPIC supported. The Bureau proposed to exempt the database from Privacy Act protections. EPIC has filed a FOIA lawsuit against the FBI for information about the agency's plans to transfer biometric data to the Department of Defense. (Mar. 21, 2017)
  • Comey Confirms Russian Investigation, FBI Seeks Delay in EPIC FOIA Case: Following Director James Comey's confirmation of the FBI investigation into ties between Russia and Trump's presidential campaign, the FBI asked to delay EPIC's FOIA lawsuit against the agency. In EPIC v. FBI, EPIC seeks public release of records pertaining to the Russian interference with the 2016 Presidential election. Yesterday, in an open hearing before the House Select Intelligence Committee, Comey acknowledged for first time that the FBI is investigating possible coordination between the Trump campaign and Russia's interference in the election. Following the testimony, the FBI immediately asked the court for more time file a schedule for processing the FOIA request in EPIC's case against the FBI. EPIC is simultaneously pursuing a FOIA appeal with the DOJ, pressing the agency to reveal the existence of any applications to wiretap Trump Tower. EPIC has also filed suit against the ODNI for public release of the Complete ODNI Assessment of the Russian interference in the 2016 election, and a new EPIC project, the EPIC Cybersecurity and Democracy Project, will focus on US cyber policies. (Mar. 21, 2017)
  • EPIC FOIA: EPIC Seeks Information about Airport Eye Scans of U.S. Travelers: EPIC has filed an urgent FOIA request with U.S. Customs and Border Protection for details of eye scans conducted on U.S. citizens traveling internationally. The CBP has long been testing biometric identification of travelers, including U.S. citizens, and a recent report indicates U.S. citizens were subject to eye scans before traveling abroad. EPIC seeks public disclosure of the details of CBP policies for scanning U.S. citizen irises and retinas upon entry or exit to the U.S. EPIC makes frequent use of the Freedom of Information Act. As the result of a FOIA lawsuit, EPIC recently obtained several memorandum of understanding regarding the transfer of biometric identifiers between the FBI and DOD. Last month, EPIC also prevailed in EPIC v. FBI, a FOIA lawsuit public release of the FBI's privacy assessments. (Mar. 2, 2017)
  • EPIC, Coalition Back Improved Government Transparency: In comments to Office of Government Information Services, EPIC and a coalition of open government groups urged greater transparency for dispute resolutions. The coalition wrote that a proposed rule "would impose restrictive confidentiality requirements." The coalition proposed revisions that "do not place restrictive confidentiality requirements on requesters" who use dispute resolution services. EPIC routinely advocates on behalf of open government and transparency. Earlier this month, EPIC and a coalition called on the Office of Management and Budget to preserve public access to online government information. EPIC also recently prevailed in EPIC v. FBI, a Freedom of Information Act lawsuit for public release of the FBI's privacy assessments. (Feb. 24, 2017)
  • EPIC Prevails in FOIA Lawsuit for FBI Privacy Assessments: EPIC has prevailed in EPIC v. FBI, a case involving a Freedom of Information Act request for privacy assessments the FBI is required to prepare. EPIC sued the Federal Bureau of Investigation after the agency failed to respond to EPIC's FOIA request for the assessments. EPIC subsequently challenged the adequacy of the agency's search for responsive documents and the FBI's claim that record could be withheld pursuant to "Exemption 7(E)," which concerns law enforcement "techniques and procedures." Today, the federal judge concluded that "the FBI neither adequately described its search nor properly justified its withholdings of information under FOIA exemption 7(E)." The Court ordered the FBI to supplement the record to address the inadequacy of the agency's search and the basis for the Exemption 7(E) claims. (Feb. 21, 2017)
  • EPIC to Testify Before Maryland House of Delegates on Cell Site Simulators: EPIC Senior Counsel Alan Butler will testify today before the Maryland House of Delegates concerning "Cell Site Simulator Technology, Historical Location Information, and Aerial Surveillance by Police." The hearing follows a recent complaint to the FCC regarding the use of "Stingrays," fake cell phone towers, by the Baltimore Police Department to intercept private communication. In a 2013 Freedom of Information Act suit against the FBI, EPIC uncovered plans involving federal and state law enforcement agencies to keep the use of Stingrays secret. EPIC has since argued in amicus briefs that cell phone location data is protected by the Fourth Amendment. Baltimore Police used Stingrays to track more than 1,700 individuals between 2007 and 2014. (Oct. 25, 2016)
  • House Members Seek Answers on FBI Stingray Agreements: Two leading members of the House Judiciary Committee sent a letter to FBI Director James Comey regarding Stingray surveillance devices, which intercept cellphone communications. Representative Jim Sensenbrenner (R-Wisc) and Representative Sheila Jackson Lee (D-Tx) sharply criticized the FBI's use of "non disclosure agreements" that prohibit local law enforcement agencies from discussing the use of Stingrays, even in court proceedings. The representatives noted that such secrecy "shields the technology from debate." They asked the FBI to answer specific questions about the agreements. In 2013, EPIC first uncovered these secret Stingray agreements in a Freedom of Information Act suit against the FBI. (Feb. 25, 2016)

