SECRET MANUALS SHOW THE SPYWARE SOLD TO DESPOTS AND COPS WORLDWIDE

BY CORA CURRIER AND MORGAN MARQUIS-BOIRE

When Apple and Google unveiled new encryption schemes last month, law enforcement officials complained that they wouldn’t be able to unlock evidence on criminals’ digital devices. What they didn’t say is that there are already methods to bypass encryption, thanks to off-the-shelf digital implants readily available to the smallest national agencies and the largest city police forces — easy-to-use software that takes over and monitors digital devices in real time, according to documents obtained by The Intercept.

We’re publishing in full, for the first time, manuals explaining the prominent commercial implant software “Remote Control System,” manufactured by the Italian company Hacking Team. Despite FBI director James Comey’s dire warnings about the impact of widespread data scrambling — “criminals and terrorists would like nothing more,” he declared — Hacking Team explicitly promises on its website that its software can “defeat encryption.”

The manuals describe Hacking Team’s software for government technicians and analysts, showing how it can activate cameras, exfiltrate emails, record Skype calls, log typing, and collect passwords on targeted devices. They also catalog a range of pre-bottled techniques for infecting those devices using wifi networks, USB sticks, streaming video, and email attachments to deliver viral installers. With a few clicks of a mouse, even a lightly trained technician can build a software agent that can infect and monitor a device, then upload captured data at unobtrusive times using a stealthy network of proxy servers, all without leaving a trace. That, at least, is what Hacking Team’s manuals claim as the company tries to distinguish its offerings in the global marketplace for government hacking software.

Hacking Team’s efforts include a visible push into the U.S. Though Remote Control System is sold around the world — suspected clients include small governments in dozens of countries, from Ethiopia to Kazakhstan to Saudi Arabia to Mexico to Oman — the company keeps one of its three listed worldwide offices in Annapolis, Maryland, on the edge of the federal intelligence and law-enforcement cluster around the nation’s capital; has sent representatives to American homeland security trade shows andconferences, where it has led training seminars like “Cyber Intelligence Solutions to Data Encryption” for police; and has even taken an investment from a firm headed by America’s former ambassador to Italy. The United States is also, according to two separate research teams, far and away Hacking Team’s top nexus for servers, hosting upwards of 100 such systems, roughly a fifth of all its servers globally.

David-Vincenzetti

The company has made at least some sales to American entities, according to comments its outspoken co-founder and CEO David Vincenzetti made in l’Espressoin 2011. “We sell Remote Control System to institutions in more than 40 countries on five continents,” he told the Italian newsmagazine. “All of Europe, but also the Middle East, Asia, United States of America.” In the English-language press, where Hacking Team has been more circumspect about its client list, Vincenzetti’s l’Espresso comments about selling implants to U.S. institutions seem to have fallen through the cracks. Asked about them, Hacking Team spokesman Eric Rabe told The Intercept, “we do not identify either our clients or their locations.”

Whatever the extent of its U.S. sales, Hacking Team’s manuals deserve an audience in America and beyond. This summer, researchers at the Citizen Lab at the University of Toronto’s Munk School of Global Affairs, including the co-author of this piece, published excerpts of the manuals and technical descriptions of Hacking Team’s capabilities. Publishing the manuals in their entirety here will give the public a better understanding of the sophistication of these relatively low-cost and increasingly prevalent surveillance tools. That sort of understanding is particularly important at a time when digital monitoring has spread from large federal agencies to local police departments and as more national governments gain the once-rarified ability to deploy digital implants across borders. Turnkey solutions like RCS effectively multiply the online threats faced by activists, dissidents, lawyers, businessmen, journalists, and any number of other computer users.

A Niche for Commercial Spyware

Within the U.S., there’s relatively little information on the prevalence of law enforcement hacking. The FBI only rarely discloses its use in criminal cases. Chris Soghoian, principal technologist with the American Civil Liberties Union’s Project on Speech, Privacy and Technology, who has closely tracked the FBI’s use of malware, says that agents use vague language when getting judges’ permission to hack devices. “This is a really, really, invasive tool,” Soghoian says. “If the courts don’t know what they’re authorizing, they’re not a good check on its use. If we as a society want malware to be used by the state, we ought to have a public debate.”

