Spies are all set to grab your metadata

ANALYSIS

Imagine a country where you attend a protest with thousands of other people to demand democracy and accountability from an increasingly unresponsive, authoritarian government.

Imagine a country where the government has the ability to print out a list of just about every person at that protest, including their names, addresses and contact details. How safe would you feel?

Well, thanks to a device called the “grabber” that’s been making the headlines recently, you may well be living in such a country.

The grabber is a mass surveillance device used by police and intelligence agencies globally. In South Africa recently, the police caught criminals in the act of trying to buy one, and apparently a second grabber is still at large.

Also known as international mobile subscriber identity (IMSI) catchers, or active cell site simulators, the device can intercept the location and identifying information of thousands of cellphones at the same time. Next-generation devices can even impersonate a user’s cellphone, block calls and intercept communications content such as SMSs and change the content.

IMSI catchers are surveillance tools that act like fake base stations, allowing the operator to bypass telecoms companies and communicate directly with cellphones.

State law enforcement or intelligence agencies typically use these devices to identify a suspect’s location, providing they know the person’s cellphone number or, if they don’t, to identify a suspect’s number for tracking purposes. The devices can also track data-only devices.

If they fall into the hands of criminals, they can be used for a range of purposes, including espionage.

The problem is that, in order to identify a targeted individual, these devices have to suck up the information of all other cellphone users in the vicinity, even if they are not suspects. This means that the information of thousands of people could land up in the hands of the state – or of criminals – for no good reason.


These devices allow the state to identify whether people are at home, and even where they are in their homes, which constitutes a search – and no search should be conducted without a warrant. This is because the state is trespassing in private space to gather information, where a person has a reasonable expectation of privacy.

Christopher Soghoian of the American Civil Liberties Union says: “If the government shows up in your neighbourhood [with an IMSI catcher], essentially every phone is going to check in with the government … The government is sending signals through people’s walls … and capturing information about innocent people. That’s not much different than using invasive technology to search every house on a block.”

Location data is part of metadata (or information about your information usage), which can say as much, if not more, about a person’s habits, associations and even political beliefs than the content of their communications.

But many state agencies have resisted proper regulation of these devices, basing their arguments on the terribly outdated assumption that metadata should receive lower privacy protections than communications content.

Many agencies also refuse to confirm or deny the use of these devices, arguing that the disclosure of operational methods could jeopardise their investigations. But secrecy may have a grubbier motive, which is to force state agencies to keep information from the public to prevent a backlash against their usage.

Some agencies have signed non-disclosure agreements with manufacturers, and have even attempted to hide their usage from judges, prompting a judicial backlash.

Granted, the devices can be extremely valuable for law enforcement. In one case, they were used to track a rape victim’s cellphone to the rapist’s home. But governments can also abuse these devices to spy on legitimate political dissenters, not just on criminals. Activist organisations have claimed that the police are using them to monitor legitimate protests, a recent example being during anti-police violence protests in Chicago last year.

Governments need to start accounting properly for their use of these devices, which can be done without jeopardising specific investigations.

Recently, the American Civil Liberties Union released recommendations on federal use of the devices. Apart from arguing that policies should require a search warrant based on probable cause, these warrants should also contain information about the number of people who stand to be affected.

They should also spell out measures the agencies have taken to minimise invasions of privacy.

The union also argued that law enforcement agencies should purge all nontarget information immediately, and disallow its dissemination or use. Agencies should stop attempting to conceal their use during court proceedings and they should be prevented from signing nondisclosure agreements with manufacturers.

Information about the number of times the devices have been used should be disclosed publicly, as should all operational policies relating to their use. These proposals ­provide a useful starting point for privacy advocates.

After years of judicial criticism and civil society pressure, the tide is turning in the United States. Last week, the US justice department released a policy requiring its agencies to seek warrants for the device, although the policy does not apply to state and local agencies. Divisions using the device need to provide annual reports on their use.

So what is the position in South Africa? The grabber case makes it clear that these devices are in the country. Reportedly, the president must authorise possession of the devices, but whether the state uses them is a question that still remains to be answered. 

In an attempt to receive some answers, the Open Democracy Advice Centre has sent various government departments information requests on behalf of the Right2Know campaign. Hopefully, these requests won’t be turned down on national security grounds.

When asked whether they were using the devices in their work and, if so, whether they applied for an interception direction in terms of the Regulation of Interception of Communications and Provision of Communication-related Information Act (Rica), the South African Police Service did not respond.

The ministry of state security’s spokesperson, Brian Dube, neither confirmed nor denied their use.