Background

A StingRay is a device that can triangulate the source of a cellular signal by acting "like a fake cell phone tower" and measuring the signal strength of an identified device from several locations. With StingRays and other similar "cell site simulator" technologies, Government investigators and private individuals can locate, interfere with, and even intercept communications from cell phones and other wireless devices. The Federal Bureau of Investigation ("FBI") has used such cell site simulator technology to track and locate phones and users since at least 1995. Recently, federal investigators used a similar device to track down a suspect in an electronic tax fraud ring. This case, United States v. Rigmaiden, No 08-814, 2012 WL 1038817 (D. Ariz. Mar. 28, 2012), has brought the use of this cell phone surveillance technology under public scrutiny, as the Government attempts to shield the methods from discovery. See Order, id. As the Government's own documents make clear, the use of cell site simulator technology implicates not only the privacy of the targets in federal investigations, it also affects other innocent users in the vicinity of the technology.

On July 23, 2008 Daniel David Rigmaiden was indicted on various counts of conspiracy, wire fraud, and identity theft by U.S. Attorneys in Phoenix, Arizona. United States v. Rigmaiden, No. 08-814-PHX-DGC, 2010 WL 3463723 (D. Ariz. Aug. 27, 2010). Since his indictment, Defendant Rigmaiden has submitted various discovery motions seeking information about the investigatory techniques used to locate him. See Rigmaiden, 2010 WL 1039917. The Government opposed Defendant Rigmaiden's request for disclosure of techical specifications and other details about the technology. The Government relied on the testimony of an FBI Supervisor, who described the device as a pen register/trap and trace device. Aff. Supervisory Special Agent Bradley S. Morrison at 1, United States v. Rigmaiden, No. 08-cr-00814 (D. Ariz. Oct. 27, 2011). However, Agenty Morrison also made clear that all data is deleted after an operation because the devices may tend to pick up information “from all wireless devices in the immediate area of the FBI device that subscribe to a particular provider … including those of innocent, non-target devices.” Id. at 3.

In an attempt to avoid disclosure of documents related to this technology, the Government was willing to concede that the "actions it took during the air card locating mission were sufficiently intrusive to constitute a search under the Fourth Amendment if Defendant has a reasonable expectation of privacy." Rigmaiden, 2010 WL 1039917. However, the Government is not willing to concede that Defendant did have a reasonable expectation of privacy in the location of his laptop aircard (in his apartment). Id. As a result of the Government's unwillingness to disclose documents related to this invasive cell site simulator technology that impacts the privacy of innocent communications, EPIC filed a Freedom of Information Act ("FOIA") request in February 2012.

EPIC's Freedom of Information Act Request and Subsequent Lawsuit

In February 2012, EPIC submitted a FOIA request to FBI for:

  • All documents concerning technical specifications of the StingRay device or other cell site simulator technologies;
  • All documents concerning procedural requirements or guidelines for the use of StingRay device or other cell site simulator technologies (e.g. configuration, data retention, data deletion);
  • All contracts and statements of work that relate to StingRay device or other cell site simulator technologies;
  • All memoranda regarding the legal basis for the use of StingRay device or other cell site simulator technologies; and
  • All Privacy Impact Assessments or Reports concerning the use or capabilities of StingRay device or other cell site simulator technologies.

The FBI sent a letter confirming the receipt of EPIC's FOIA request on February 21, 2012. THe FBI Records Management Division assigned a FOIPA Request No: 1182490-000.

Legal Documents

EPIC v. FBI

Share this page:

Support EPIC

EPIC relies on support from individual donors to pursue our work.

Defend Privacy. Support EPIC.

#Privacy

EPIC Bookstore

Robot Law

Robot Law
by Ryan Calo, A. Michael Froomkin,
Ian Kerr