The secure messaging service Signal[1] has released the details of a search warrant it received from the Santa Clara, California Police which shows the efforts US law enforcement agencies will go to force online platforms into disclosing the personal information of their users. In the search warrant, the police sought to get the name, street address, telephone number, and email address of a specific Signal user, which is not necessarily unusual. It also wanted billing records, the dates of when the account was opened and registered, inbound and outbound call detail records, voicemails, video calls, emails, text messages, IP addresses along with dates and times for each login, and even all dates and times the user connected to Signal.
In response to the search warrant, Signal provided law enforcement authorities with timestamps regarding the account specified in the search warrant. The timestamps showed the dates that the account last connected to Signal. Signal said in a blog post that, by default, it does not collect the requested information from users. "As usual, we couldn't provide any of that. It's impossible to turn over data that we never had access to in the first place. Signal doesn't have access to your messages, your chat list; your groups, your contacts, your stickers, your profile name or avatar; or even the GIFs you search for," Signal wrote in the blog post.
The company's interaction with Santa Clara County Police Department did not end there, as the law enforcement authorities then issued a non-disclosure order that required Signal to not publicly disclose that it received the search warrant. The non-disclosure order was then extended four times, which resulted in Signal's request to unseal the search warrant being repeatedly pushed back. In total, it took Signal almost a full year before the company was able to legally publicly disclose the process it underwent when it received the search warrant.[2]
"Though the judge approved four consecutive non-disclosure orders, the court never acknowledged receipt of our motion to partially unseal, nor scheduled a hearing, and would not return counsel's phone calls seeking to schedule a hearing," Signal wrote.
Law enforcement authorities around the world are increasingly finding ways to compel online platforms to hand over information about their users. In September 2021, hosted email service provider ProtonMail, located in Switzerland, publicly disclosed that French authorities were able to acquire the IP address of one of its users through getting approval from Swiss courts. This was despite ProtonMail not being subject to French or EU requests, and only being required to comply with requests from Swiss authorities.
In response to the order, ProtonMail CEO and founder Andy Yen said all companies have to comply with laws, such as court orders, if they operate within 15 miles of land. "No matter what service you use, unless it is based 15 miles offshore in international waters, the company will have to comply with the law," Yen said at the time.
Democracy advocate Freedom House last month also published findings that indicate a growing number of governments are forcing tech businesses to comply with online censorship and surveillance. Freedom House said in the past year alone, 48 out of 70 countries covered in its research which accounted for 88% of the world's Internet users have pursued new rules for tech companies on content, data, or competition over the past year.
Based upon 28+ years in the law enforcement profession, this author believes that the issuance and subsequent non-disclosure orders indicates that a serious crime had been committed and the alleged suspect was utilizing Signal as a means of communication. Search warrants must be based upon probable cause and the warrant is issued through the court system – this case a state court. Many successful prosecutive legal hurdles were needed to get the data information from Signal. So to answer the original question, and in my opinion, law enforcement will take any 'legal' action to solve a crime.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.wapacklabs.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/3702558539639477516
[2] https://www.zdnet.com/article/signal-unveils-how-far-us-law-enforcement-will-go-to-get-information-about-people/
Comments