What is clear is that large nations with well-funded intelligence establishments have long been capable of the kind of surveillance Hacking Team offers. In 2001, it was first reported that the FBI had developed malware known as Magic Lantern, which could take over a computer and log its users’ keystrokes, as a way around encryption. Soghoian says it’s likely that the bureau and American intelligence agencies get more customized spying solutions from contractors other than Hacking Team. Countries such as China and Russia probably develop their spyware in-house.

Hacking Team and the German firm FinFisher have taken over another niche, as the most prominent purveyors of user-friendly, off-the-shelf spyware for less moneyed customers, says Ben Wagner, director of the Center for Internet and Human Rights at the European University Viadrina. A recent leak of FinFisher data showed customer service communications between the company and Bahrain, Pakistan, Estonia, and a regional police department in Australia, among other clients. The cost of a Hacking Team installation package, meanwhile, ranges from 200,000 to 1 million euros, Vincenzetti told l’Espresso in 2011. Pricey, but not out of reach.

“If those countries didn’t have access to Gamma [FinFisher’s former parent company] or Hacking Team, they probably wouldn’t be able to do this kind of surveillance,” says Wagner. “Those are the two that we know about who have really gone for this targeted surveillance market for smaller and midsize countries.”

Soghoian thinks that “to the extent that Hacking Team has sold in the U.S., it would be to less well-resourced federal agencies or bigger local police teams.”
Hacking Team has built up enough of a profile to become something of an icon in its home country. “Elegant and tan” Vincenzetti has been lauded as a poster-boy for modernizing the Italian economy and is touted to stateside investors at events like “Italy Meets the USA.” Among those promoting Hacking Team is Innogest, an Italian venture capital firm headed by the former U.S. ambassador to Italy Ronald Spogli. The company is in Innogest’s own portfolio.

Despite the acclaim, Hacking Team — and its competitor FinFisher — have drawn the ire of human rights and privacy activists. “We have not that many companies doing nasty things for not that much money on a global scale, but with huge human rights effects,” Wagner said.

Companies like Hacking Team refer to their products as “lawful intercept” technology. They need at least the pretense of dealing with legitimate actors because the legality of surveillance software depends on the behavior of its users. That’s all that fundamentally separates their software from tools for crime or repression. But evaluating that legitimacy becomes tougher as prices fall and customers proliferate.

Hacking Team offers the assurance that its users are all government institutions. Spyware is perfectly legal in law enforcement or intelligence investigations “if used with the proper legal authorization in whatever jurisdiction they’re in,” according to Nate Cardozo, staff attorney at the Electronic Frontier Foundation. Hacking Team’s “customer policy” also claims that it will not sell to countries listed on international “blacklists” or that it believes “facilitate gross human rights abuses.” The company won’t disclose what it means by blacklists, how its review process works, or which, if any, customers have been dumped. Hacking Team’s spokesman refused to provide details beyond what is on the company’s website.

There’s evidence the company is not being particularly selective about to whom it sells. Of 21 suspected Hacking Team users tracked down by Citizen Lab, nine had been given the lowest possible ranking, “authoritarian,” inThe Economist’s 2012 Democracy Index, and four of those were singled out for particularly egregious abuses — torture, beatings and rapes in detention, lethal violence against protestors — by Human Rights Watch.

Its competitors face similar criticism. Activists in Bahrain and Ethiopia have found FinFisher spyware on their computers. (FinFisher did not respond to an emailed request for comment.)

The U.S. government has shown an interest in policing the improper use of packaged malware. The Justice Department just recently brought its first case against a spyware developer, arresting a Pakistani man who marketed StealthGenie, an app that does some of the same things as Hacking Team’s RCS – monitoring all phone calls, messages, emails, texts and more without the owner’s knowledge — except for individuals rather than governments. Announcing the charges against StealthGenie’s maker, an assistant attorney general called the spyware “reprehensible…expressly designed for use by stalkers and domestic abusers who want to know every detail of a victim’s personal life.”

