Stingrays — those cellphone surveillance devices preferred by law enforcement agencies — definitely broke into the mainstream public consciousness this year. And while the word is out that law enforcement agencies from California to New York have used the devices to monitor citizens for years, a new report (PDF) from the bipartisan House Oversight and Government Reform Committee shows that the rules governing their usage can vary greatly from state to state or even department to department. As a result, committee chairman Jason Chaffetz (R-UT) and member Elijah Cummings (D-MD) are calling on Congress to establish “a clear, nationwide framework that ensures the privacy of all Americans are adequately protected.”
The committee has already pushed the Department of Justice, the Department of Homeland Security and the IRS to require a warrant before deploying a Stingray or other similar cell network-spoofing device, but the report’s findings showed that in many states law enforcement agencies don’t even need probable cause in order to justify their usage. To remedy that situation, the report recommends that Congress pass clear rules about “when and how geolocation information can be accessed and used.”
The DOJ and DHS will then be responsible for requiring local law enforcement agencies to adopt the framework before they can receive federal funding for Stingray devices like the ones that violated FCC regulations in Baltimore. Finally, the committee also recommends that the non-disclosure agreements that have obscured details of some Stingray deployments should be replaced with “agreements that require clarity and candor to the court.” While the new framework, if passed by Congress, sounds like a promising move in the right direction it won’t do much when the vigilantes inevitably set up their own cell-spoofing dragnets.