Digital security is an issue that is raised weekly, with digital privacy seeming to be at odds, security or privacy. These topics come to a point when the topic of Stingray towers is brought up, mobile devices that mimic mobile phone towers. These devices can be used to intercept data such as phone calls and text messages, potentially leading the authorities to important information. The problem is that these devices act much like regular towers, in that you can’t target them, this means that you can only collect everyone’s data in range and search for the stuff you are interested in afterwards. Seems the IRS (Internal Revenue Service) has been using one of these devices since 2011 and are looking at getting another.
IRS Director John Koskinen wrote in an open letter to Oregon Senator, Ron Wyden, in the hopes of answering some questions regarding the “cell-site simulator technology”. In the letter, they state that they used the device on 11 federal grand jury cases, tracking a total of 37 cellular devices. It does continue to say though that they used the Stingray (constantly referred to as a cell-site simulator) in four non-IRS cases, one federal and three state level.
At the end of the letter, he continues to say about the Department of Justice requiring a warrant now in order to use the technology, along with probable cause and certain restrictions being met.
While it is nice to see agencies report this kind of information and take these steps to monitor information in a legal and controlled way, you have to wonder, if they were trying to monitor 37 phones, how many other phones did they intercept in total?