He said: “Well, it becomes difficult for us to reveal the make and details of the equipment we use for the very simple reason that it has the potential to compromise the very work we are doing. With the technological race that is out there between states and organised crime syndicates, it’s not advisable to disclose such details.”

So, if they did use them, would the State Security Agency apply for an interception direction? Dube replied: “On the matter of procedure, the interceptions protocol applies whenever an individual’s communications are to be intercepted. Such a protocol doesn’t provide for mass interception as the interception judge must hear each case on its merit.”

This statement speaks volumes about the ministry’s attitude to the devices, in that it sees them as being about mass surveillance in the main and, for them, mass surveillance would not be regulated by Rica. The inference is that, even if the agency used them, there would be no judicial oversight of their use.

If they are being used in South Africa, then arguably their regulation here is even more urgent than in the US. This is because South Africa has SIM card registration, a legal requirement in terms of Rica, whereas the US doesn’t.

The device allows for the tracking of unknown phones. In countries that do not have SIM card registration, the devices will merely generate a series of numbers and the state won’t be able to track these back to individuals without considerable effort.

But in countries with SIM card registration, such as South Africa, the state can, at the touch of a button, print out the names and addresses of every single cellphone-carrying participant at a rally or protest, for instance.

When cellphone users were told to get Rica’d or risk being cut off, most complied with little resistance.

This quiescent attitude may well come back to bite South Africans, as sophisticated surveillance equipment such as IMSI catchers can now be bolted on to the Rica database and used for mass surveillance purposes.

South Africa has a broad intelligence mandate that includes political intelligence gathering. There is also too little transparency about how the spies do their business. At the same time, surveillance tools are growing in sophistication and none is more pernicious than those used for mass surveillance, as they target the guilty and the innocent alike.

These factors create space for the surveillance capacities of the state to be used for anti-democratic purposes, against perceived political opponents that present no real threat to national security.

South Africans should demand answers about what surveillance tools are being used and for what purposes. They should also stop accepting vague arguments about surveillance being necessary to bring down crime and enhance security, and demand solid evidence that it is actually doing so. Otherwise we may land up getting the security state we surely don’t deserve.

Professor Jane Duncan teaches at the University of Johannesburg. She is the author of Rise of the Securocrats, published by Jacana, and a member of the Right2Know campaign’s surveillance focus group.

These are unprecedented times, and the role of media to tell and record the story of South Africa as it develops is more important than ever. But it comes at a cost. Advertisers are cancelling campaigns, and our live events have come to an abrupt halt. Our income has been slashed.

The Mail & Guardian is a proud news publisher with roots stretching back 35 years. We’ve survived thanks to the support of our readers, we will need you to help us get through this.

To help us ensure another 35 future years of fiercely independent journalism, please subscribe.

Advertising

High Court strikes down ‘paternalistic’ lockdown regulations

The order of unconstitutionality has been suspended for two weeks

L’Oréal workers demand a shutdown of local plant, citing Covid-19...

The French cosmetics company’s Midrand plant has recorded 16 Covid-19 cases in two weeks

Protective equipment for schools in KwaZulu-Natal goes ‘missing’

Without protective equipment, schools in uMlazi, Pinetown and Zululand won’t meet the already delayed deadline for reopening
Advertising

Press Releases

Empowering his people to unleash their potential

'Being registered as an AGA(SA) means you are capable of engineering an idea and turning it into money,' says Raymond Mayekisa

What is an AGA(SA) and AT(SA) and why do they matter?

If your company has these qualified professionals it will help improve efficiencies and accelerate progress by assisting your organisation to perform better

Mining company uses rich seam of technology to gear up for Covid-19

Itec Direct technology provides instant temperature screening of staff returniing to the workplace with no human contact

Covid-19 and Back to School Webinar

If our educators can take care of themselves, they can take care of the children they teach

5G technology is the future

Besides a healthcare problem Covid-19 is also a data issue and 5G technology, with its lightning speed, can help to curb its spread

JTI off to court for tobacco ban: Government not listening to industry or consumers

The tobacco ban places 109 000 jobs and 179 000 wholesalers and retailers at risk — including the livelihood of emerging farmers

Holistic Financial Planning for Professionals Webinar

Our lives are constantly in flux, so it makes sense that your financial planning must be reviewed frequently — preferably on an annual basis

Undeterred by Covid-19 pandemic, China and Africa hold hands, building a community of a shared future for mankind

It is clear that building a community with a shared future for all mankind has become a more pressing task than ever before

The best local and international journalism

handpicked and in your inbox every weekday