How It Works

Key to the spread of software like Hacking Team RCS is that it’s designed to be simple for non-experts to use.

In a brochure, Hacking Team boasts, “You cannot stop your targets from moving. How can you keep chasing them? What you need is a way to bypass encryption, collect relevant data out of any device, and keep monitoring your targets wherever they are, even outside your monitoring domain. Remote Control System does exactly that.”

Hacking Team manuals, dated September 2013, provide step-by-step instructions for technicians, administrators, and analysts on how to infect a device and set up spying.

The software can be installed physically, via a USB stick, if the authorities have direct access to the computer (imagine a police stop or an airport search.)

Or, the infection can happen remotely. It could take the familiar form of a phishing attack or email scam – as a group of Moroccan reporters found out in 2012. A document promising them a secret scoop (it was titled “scandale,” in French) turned out to be a decoy for Hacking Team software. An Emirati blogger fell victim to the same trick. The implant can also be melded with legitimate, useful software that the victim is prompted to download.

As The Intercept has previously reported, Hacking Team also installs its bugs via “network injectors” – physical devices housed with internet service providers, that allow them to intercept ordinary web traffic, like streaming video, and replace it with infectious code. (After we reported that YouTube and Microsoft Live were exploitable in this way, both companies moved to fix the vulnerabilities.)

From page 107 of the RCS Technician’s Guide. Click to enlarge.

Then there are covert network injections. The spyware installer might lay in wait in a hotel, or a Starbucks, and gain access to your computer by “emulating an access point” – in other words, pretending to be a free wifi hotspot to which the victim connected previously. The manual also describes how the software can deploy password-busting tools to break into closed wifi networks.

From RCS Technician’s Guide, page 115. Click to enlarge.

From RCS Technician’s Guide, page 117. Click to enlarge.

The Hacking Team manuals recommend that customers buy a code signing certificate from Verisign (now Symantec), Thawte, or GoDaddy– companies that offer a stamp of assurance that signals to operating systems and anti-virus scanners that the software is legitimate. Getting what Symantec calls its “digital shrinkwrap” added to Hacking Team software makes it less likely to be detected. (Symantec declined to comment on how it handles malware in issuing certificates. GoDaddy and Thawte did not respond.)

Via one of those methods, the “agent” — ie., the bug — is implanted on any of these devices:

From RCS Technician’s Guide, page 39. Click to enlarge

And set up to start recording:

From RCS Technician’s Guide, page 71. Click to enlarge.

The “analyst” can then explore and take virtually anything from the target’s phone or computer, at least according to the manual.

From RCS Analyst’s Guide, page 59-60. Click to enlarge.

Here our analyst selects an investigation – code-named “Swordfish,” and described as a “Terrorist Attack in Singapore.”

From RCS Analyst’s Guide, page 32. Click to enlarge.

Opening that up, he sees the targets in swordfish – “Alejandro Reade,” “Joey Fargo,” and “Jimmy Page” – “head of the terrorist cell.”

From RCS Analyst’s Guide, page 34. Click to enlarge.

Here’s what he’s looking at on Jimmy’s computer: his desktop, Skype account, Firefox browsing. All of that can be exported from the bugged device to the spy’s computer, undetected.

From RCS Analyst’s Guide, page 49. Click to enlarge.

But before he sends everything off to his higher-ups, he can have a listen, to decide if it’s relevant:

From RCS Analyst’s Guide, page 56. Click to enlarge.

And can even translate it:

From RCS Analyst’s Guide, page 48. Click to enlarge.

Once he’s got all that, he maps out the various people and places tied to his target.

From RCS Analyst’s Guide, pages 66-67. Click to enlarge.

Entities are automatically linked by the software based on their contacts – either as a “know,” a “peer,” or an “identity” (ie., two addresses associated with the same person.)

