A new legal complaint filed by a Georgetown Law professor claims that law enforcement agencies using Stingray cell-site spoofing devices are in violation of standard FCC rules because they don't have the proper spectrum licenses to operate the equipment. The complaint, filed by professor Laura Moy on behalf of three different advocacy groups, specifically calls out the Baltimore Police Department for violating the Communications Act, blocking emergency 911 service and disproportionately affecting African American neighborhoods in Baltimore.
Stingrays act as a small-scale cell tower, forcing nearby phones to connect to the device so it can gather identifying information like location or SIM card and carrier data. Newer models can even listen in on phone calls. Although they are generally used to locate criminal suspects, critics claim Stingrays are a violation of privacy because the devices indiscriminately gather information from everyone in the area and cannot be used to specifically target a person of interest. A federal judge also recently threw out a evidence obtained by the DEA while using a Stingray setup, arguing, "absent a search warrant, the government may not turn a citizen's cell phone into a tracking device."
According to Ars Technica, the Stingray's effects on 911 calls were unproven until recently, when several Canadian law enforcement agencies admitted they could only run the devices for three minutes at a time in order to avoid disrupting emergency service and breaking local telecom laws. By applying that same principle to Baltimore, Moy's complaint alleges police put local communities in danger and violated FCC regulations when they deployed the devices in thousands of cases.
What's more, the Baltimore Police Department has no formal policy regarding the use of the devices, but by mapping out all of the locations where BPD deployed Stingrays, Moy's team at the Institute for Public Representation showed the department was using them far more often in black communities. In other words, the civil rights violations committed by the BPD and detailed in the DOJ's recent report extend to high-tech surveillance as well.
"You have law enforcement agencies around the country making widespread use of licensed spectrum without getting licenses to do that," Moy explained to Wired. "That's a very clear violation of the Communications Act. Right now the FCC is just looking the other way."