It should surprise very few to learn that federal law enforcement agencies track Americans without getting court orders, but this time the feds have been tracking U.S. residents using real-time surveillance of credit card transactions and travel reservations.
Security researcher Christopher Soghoian obtained a 10 page document from the Justice Department about "hotwatch" orders. "As the document makes clear, Federal law enforcement agencies do not limit their surveillance of US residents to phone calls, emails and geo-location information. They are also interested in calling cards, credit cards, rental cars and airline reservations, as well as retail shopping clubs," Soghoian explained.
As seen in the document, real-time "hotwatch" surveillance is meant to "track the date, time and location of account transactions as they occur." Loyalty cards, such as those issued by grocery stores or pharmacies could fall into this category. Cell phones as also listed as well as any kind of agencies related to travel arrangements. This real-time tracking of Americans happens without the targets ever knowing about it.
Soghoian wrote, "The government's guidelines reveal that this surveillance often occurs with a simple subpoena, thus sidestepping any Fourth Amendment protections." Federal agents write their own subpoena to get real-time credit card information of a person's purchases. The only role that the courts play in the administrative subpoena process is to issue an order preventing the banks from telling their customers that the government is spying on their financial transactions. If law enforcement appears in front of a judge to get a search warrant by proving probably cause, the person being spied upon will eventually be notified.
Although the government "routinely" obtains hotwatch orders, the DOJ told Soghoian that this document was the only one they could find which was related to hotwatches. This would seem to indicate there is no policy regarding hotwatches or that related documents were withheld.
The Justice Department is required to submit statistical reports to Congress, detailing how many and which law enforcement agencies engaged in wiretapping. As Soghoian explained, "We currently have no idea how often law enforcement agencies engage in real-time surveillance of financial transactions." The lack of information seems to indicate there is no Congressional oversight on hotwatches.
Soghoian has done much work trying to uncover to what extent the government can invade citizen's privacy in our post PATRIOT Act world. With a Freedom of Information Act request, he recently discovered what the DEA spends on wiretaps and pen registers. Microsoft charges the government nothing for surveillance, while Google charges $25 per user and Yahoo charges $29. The FOIA delivered 25 pages to Soghoian about the electronic surveillance methods of the U.S. Marshal Service. He also published a paper about Big Brother's certified lies, how the government can get a "court order" to gain access to falsified cryptographic credentials (spy certs). Those are only a few details uncovered by Christopher Soghoian's security and privacy analysis on slight paranoia.
After this revelation of real-time spying conducted by the feds without a warrant, the tracking of U.S. residents' credit card, store, and travel purchases, there is no telling how much more privacy invasive and illegal surveillance that spooks may do to spy on Americans.
Like this? Check out these other posts:
- All of today's Microsoft news and blogs
- FBI Spied and Lied, Misled Justice Department on Improper Surveillance of Peace Groups
- EFF Warns of Untrustworthy SSL, Undetectable Surveillance
- Traveler to TSA: If you touch my junk, I'll have you arrested
- TSA: Show Us Your Body Or We'll Feel You Up
- ACLU Report: Spying on Free Speech Nearly At Cold War Level
- Full-Body X-Ray Scanners Driving Down A Street Near You?
- Police State of Wiretapping the Web: Who Do THEY Want to Watch?
- DHS to Launch SAR Database. In Suspicion and Surveillance We Trust?
- TSA Secure Flight: The Next TSA Privacy Threat?
Follow me on Twitter @PrivacyFanatic