Sprint handed customer GPS data to law enforcement over 8 million times last year
By Joseph L. Flatley 
posted December 2nd 2009 3:51PM
posted December 2nd 2009 3:51PM
Privacy advocates and career criminals alike are in a lather over reports that between September 2008 and October 2009, Sprint Nextel ponied up customer location data to various law enforcement agencies more than 8 million times. Speaking at ISS World 2009 (a conference for law enforcement and telecom industry-types responsible for "lawful interception, electronic investigations and network Intelligence gathering"), Sprint Nextel's very own Paul Taylor, Manager of Electronic Surveillance, lamented on the sheer volume of requests the company's received in the past year for precise GPS data for Sprint customers. How did the company meet such high demand? Apparently, his team built a special "web interface" which "has just really caught on fire with law enforcement." We're glad that Sprint's plans to streamline the customer service experience don't stop short of those who serve and protect, but as the EFF points out, plenty of nagging questions remain, including: How many individual customers have been affected? Is Sprint demanding search warrants? How secure is this web interface? Check out an excerpt from Taylor's speech after the break.
See more video at our hub!
Good for Sprint. I could care less what they know about where I am, if I were a Sprint customer. I didn't do anything wrong, and you people who sit here and complain about this shouldn't have a problem either if you're doing nothing wrong. Help the law enforcement out in this country. You want these criminals off the streets don't you?? You want all these crooks gone right?? Then give them the tools they need to get the job done, and to keep honest people like yourself safe. I'm sick of these people who sit here and want to be safe, want these jackass criminals gone, but don't want the police, or any governing agency to have the tools necessary to make it easier and allow them to do a better job.
@Joseph L. Flatley
Can you please update the article to make it clear that all carriers do this? It really makes it sound like this is just a Sprint issue.
@(Unverified)
Touché!
Oh settle down. First of all, Sprint isn't the only telecom doing this. ALL telecoms do this.
Second of all, if you rob a bank, kidnap or kill someone, I want the police to find you.
If you don't do anything wrong, you have nothing to worry about, Jesus Christ.
No, not all telecoms are. Qwest at least initially stood their ground and said no. However, I don't know if they later got sued and ordered to comply but they did initially tell the government to stuff it up their ass.
@Scape3d
this isn't about bank robberies, at 8 million it is obviously about other things. And since it is about the investigative process, not something after conviction and 80% of people investigated are innocent, it isn't about criminals in the main but about innocent people.
Second not "all telecoms do it" so whoreishly. Verizon has fought it. It also reflects Sprint's general attitude toward its customers privacy and its customers rights which tells you something about how they might exploit all kinds of private data for commercial reasons as well
Also, where the FACK is my user pic Engadget?!! It NEVER shows up.
well , i cant say i didnt see thus coming , remember nextel was doing shady stuff like this , question , who owns nextel now ? you should already know the answer to that question, but if not , your good ol boys with the only 4g network lol
I would say this is enough reason to avoid Sprint as a carrier for the rest of my natural born life. On the other hand, one has to wonder if they're the only one? Can't be.
Lots of benign uses of cell phone tracking, for sure. But do you really think this won't be used to figure who was attending a controversial politcal rally, or visiting a known activist, or any simlar politcally sensitive scenario? This could be used in so many ways that are tied to law enforcement, yet still a complete trampling of one's right to privacy.
@ScienceIsCool OMG give me a break, Sprint isn't randomly handing your location. So unless you've 1) Called 911, 2) Have a warrant out for your arrest, or 3) Are missing and people are trying to find you, there's no reason to get all insane and paranoid. Sprint just made it easier for the cops/ambulance/fire department/rescuers to come find you. They're not just giving your GPS data out to random people so quit making it sound like that's what they're doing. There's 49 million Sprint subscribers and people call 911 to report all kinds of stuff. Just think of how many people get into car accidents alone-not only do they call 911 sometimes people driving past call 911, etc.
I wonder what's next, the mic is on all the time to record live conversation even though the phone is not used?
I understand why everybody gets upset but why? Are you all murders or criminals that committed a crime and are about to get screwed by Sprint. I doubt it, so why does it really matter. I dont care if they track me they'll just be bored to death...hes at home...hes still at home...now hes still at home...pretty boring. and if your gonna go commit a crime just leave your phone at home!!