From RCS Analyst’s Guide, pages 68, 70, and 71. Click to enlarge.

Here are Jimmy and his friends in an industrial lot in Los Angeles:

From RCS Analyst’s Guide, page 76. Click to enlarge.

From RCS Analyst’s Guide, page 81. Click to enlarge.

And here’s the man himself, with all his vital stats. Web sites and physical locations get similar profiles. That photo, the manual notes, will default to the “first image captured by the webcam.”

From RCS Analyst’s Guide, page 85. Click to enlarge.

For more on how this all works, see Citizen Lab’s report, and explore the full set of documents below.

Manuals

Hacking Team RCS 9 Analyst’s Guide (PDF):

Hacking Team RCS 9 Administrator’s Guide (PDF):

Hacking Team RCS 9 Technician’s Guide (PDF):

Hacking Team RCS 9 System Administrator’s Guide (PDF):

Hacking Team RCS Invisibility Report (PDF):

Hacking Team RCS 9.0 Changelog (PDF):

Hacking Team RCS 9.1 Changelog (PDF):

Top Photo: Pablo Blazquez Dominguez/Getty Images; Vincenzetti: Google+

Read More At: https://firstlook.org/theintercept/2014/10/30/hacking-team/

Why Parents Should be Aware of What Gang Stalking is Today

My Commentary:

Sadly, as I have stated in many posts, what the adult perps are teaching their children, and what the “so called”, adult perps are doing to their co workers, their neighbors and anyone else they feel like abusing, will cause normalization and increases in the gang stalking behaviors in “all” age brackets.

Soon, it will be like the streets of Harlem and Oakland in offices and neighborhoods around the world, like, where the kings are trying to kill the bloods, only it will be the Muslim Business Professionals trying to kill the White American or Black American Business Professionals, or the New Black Panther Business Professionals gangstalking and killing the White Business Professionals, or the KKK gangstalking the Black Business Professionals.

You get where I am going with this?

Tell me folks: Since, it is known that children act like this and gang up on other students, and we know, that not all adults are really as mature as their actual age: Why is it such a far stretch to accept that adults do this to other adults? Or is that just the perp disinfo machine at work trying to make the victim look crazy again?

Logic says, it is not a far jump at all, for an adult that has the mental illness, of say, “immaturity personality disorder” to “gangstalk” other people, adults or not. Some adults are just as SICK as their children are.

Anyway, enjoy the article below:

_________________________________________________________

Why Parents Should be Aware of What Gang Stalking is Today

What is gang stalking? Where a bully involves the ongoing pattern of mental or physical abuse of another person, gang stalking involves a coordinated activity by a group of like-minded people on an individual target. The best way to describe what gang stalking is involves giving examples that, when put together, show a pattern of psychological attack and harassment from multiple points. These would include:

  • Attacks and harassment happening sporadically or daily over a number of days.
  • Traffic harassment in the form of being obviously followed, cut-off or forced to brake hard.
  • Someone obviously watching a person’s activities from a distance.
  • Repeat passing of previously-unseen cars going by a person’s house.
  • A sense of being followed but, when examined, no one seems to be the obvious follower.
  • Finding garbage or trash repeatedly thrown on one’s property.
  • Things moved around inside a personal space, office or even a home.

The results or organized gang stalking are predictable and expected. A person experiencing these kinds of issues combined or consecutively will begin to have an increasing feeling of anxiety and fear. That will lead to what a rationale person would describe as paranoia, but it seems to be based in real incidents and instances that only the person is experiencing. It’s rare that a third party witness also sees the behavior causing the problem.

Unfortunately, gang stalking is not an imagined condition. It has happened and does happen with frequency for a variety of reasons. The activity goes by a number of names as well, including predatory gang stalking, vigilante stalking, and group stalking.

