Careful What You Redact: It May Say More Than What You Left In
from the the-redactor's-dilemma dept
Julian Sanchez has a fantastic post noting what a difficult job it must be to be in charge of figuring out what to “redact” in government documents that are being released to the public — because redacting certain information may actually reveal a lot more than if that same info had been left readable. As an example of this, Sanchez goes through some of the redactions found in the recently released documents from various service providers in how they comply with law enforcement requests for info. He walks through some of the documents, and actually has his attention called to one redacted passage in a template for requesting info. What caught his eye is that the redacted section was the statutory definition of basic subscriber info that could be requested by law. In other words, there’s nothing secretive at all — and, in fact, he notes that other similar documents include identical information that has not been redacted at all.
If the information had not been redacted, he would have skimmed over it without thinking. But the fact that a government official thought that the statutory definition needed to be redacted, actually called a lot more attention to questioning why that passage had been blacked out. From there, Sanchez does some educated and reasonable speculation, to suggest that government officials may be collecting cell tower info, rather than GPS info, requiring a lower standard to request — because they can easily get enough info from that to determine where a person is, even without the specificity of the GPS info. It’s no secret, of course, that you can triangulate location via tower info, if you have info on multiple towers — but, Sanchez points out that there are likely ways to get pretty close even with single tower info, and that can be requested at a much lower standard by pretending that you’re not trying to pinpoint exact location, and not even asking for the triangulated location info.
It is all speculation, of course, but it’s fascinating that what sent him down this path in the first place was the simple decision by a redactor to redact basic information that is obviously already public. Sanchez surmised that the really salient piece of info is the fact that information can be requested while a call is in progress, rather than after it’s done, which is what is used to determine a more precise location, if the subject is moving (and switching towers):
Now, did this possibility first cross my mind when I looked at these documents? No, not really–but thinking about this stuff breeds paranoia, and so a lot of possibilities cross my mind. The pattern of redactions above make me a good deal more confident that this is probably a popular method of getting moderately detailed location info on the “cheap” in terms of legal process. In the criminal context, anyway–for intel, who knows. They make it explicit in some of these documents that the Justice Department’s legal position is that they can get realtime full-GPS with a mere “relevance” court order, but they go ahead and apply for that kind of tracking under stricter rules because they don’t want to risk suppression. Probably they’re less worried about that when they’re operating under FISA pen/trap orders. But if this is right, they may be pulling a bit of a fast one on judges here. Because a lot of these applications to judges–and certainly the Justice Department’s legal briefs in the cases where courts have been reluctant to approve tracking on such a loose standard–imply that this cell site/sector data, why, it’s so rough and approximate that it vaguely counts as tracking at all. Certainly, at any rate, it’s not so precise as to invade any sort of privacy interest. Except that for a target in steady motion, it begins to seem as though they can probably get a substantially more precise fix.
Filed Under: government spying, redacting, streisand effect
Comments on “Careful What You Redact: It May Say More Than What You Left In”
ACTA redacting
This reminded me of the following story:
When someone demanded access to the ACTA drafts refering to Swedish transparency laws they got access to the documents, but all the text was redacted. Have a look. Of course we are all aware of the secrecy, but when it’s illustrated graphically like that it really sends a powerful message. Much more strongly than if it had not been released at all I think.
(Btw. the document was still useful since the document number in the header had not been redacted, so it could be used to confirm the authenticity of a document leaked earlier but where the source was unknown).
Hmm, food for thought.
Excellent article, thanks for finding it, Mike.
Triangulation by cell tower data is something that is mostly not very precise at all. Depending on the area you are looking at, you can get down to a smaller area (neighborhood) but certainly not down to anywhere near the accuracy of GPS, and that is based on getting multiple tower’s info. A single tower would typically give you a single directional cone and potential distance, but nothing more.
GPS on the other hand would be accurate down to maybe 100 feet, possibly less, depending on how many signals the phone received. Accuracy down to 10 feet is possible.
It’s the difference between “he’s in the south end of town” and “he is at 123 4th street”.
The difference legally? The cell tower data is data that the cell company has naturally by itself, without having to deal with anything but the presence of the phone. GPS requires looking at the user data stream. I can see where the courts could see the difference between the two.
Re: Re:
“It’s the difference between “he’s in the south end of town” and “he is at 123 4th street”.”
Nope. More like “he is at the south end of the one hundred block of 4th street.” The original iPhones didn’t have GPS but their triangulation is pretty good.
Re: Re: Re:
Nope, error – the phone’s triagulation is pretty good, but the data that the cell company has isn’t the same as what the phone has. The cell company is working based on the returning signal, which is much weaker and more subject to problems.
I have seen how this triangulation works, and it isn’t anywhere near as accurate as the on phone triangulation is.
Re: Re: Re: Re:
You may be right. I forgot that the phones also used known WiFi spots to aid in triangulation.
Hmmm
Redacting: The Streisand effect of choice for governments!
This is paranoia
You have two choices when you redact a document. Redact what you think may require redaction (over-inclusive,) or redact what you are certain does require redaction (under-inclusive). The difficulty of retroactive redaction ensures that one will always adopt the overinclusive approach.
Mechanically, what happens is that a lower level employee reviews the document and redacts anything they see that may possibly be problematic based on instructions from the person directing production. Then a higher-level decision maker goes through and adds any redactions they see fit. It would be unusual for them to remove any of their subordinate’s redactions. Sometimes, the logic of one person or the other may be screwy. To extrapolate from what may have been an ill-informed choice to a plan or policy of intrusion into the data privacy of civilians is the bad kind of armchair psychology at best, and paranoid conspiracy theorism at worst.
Not that those are necessarily bad things – the cynic in me says that paranoid conspiracy theories are right more often than many people think.
Re: This is paranoia
I’m not sure which part is supposed to be paranoid. We know full well that law enforcement officers seek location data from cell phones during investigations. The inference from the redactions has to do with the fairly narrow question of what level of precision they can achieve using a 2703(d) order (plus, perhaps, something like Triggerfish) as opposed to a rule 41 warrant. Actually, we know the DoJ’s position is that they believe they’re entitled to full GPS data with a 2703(d), but that they prefer to ask for a warrant lest a court disagree. And as I realized after the initial post, we already know that cell site/sector data is used to get a rough fix for more precise triggerfish tracking. The trivial inference that the same data might be used to get a better fix *during* the call for the same purpose strikes me as quite conservative.
Prevention
Costly and damaging mistakes where sensitive information is accidentally released can easily be avoided by using redaction software designed precisely for eliminating sensitive information. ID Shield Redaction Software works in any environment, is easy to use, dependable and tested – our customers have securely redacted over one billion pages. Desktop and Server editions. http://www.extractsystems.com
nice
it’s a good articles i’ve ever read.nice read. i never see before, i think it is good.
Tutorial Blogger
His two wars? Was President Obama in office in October 2001 or March 2003? Why can’t people ever find anything positive to speak about? Why is it human nature to harp on the negative…even when they don’t know what they are talking about? Small Wood Pellet Mill