Get over it. If you are not committing a crime then you have nothing to worry about. I am glad that Sprint is assisting law enforcement. The next time you are a victim of a crime and wondering why it it taking law enforcement so long, maybe it is because Sprint is stone walling them as some of you seem to want.
Now that I think about it, you guys should be thanking Sprint for this public service. Maybe this way when your mom gets kidnapped, they can find her.
Thank you GOP and the fucking Bush administration that allowed this to happen!
Now, if the Democrats get some Balls this loophole can be closed!
@dnstrom
Stop being a tool! The EFF needs to first and foremost put forward some hard evidence of actual abuse, before I will take any off their hand wringing seriously.
As for democrats closing any loopholes? There are no loopholes. So long as the constitution is supreme and the laws of this nation are followed, we have nothing to fear, except maybe Pres. Obama pulling Clinton*2 and not only keeping files on his political enemies, but also tracking them via all of their web-connected devices.
The true threat out of D.C. is from democrats, not republicans.
@wilfulmac you didn't even read my post...read the patriot act!
Since the Patriot act was passed by the GOP and Bush search warrants are no longer needed to get this data or any other wiretaps on anyone, any time, any where!
That was the work of Bush and the GOP.
The Democrats need to remove or close this loophole!
Relax people! I am a police officer. Trust me, I have better things to do than query the location of random people while violating their rights. The only way these companies give us the location without a search warrant is with exigenct circumstances.
An example.. earlier this year my dispatch received two 911 hang up calls from a woman who said she had been kidnapped and needed help. She hung up prior to providing anymore information. This technology was used to find that she was in a moving vehicle and which hotel it eventually stopped at.
More often, if not almost daily are persons with suicidal ideations that won't provide their location. We have a legal obligation to get them to a mental health professional once they've created that "special relationship" with us.
Furthermore..
This article is just poor journalism by Engadget. Look at all the knee jerk reactions by other posters who have only been provided with a sensationalized number and are crying tears of the patriot act and rights violations.
Last month we had a college age woman forced into the back of a strangers car where she was raped. During the crime her cell phone was dropped on the floorboard. Folks, we had to get a SEARCH WARRANT to ping the VICTIMS own phone! (every 10 minutes)...we aren't randomly locating 8 million people.
Read > Read more > Think > Post
@boyblue I find it pretty funny that people think the cops are sitting around looking at random people's GPS locations, as if the cops really care that you're sitting on your butt at your office desk.
Seriously, poor Sprint is going to have paranoid idiots canceling their phone service because Sprint responds to 911 location requests. *sigh*
@thefifthheat Well, it does happen. Here in portland we had a police officer staling women and using his resources to get what he needed!
It does happen and that's why search warrents need more than one persons approval to obtain!
It's a safty net for the people to be protected from abuse of power.
If you believe that it takes days to get a search warrant your wrong...in an emergency they can be obtained in minutes but requires a certain level of approval to protect the innocent!!
@dnstrom
To get a search warrant I need the following:
Probable Cause > Prosecutor Approval > Judge Approval
For me i dont mind if this helps law enforcment know where i am or where other ppl are if properly authurized.
I know that i am not going to break the law so they dont have a reason to hunt me down or use the tech to harass me in anyway. I do like that the tech can be used to help find myself or other ppl in the case of extream emergency.
Also this tech can keep track of ppl that intend to do serious harm to the population at large. I rather the law enforcment have a way to keep me and my family and my friends family safe as best they can.
I love how people make a big deal out of this. If you're doing nothing illegal then there's no reason for law enforcement agencies to be looking for your GPS coordinates. If you are doing something illegal then well....you should have been smarter. It's not like law enforcement agencies are going around and looking at all of sprint's 50 million customers and seeing where they are for shits and giggles.
people read the article, they cant do this with out consent from authorities, plus all major carriers do this anyway. here is where it explains it. Stop hating on Sprint Jeez.
"In all cases we require a valid legal request appropriate for the circumstances, meaning the request must be accompanied by either a subpoena, court order or customer consent." Sprint is not alone in this practice. All wireless carriers share customer information with law enforcement agencies when the need is mandated.