Victims of gang stalking often share specific characteristics that are not similar to other victims. It is frequently the case that the gang stalking is started because the victim has upset the common sense of a group, right or wrong. The activity then begins to either punish the victim or force compliance in some issue. The reasons vary and can include the following:

  • The victim represents some kind of perceived threat to a group or a cause.
  • The target often has no idea who all the group members are.
  • The gang members frequently don’t know the victim personally, except maybe one or two of them, nor do they know why the victim has been targeted.
  • The stalking is often indirect and subtle rather than overt and direct.

Some of the most annoying tactics used by gang stalking groups often involve behaviors that have no close or visible contact at all. These can include communications that involve some simple piece of information that is personal. It doesn’t take much; the information just has to be personal enough to irritate the target. This can include the names of family and pets, the time of typical daily schedules, places where family work or go to school, description characteristics, or simply sending messages that the target is being watched with enough detail to confirm the surveillance is indeed occurring. These activities alone can be enough to get under most people’s skins and get them highly irritated if not outright angry.

More general tactics are those that have been around for decades, usually including some kind of minor vandalism that creates an annoying mess to clean up or disturbance to home life. Gang Stalking activities can include crank phone calls, graffiti on a person’s property, trash being thrown everywhere on a front lawn, damage to a car, and a large amount of noise in the street at night to wake a person up.

What makes gang stalking really stand out from other abusive behavior is the fact that the activity continues for a long period of time. There doesn’t seem to be a letting up, which is a result of a coordinated long-term attack by a group’s members. The harassment often increases or matures as well as the group members often believe their anonymity protects them from being caught.

The goals of gang stalking are far more than just annoyance, however. They often include:

  • Harassing a victim to the point of psychological fear or even terror.
  • Convincing everyone else in the community, or at least the target’s peers, that the person is just imagining a gang stalking hoax and is starting to go crazy and paranoid.
  • Working to isolate the victim so that he can’t rely on anyone for any help.
  • Alienate the victim from family and friends, which makes the ongoing psychological harm easier and easier to inflict.

Gang stalking really took a rise after the Internet became widely available in the 1990s with numerous gang stalking stories. The ability to communicate quickly with a group using means that covered their identity made it possible for groups to coordinate over times and distances without easily being identified and caught. This also led to initial gang stalking paranoia.

Group dynamics are the core of a successful gang stalking, so the members are also the weakest link. As long as all the members support the plan, follow their roles, and stay hidden from the target, then it will be near impossible for a target to stop the activity without laying some kind of a trap to expose the members. These dynamics provide the fabric for how the group operates when continuing to maintain a target’s harassment. They also serve as a source of interaction and support for the members, allowing them to find a commonality in their actions and justification for a greater cause; they reinforce each other to keep going and maintain the stalking en masse.

Gang stalking has its weaknesses, however. First off it relies on the assumption that the target will grow demoralized and will stay that way, growing progressively weaker and paranoid under the chronic harassment. Second, the target will not be able to produce or find any viable evidence proving that gang stalking is occurring, thereby isolating him to peers. Third, there won’t be any records available to show a conspiracy actually occurred between suspected persons. Finally, because everything is ambiguous, the target won’t be able to confront anybody as a participant, to then strike back. Again, all of these assumptions are based on the idea that the target is powerless to hit back. The dynamic starts to fall apart, however, where and when a target doesn’t follow these rules.

For those looking to effectively defend themselves from gang stalking activities, information and situational awareness are two tools anyone can become good at collecting. When the products of these tools are put together over time, they begin to produce a niche into the gang stalking group’s system that can be taken advantage of. These efforts should focus on:

  • Keeping regular and detailed records of activities suspected of being gang stalking. This includes times, dates, details and information about each occurrence.
  • Taking photographs or videos of any evidence left behind and saving it as an easily reference record of what occurred. This comes in handy later on when it’s time to show a pattern of behavior. It also corroborates the victim’s statements of what occurred.
  • Keeping a file on every interaction with law enforcement. This includes officer names, case numbers, departments, and who takes evidence from a reported scene if it occurs. Also try to get the incident number and event number from the officer or police department as record tracking can happen under different systems.
  • Being proactive and obtaining a licensed psychological evaluation as soon as gang stalking starts. This defuses and eliminates any argument by non-psychologists that a target is going crazy. The fact that an evaluation says otherwise long before they every came to their conclusion refutes such assumptions before they start.
  • Speaking up and being noisy about what’s occurring. Gang stalking groups want a target to stay silent, to cave in and go into isolation. A noisy target eventually gets someone’s attention to starts to take action against the group.
  • Remembering that stalking is a crime in most jurisdictions, even if done anonymously by a group. Every group eventually has a weakness and can be found out. In fact, groups are more vulnerable to identification than a lone individual. Focusing on nailing down one person’s identification can very quickly lead to the rest of the group, especially if one of them is dumb enough to get caught and arrested.

Gang stalking can be far more powerful in effect than a simple bully, but the problem is the same. The group will often continue to do what it does until the victim stops taking the abuse and starts to push back. When a group gets exposed, it’s power is gone. So every response should aim at meeting this goal of eliminating the effects of Gang Stalking. 

Read More at: http://nobullying.com/why-parents-should-be-aware-of-what-gang-stalking-is-today/

Update on the Abuse they Inflict on Infants

In a previous post I shared how my grandaughter, who was invitro at the time of some of the original electronic harassment and abuse, was born with tags, reduced size, and a heart murmur most likely due to the Radio Frequencies used to harass me and my family, prior to her birth and then of course after her birth they shocked her many, many times.

I thought, I should update, since it has been some time since that original post.

Gi will be 3 years old next month, she cannot talk. STILL. They have repeatedly shocked her on the head, I know this because they shocked me at the same time. Whenever, they shocked us, Gia would get this look on her face of terror, then she would burst into tears. JJ, when they shocked him, screamed, then cried.

They have ruined and innocent childs life and they are probably jumping for joy, laughing and drinking and cheering as they WON. They are the winners, the champions, all at the expense of a child that will be three years old next month.

My God, I bet their mothers are so proud of these, cretin, perverted PIGS.

Their shame,… they will carry it with them every day of their pathetic lives, for the rest of their pathetic lives.

moitra    ammar elehi

Shown above is Ammar Amar Elahi. I blocked him from my facebook account *8 TIMES*. Somehow, he kept coming back. I did not invite him, after all I blocked him and his aliases 8 times.

He is from Pakastan, I am an American. Why would he be so interested in staying on my FB page after I blocked him, 8 times?

I blocked him EIGHT (8) TIMES.

Police now spying on cell phones too

http://www.wtsp.com/story/news/investigations/2014/03/12/2047624/

TAMPA BAY, Florida – The National Security Agency isn’t the only government entity secretly collecting data from Americans’ cell phones. Local police are increasingly scooping it up, too.

Armed with new technologies,including mobile devices that tap into cellphone data in real time, dozens of local and state police agencies are capturing information about thousands of cellphone users at a time, whether they are targets of an investigation or not, according to public records obtained during a 10 News/USA TODAY/Gannett investigation.

The records, from more than 125 police agencies in 33 states, reveal:

  • About one in four law-enforcement agencies have used a tactic known as a “tower dump,” which gives police data about the identity, activity and location of any phone that connects to the targeted cellphone towers over a set span of time, usually an hour or two. A typical dump covers multiple towers, and wireless providers, and can net information from thousands of phones. Locally, Pasco Co. acknowledged using the technique at least once to find a violent suspect.
  • At least 25 police departments own a Stingray, a suitcase-size device that costs as much as $400,000 and acts as a fake cell tower. The system, typically installed in a vehicle so it can be moved into any neighborhood, tricks all nearby phones into connecting to it and feeding data to police. In some states, the devices are available to any local police department via state surveillance units. The federal government funds most of the purchases, via anti-terror grants.
  • Thirty-six more police agencies refused to say whether they’ve used either tactic. Most denied public records requests, arguing that criminals or terrorists could use the information to thwart important crime-fighting and surveillance techniques. Other departments responded to public records requests by citing security exemptions.

