spiderman123
Member
Chances are youve never heard of TruePosition. If youre an AT&T or T-Mobile customer, though, TruePosition may have heard of you. When youre in danger, the company can tell the cops where you are, all without you knowing. And now, its starting to let governments around the world in on the search.
The Pennsylvania company, a holding of the Liberty Media giant that owns Sirius XM and the Atlanta Braves, provides location technology to those soon-to-be-merged carriers, so police, firefighters and medics can know where youre at in an emergency. In the U.S., it locates over 60 million 911 calls annually. But very quietly, over the last four years, TruePosition has moved into the homeland security business worldwide.
Around the world, TruePosition markets something it calls location intelligence, or LOCINT, to intelligence and law enforcement agencies. As a homeland security tool, its enticing. Imagine an invisible barrier around sensitive sites like critical infrastructure, such as oil refineries or power plants, TruePositions director of marketing, Brian Varano, tells Danger Room. The barrier contains a list of known phones belonging to people who work there, allowing them to pass freely through the covered radius. If any phone enters that is not on the authorized list, [authorities] are immediately notified.
TruePosition calls that geofencing. As a company white paper explains, its location tech collects, analyzes, stores and displays real-time and historical wireless events and locations of targeted mobile users.
The capability of doing mass tracking is possible.
It can also work other ways: pinging authorities when a phone used by a suspected terrorist or criminal enters an airport terminal, bus station or other potential target. And it works just as well in monitoring the locations of phones the suspects phone calls and who they call and text, and so on.
For the past four years, TruePosition has quietly taken that tracking technology global. In the U.S., Varano says, TruePosition sells to mobile carriers though its cagey about whether the U.S. government uses its products. But abroad, it sells to governments, which it wont name. Ever since it came out with LOCINT in 2008, he says, Ministries of Defense and Interior from around the world began beating down our door.
Thats got some surveillance experts and mobile activists worried. Keeping suspected terrorists away from nuclear power plants and discovering their networks of contacts is well and good. But in the hands of foreign governments not all of whom respect human rights TruePosition tech can just as easily identify and monitor networks of dissidents.
For a company that can do so much to find out where a mobile user is, few outside of the surveillance industry know much about TruePosition. Thats a deliberate strategy on the companys part, to keep a low profile from jump, Varano says. It grants few interviews a little-noticed Fox News story from 2009 is a rare exception and discloses little about its foreign clients. Several surveillance experts contacted for this story were unfamiliar with the company.
The result, says Christopher Soghoian, a graduate fellow at Indiana Universitys Center for Applied Cybersecurity Research, is to make TruePosition the most important global geolocation company youve never heard of. Its like that line about Keyser Soze from The Usual Suspects the greatest trick the devil ever pulled was convincing the world he didnt exist, Soghoian says. Theyve done the same thing. Staying entirely below the radar.
Except TruePosition is hardly satanic. Its Enhanced 911, or E-911, services save lives. In one case the company cites, a corrections officer in Ohios Hamilton County was abducted by a recent parolee and stuffed into the trunk of his car. Her family had no idea where she was. But because her cellphone was turned on and her carrier used TruePositions location tech, police were able to locate the phone along a Kentucky highway. They set up a roadblock, freed the officer and arrested her captor.
Heres how it works. TruePositions location tool, known as Uplink Time Difference of Arrival or U-TDOA, calculates the time it takes a signal travelling from a mobile device to reach sensitive receivers installed in the transceiver station of a cell tower. (The receiver itself is said to resemble a pizza box.) Determining the difference in time it takes for the signal to reach receivers in different towers, determined by servers called Wireless Location Processors, calculates the phones location. The company says it has receivers installed in about 75,000 cell towers around the country.
Notice that the location tech here has nothing to do with GPS. Its network-based, rather than dependent on a GPS receiver inside a handset. Its not reliant on any line of sight to a satellite. Thats a point of pride within TruePosition. GPS has accuracy and precision woes in dense urban areas and the indoors. Or inside the trunk of a car.
For the better part of the decade, TruePosition has had contracts to provide E-911 services with AT&T (signed originally with Cingular in 2001, which AT&T acquired) and T-Mobile (2003). As more and more 911 calls came from mobile phones by definition not linked to a fixed address the Federal Communications Commission required wireless providers provide precise location data to emergency call centers. The accuracy requirements for E-911 top out at 300 meters. TruePosition says U-TDOA is accurate to within 50 meters. (The FCC met on Monday to consider changing the standard the reason, Varano says, he granted me an interview.)
We can figure out which phone disappeared at the time of the detonation. We can find the triggerman.
But TruePosition soon saw a growth market in a field where U-TDOA had relevance: the expanding, globalized field of homeland security. It really was recession-proof, Varano explains, because in many parts of the world, the defense and security budgets have either maintained where they were or increased by a large percentage.