Location data, URLs visited, text messages sent and received, and other metadata is available to law enforcement even if it's not in response to a 911 call, and it's available without warrants and its access, in practice, goes unreported. All that is needed is a pen register order, which is obtainable by law enforcement simply asserting that "the information likely to be obtained is relevant to an ongoing criminal investigation" (USC 3122.b.2). In other words, "we're cops, and we believe we need this information. We do not present any evidence to you, your Honor, to back up our claim."
Telecoms are legally required to provide such information pursuant to the CALEA act (signed by President Clinton), but have also monetized the process, and it's likely that they collect a profit by providing information to law enforcement agencies. For example, Cox Communications provides 30 days of customer call logs for $40. It isn't hard to imagine how much money Sprint may have collected with 8 million requests.
All this information is available in Christopher Soghoian's blog post on the topic, which Engadget has failed to link to. http://paranoia.dubfire.net/2009/12/8-million-reasons-for-real-surveillance.html
(Reposting from a reply to another commenter, so more people see it.)
if tweeter can locate you, you think the cops can't?.. great piece of trivia. thanks for sharing.
twitter rather. freaking beer.
Please update article to include response from Sprint. It is important to understand the context of the "8 million" number, (which is location pings, not individual consumers) and the four circumstances under which Sprint provides GPS location data to law enforcement.
"There are four circumstances under which law enforcement agents can use the Sprint website and obtain GPS data: 1) under the authority of a court order; 2) to track the location of a customer who has made a 911 call; 3) in an emergency situation, such as tracking someone lost in the wilderness or trying to locate an abducted child or hostage; 4) with a customer’s consent."
http://www.wired.com/threatlevel/2009/12/gps-data/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+wired27b+(Blog+-+27B+Stroke+6+(Threat+Level))
@EvanTribley Sprint
The official Sprint response mentions that as well. In addition, it states that individuals can be ping'd multiple times, so the figure of 8 million is taken out of context and vastly overblown. Poor Sprint...
http://www.phonescoop.com/news/item.php?n=5214
I'm calling shenanigans on this post. Most of these turnovers were probably related to the location of a 911 call. Dispatchers need to be able to figure out where someone is calling from. I, for one, am fine with this.
As a federal agent who uses the Sprint site on a regular basis, I can tell you this guy had to have misspoke. Yes, it takes a court order to get location data on a user. That requires probable cause that the subject using the phone is committing a crime. I can tell you there is no way that 8 million court orders were done last year requesting this info. If 8 million is to be believed, it is probably the total amount of times cell tower data was provided during the course of a 30 day or 60 day court order. I've seen some criminals make 400 calls a day. I imagine that Sprint is providing data on less than 1/10 of 1% of its customers. And yes, the Sprint site is extremely secure. Sprint is not "ratting" out its customers. Sprint, along with every other telecommunication company out there, is adhering to the requirements of CALEA, which requires that they provide the information when served with the appropriate legal request.
For those of you who aren't privy to this side of the fence, rest assured your government isn't spying on you. Believe it or not, there is way more crime and way more criminals than we'll ever possibly catch. We don't have time to spy on you. Hell, we don't even have time to analyze the data we do get on real criminals. You do want us catching the criminals, right? The truth is, we are absolutely overwhelmed with the amount of crime we're dealing with. And there are checks and balances to the system. We just can't decide we are going to go invading people's privacy without cause.
Yes, the system is broken. And it favors the criminals. Imagine you must fight Chuck Liddell, only you have to do it with your hands tied behind your back. For 99.9% of the people reading this website, which I enjoy, btw, you have nothing to worry about when it comes to your government. But trust me, you don't want to take away what little tools we do have when it comes to stopping big crime and terrorists. You have no idea how bad it really is out there.
@chainring
There are checks and balances on all kinds of abused invasions of privacy.
By the way you do realize Sprint customers are paying for this and law enforcement is not. Soley on that basis it is a activity that stands for some critique whatever conclusions you might finally make.
Also you are incorrect in asserting that federal warrants are the only method at obtaining the data.
Why is this new? Because they actually told you how many times they invaded you privacy? There are NSA centers at every telecommunications building because of the patriot act.
Where in the age of open secrets, never told laws, and deliberate ignorance.
"War is peace, Freedom is slavery, Ignorance is strength" - George Orwell
Sprint only is being hammered for the GPS data because the LEOs do not know where you are.
Reason? The USA does not have 5 cameras / citizen like the other side of the pond does.