The Pinellas Co. Sheriff’s Office was one of the agencies that refused to turn over any of 10 News’ requested records, including records on how the agency was spending its budget. A spokesperson for Sheriff Bob Gualtieri indicated the act of revealing which corporations received the agency’s tax dollars could compromise investigations.

Law enforcement agencies maintain that cellphone data can help solve crimes, track fugitives or abducted children or even foil a terror attack.

Organizations such as the American Civil Liberties Union and Electronic Privacy Information Center say the swelling ability by even small-town police departments to easily and quickly obtain large amounts of cellphone data raises questions about the erosion of people’s privacy as well as their Fourth Amendment protections against unreasonable search and seizure.

“I don’t think that these devices should never be used, but at the same time, you should clearly be getting a warrant,” said Alan Butler of EPIC.

In most states, police can get many kinds of cellphone data without obtaining a warrant, which they’d need to search someone’s house or car. Privacy advocates, legislators and courts are debating the legal standards with increasing intensity as technology – and the amount of sensitive information people entrust to their devices – evolves.

Vast data net

Many people aren’t aware that a smartphone is an adept location-tracking device. It’s constantly sending signals to nearby cell towers, even when it’s not being used. And wireless carriers store data about your device, from where it’s been to whom you’ve called and texted, some of it for years.

The power for police is alluring: a vast data net that can be a cutting-edge crime-fighting tool.

Last fall in Colorado, a 10-year-old girl vanished while she walked to school. Volunteers scoured Westminster looking for Jessica Ridgeway.

Local police took a clandestine track: they got a court order for data about every cellphone that connected to five providers’ towers on the girl’s route. Later, they asked for 15 more cellphone site data dumps.

Colorado authorities won’t divulge how many people’s data they obtained, but testimony in other cases indicates it was at least several thousand people’s phones.

The court orders in the Colorado case show police got “cellular telephone numbers, including the date, time and duration of any calls” as well as numbers and location data for all phones that connected to the towers searched, whether calls were being made or not. Police and court records obtained by USA TODAY about cases across the country show that’s standard for a tower dump.

The tower dump data helped police choose about 500 people who were asked to submit DNA samples. The broad cell-data sweep and DNA samples didn’t solve the crime, though the information aided in the prosecution.

A 17-year-old man’s mother tipped off the cops, and the man confessed to kidnapping and dismembering the girl, hiding some of her remains in a crawl space in his mother’s house. He pleaded guilty and last month was sentenced to more than 100 years in prison.

Not every use of the tower dumps involved stakes so high.

A South Carolina sheriff ordered up four cell-data dumps from two towers in a 2011 investigation into a rash of car break-ins near Columbia, including the theft of Richland County Sheriff Leon Lott’s collection of guns and rifles from his police-issued SUV, parked at his home.

“We were looking at someone who was breaking into a lot of vehicles and was not going to stop,” the sheriff said. “So, we had to find out as much information as we could.” The sheriff’s office says it has used a tower dump in at least one prior case, to help solve a murder.

Law-enforcement records show police can use initial data from a tower dump to ask for another court order for more information, including addresses, billing records and logs of calls, texts and locations.

Cellphone data sweeps fit into a broadening effort by police to collect and mine information about people’s activities and movements.

Police can harvest data about motorists by mining toll-road payments, red-light cameras and license-plate readers. Cities are installing cameras in public areas, some with facial-recognition capabilities, as well as Wi-Fi networks that can record the location and other details about any connecting device.

Some local agencies, like the Clearwater Police Department and the Sarasota Co. Sheriff’s Office, say they have never requested a tower dump.

Meanwhile, other agencies, like the St. Pete Police Department, said they had no way to definitively answer the question without going through every individual investigation its conducted in recent years.

Secret Stingrays

Local and state police, from Florida to Alaska, are buying Stingrays with federal grants aimed at protecting cities from terror attacks, but using them for far broader police work.

