How the US Government Planted ‘Spy Phones’ on Suspects

In 2010, a suspected cocaine smuggler named John Krokos bought encrypted BlackBerry devices from an undercover Drug Enforcement Administration agent. That sort of federal subterfuge is par for the course. But in this case, the DEA held onto the encryption keys—meaning that when the government moved on Krokos and his alleged collaborators a few years later, they could read the emails and messages that passed to and from the phone.

That revelation is detailed in a new report from Human Rights Watch, along with a 2015 email that shows that the DEA had expressed interest in using smartphone malware from Italian company Hacking Team to spy on multiple suspects’ locations. Together, they illustrate a potentially chilling practice on the part of the US government to preemptively plant spy devices on suspects. They also shed light on actions by federal law enforcement that aren’t necessarily illegal, but do test the boundaries of surveillance, and potentially subject non-targets to federal snooping.

“If the government is distributing, effectively, bugging devices, without sufficient court oversight and authorization, I think that could really have a chilling effect on free expression, if people feel like they have to assume the risk that any phone they’re handed could have been bugged in a way that would violate their rights,” says Human Rights Watch researcher Sarah St. Vincent.

blog
why not look here
more information
look at these guys
site link
helpful hints
pop over to this web-site
go to my site
see this page
browse around this website
view website
my sources
webpage
Discover More Here
Learn More Here
company website
click for info
Read Full Article
his response
click over here
take a look at the site here
more tips here
helpful resources
check out this site
look at this website
have a peek at this site
the original source
Continue
visit our website
visit this website
go to this website
pop over here
Home Page
Recommended Reading
these details
advice
try these out
check my reference
her comment is here
useful link
Resources
hop over to here
click this link here now
blog link
Continue eading
Click Here
Clicking Here
Go Here
Going Here
Read This
Read More
Find Out More
Discover More
Learn More
Read More Here
Discover More Here
Learn More Here
Click This Link
Visit This Link
Homepage
Home Page
Visit Website

BlackBerry has denied any involvement in the proceedings, and the DEA declined to comment because some litigation related to the Krokos investigation remains ongoing. Krokos himself eventually pleaded guilty, and received a 138-month prison sentence.

The key question in the Krokos case centers around whether the government had a wiretap warrant prior to distributing the devices in the first place; an affidavit from the prosecutors suggest they got it afterward. If so, that would effectively let them set up a surveillance system before they had approval to use it.

“The consequence of them not disclosing that they’ve kept the decryption key gets a little more complicated,” says Stephanie Lacambra, a staff attorney at the Electronic Frontier Foundation, a digital rights group, who cautions that law enforcement would have required judicial oversight before actually accessing the communications.

Even if the DEA’s actions were by the book, though, St. Vincent argues that the practice could have unintended consequences. “The reality is that people can and do buy used phones. Mobile phones are mobile; people borrow them, people lose them, people steal them, people buy them on Ebay or the used phone shop. There’s some possibility, if this tactic were commonly used, that you could be seeing phones that were compromised in some way getting into the hands of someone other than the intended targets,” she says. “If you think of the ways the tactic could be abused, it is quite scary.”

The lack of clarity around how widespread a tactic this is also raises concerns for Human Rights Watch. The Krokos case seems unlikely to be an isolated incident, especially given that the DEA had a seven-figure contract with Hacking Team, as first reported by Motherboard in 2015. While the Krokos case did not involve the type of spyware Hacking Team provides, that would be another means to the same end, compromising a phone, then ensuring that it winds up in the hands of a suspect.

That contract was apparently canceled after 17 deployments, but in a 2015 internal email leaked by WikiLeaks and surfaced by Human Rights Watch, the Hacking Team operations manager claimed that the DEA was infecting “a large number of phones,” and had interest in installing the spy software in as many as 1,000 devices, though it’s unclear whether a purchase of that magnitude ever took place.

Leave a Reply

Your email address will not be published. Required fields are marked *