A secret recording of a presentation delivered by a surveillance firm has revealed how Apple has assisted law enforcement agencies and state-sponsored surveillance programs by providing iCloud data. The presentation also revealed that with data from the likes of Facebook and Google, unsuspecting targets could be tracked within a three-foot radius.
The revealing presentation in question was given by PenLink’s Scott Tuma at the National Sherrif’s Association winter conference and was recorded by Tech Inquiry founder Jack Poulson. Organizations like PenLink are nondescript service providers that work behind the scenes to help the US government track criminals. PenLink is based in Nebraska and earns $20 million each year for the services it provides. It gained notoriety as a wiretapper in the 2000s when its services helped convict Scott Peterson for gruesome murders. It caters to federal authorities such as the FBI, DEA, Immigration Customs Enforcement (ICE), and local and state police.
Forbes reports that Tuma called Apple’s assistance (when required by a subpoena/warrant) through iCloud backups and data “phenomenal.” “If you did something bad, I bet you I could find it on that backup,” he said. Meanwhile, the iPhone maker claims that it lets users encrypt their backups. It also says that it responds to law enforcement agencies directly upon request and not through private companies like PenLink. The company has also publicly refused to unlock iPhones in the past for users’ privacy and safety.
Other startling revelations in Tuma’s presentation suggest that PenLink can tap into activity on almost any social media platform, including those that advertise foolproof end-to-end encryption. Facebook, Instagram, LinkedIn, Snapchat, and Google.
“(Google) can get me within three feet of a precise location. I cannot tell you how many cold cases I’ve helped work on where this is five, six, seven years old and people need to put (suspects) at a hit-and-run, or it was a sexual assault that took place.”
Facebook reportedly gives enforcement agencies location data that’s accurate up to 60 or 90 feet. Snapchat’s data is accurate to 15 feet, but it releases information to enforcement agencies only four times daily. Facebook also makes the process difficult. Enforcement agencies get locked out if they don’t log in every hour to the portal where the platform provides the target’s data to download. Facebook has oodles of data and, in one case, yielded 27,000 pages of it from just one account.
On the one hand, social media firms are making it harder for wiretap agencies to access confidential user data, even when required by law. For instance, PenLink said WhatsApp messages are accessible through the cloud backups but intercepting end-to-end encrypted conversations in near-real-time only yields data about how a WhatsApp account was used and which phone numbers contacted each other at what time.
On the other hand, social media users have a glaring privacy concern. American Civil Liberties Union counsel Jennifer Granick told Forbes that enforcement agencies are required to minimize the use of wiretapped information, and they must also “give notice and show necessity.”
“It’s hard to imagine that wiretapping 50 social media accounts is regularly necessary, and I question whether the police are then going back to all the people who comment on Facebook posts or are members of groups to tell them that they’ve been eavesdropped upon.”
What are your thoughts on covert surveillance through social media? Tell us in the comments section below.[Via Forbes]