With the mobile Stingray, police can get a court order to grab some of the same data available via a tower dump with two added benefits. The Stingray can grab some data from cellphones in real time and without going through the wireless service providers involved. Neither tactic – tower dumps or the Stingray devices – captures the content of calls or other communication, according to police.

Typically used to hunt a single phone’s location, the system intercepts data from all phones within a mile, or farther, depending on terrain and antennas.

The cell-tracking systems cost as much as $400,000, depending on when they were bought and what add-ons they have. The latest upgrade, code-named “Hailstorm,” is spurring a wave of upgrade requests.

Initially developed for military and spy agencies, the Stingrays remain a guarded secret by law enforcement and the manufacturer, Harris Corp. of Melbourne, Florida. The company would not answer questions about the systems, referring reporters to police agencies. Most police aren’t talking either, partly because Harris requires buyers to sign a non-disclosure agreement.

“Any idea of having adequate oversight of the use of these devices is hampered by secrecy,” says Butler, who sued the FBI for records about its Stingray systems. Under court order, the FBI released thousands of pages, though most of the text is blacked out.

“When this technology disseminates down to local government and local police, there are not the same accountability mechanisms in place. You can see incredible potential for abuses,” American Civil Liberties Union lawyer Catherine Crump says.

Public records revealed the Jacksonville, Sunrise, and Miami-Dade police departments have all purchased Stingray devices.

And the Florida Department of Law Enforcement has purchased at least six – at a cost to taxpayers of $3 million – to make available to local law enforcement agencies in six different regions of Florida.

Once again, the Pinellas Co. Sheriff’s Office refused to turn over documents that would indicate whether it had spent hundreds of thousands of dollars for a Stingray of its own.

Privacy, oversight concerns

Crump and other privacy advocates pose questions such as “Is data about people who are not police targets saved or shared with other government agencies?” and “What if a tower dump or Stingray swept up cell numbers and identities of people at a political protest?”

When Miami-Dade police bought their Stingray device, they told the City Council the agency needed to monitor protesters at an upcoming world trade conference, according to purchasing records.

Most of the police agencies that would talk about the tactics said they’re not being used for intelligence gathering, only in search of specific targets.

Lott, the sheriff in the South Carolina gun-theft case, said police weren’t interested in seeing data about the other residents whose information was collected as a byproduct of his agency’s tower dumps.

“We’re not infringing on their rights,” Lott said. “When they use that phone they understand that information is going to go to a tower. We’re not taking that information and using it for any means whatsoever, unless they’re the bad guy or unless they’re the victim.”

Brian Owsley, a former magistrate who reviewed many police requests for bulk cellphone data, grew skeptical because authorities were not always forthcoming about the technology or what happened with “collateral data” of innocent bystanders.

“What is the government doing with the data?” asks Owsley, now a law professor at Texas Tech University.

Surveillance regulation is being tinkered with piecemeal by courts and legislators. This year, Montana and Maine passed laws requiring police to show probable cause and get a search warrant to access some cellphone data, as they would to search a car or home. State and federal courts have handed down seemingly contradictory rulings about which cellphone data is private or not. Seattle’s City Council requires police to notify the council of new surveillance technology deployed in the city.

“We have to be careful because Americans deserve an expectation of privacy, and the courts are mixed right now as to what is an expectation of privacy when using a cellphone,” saysU.S. Rep. Dennis Ross, R-Lakeland, who says Congress needs to clarify the law. “More and more, we’re seeing an invasion of what we would expect to be private parts of our lives.”

Legislative and judicial guidance is needed to match police surveillance rules to today’s technology, says Wayne Holmes, a prosecutor for two Central Florida counties. He has weighed frequent local police requests for tower dumps and Stingray surveillance. “The clearer the law, the better the law is.”

Americans “are sensitized right now” to cellphone surveillance because of reports about potential abuses by the NSA, said Washoe County Sheriff Michael Haley of Reno. He’s is opting not to use the Stingray.

“I’m being cautious about how I access information, because at the end of the day I know that I will be in court if I access information using systems and techniques that are not constitutionally vetted,” Haley said.