That realization led the company to explore U-TDOAs potential for as a security tool, as its the rare terrorist or criminal who doesnt have a mobile device. LOCINT was born in October 2008. Imagine, a LOCINT primer on TruePositions website explains, An explosion destroys an oil refinery who, exactly, was inside the facility prior to the explosion? If theyve got a mobile device, U-TDOA-enabled geofences can answer the question.
Or consider the value that U-TDOA could have for finding networks that build and detonate homemade bombs. If the bomb is detonated with a cellphone as Iraqs bombs were, before jamming tech neutralized them we can go back into the cellular network and figure out which phone disappeared at the time of the detonation, Varano says. We find which phone called that phone thats our triggerman. Then we find which phones they called the initial suspects. If they held onto that phone, wed be able to see who that phone contacted. And where they are now, in real time.
This isnt something TruePosition does itself. It had nothing to do with the location-gate scandals that plagued Apple and Google earlier this year, when both companies conceded they collected and stored geodata from iPhone and Android phone customers. All the company does is enable a geolocation security system for its clients to use. How they use it is up to them and the relevant laws of the countries that employ it.
But geofences might be legally problematic inside the United States. Law enforcement cant just set up blanket location surveillance of mobile phones around a particular area; courts have to sanction surveillance around specific phones. The fences, however, would approve specific authorized phones; but any unauthorized phone that enters the fence triggers an alert.
It would be hard for the companys tool to distinguish the terrorist from the tourist, says Greg Nojeim, a senior counsel with the Center for Democracy and Technology in Washington.
And what if the governments using TruePositions gear arent so scrupulous about following laws, or respecting the civil liberties of their citizens? In the U.S., even after the Patriot Act and the FISA Amendments Act, law enforcement and intelligence agencies still dont have unfettered abilities to turn a cellphone into a homing device, or to trace a web of connections between callers or SMS recipients. If, say, Syrias Bashar Assad had TruePositions technology, could he use it to determine whos participating in anti-government protests?
Correct, Varano says, if it was deployed in that region. He adds, however, weve never run into anything like that.
Varano wont specify which governments use TruePositions LOCINT tools. I have to be nebulous about where its actually being deployed, he says. That includes inside the United States. We do not disclose who is currently using TruePosition LOCINT, Varano says, but adds, U.S. government [agencies] have not bought anything from us, and dont write a check to us. But, he says, the companys various outposts (London, Dubai, Miami) pitch LOCINT solutions to countries from Europe to the Middle East to Latin America to the Carribean.
And if some repressive governments are in that mix, TruePositions position is that what they do with LOCINT is on them.
Were providing this tool to governments and its the governments onus to adhere to laws on its use, Varano says. In western countries, he says, warrants, court orders and other safeguards prevent LOCINT abuse. But surveillance works differently elsewhere: Its not being used like that in the U.S. or western societies, but in other parts of the world, the capability of doing mass tracking is possible.
It would be hard for TruePositions tool to distinguish the terrorist from the tourist.
Thats what worries advocates for foreign dissidents. This seems to be integrated a little bit deeper and the operator is fully complicit in the situation. It makes it more difficult for activists, for sure, says Nathan Freitas of the Guardian Project, which designs anonymity tools for mobile users. Vodaphone Egypt would only go so far to violate the rights of the Egyptian people it shut the network down, but beyond that, they dont have a fire hose out of a data center. U-TDOA could be a firehose-type product. Again, Varano says the companys never encountered such a situation.
An FBI spokesman, Christopher Allen, was unfamiliar with TruePosition, and invited Danger Room to file out a Freedom of Information Act request. Department of Homeland Security officials didnt respond to repeated requests for comment. AT&T didnt respond to an inquiry. T-Mobile USAs director of external communications, Hernan Daguerre, confirmed the companys relationship with TruePosition but wouldnt comment beyond saying, Well continue to monitor and evaluate advances in all E-911 location solutions to ensure the safety of our customers.
Federal contractor databases dont show any contracts between TruePosition and government agencies, with the exception of a 2006 deal with the General Services Administration (cancelled in 2009) for computer services that appears never to have been actualized. Varano, initially unfamiliar with the contract, explains, We originally signed up to be part of the GSA in 2006, but nothing ever came from it. Joining the GSA Schedule is what allows companies to compete for federal contracts.
Varano didnt directly answer whether TruePosition intends to seek U.S. government contracts or is content to peddle LOCINT abroad while remaining an e-911 company at home.
At home, the courts are currently deciding whether geolocation tracking by law enforcement requires a warrant, and theres legislation moving on Capitol Hill to settle the question in the affirmative. Should U.S. homeland security or intelligence officials make use of TruePositions LOCINT, they may have to go through a judge first.
But for this global geolocation company, the worldwide interest is piling up.
We do go to a lot of defense and security trade shows, Varano says. Once people hear about the capabilities they know cellphones are being used by bad guys doing bad things their eyes widen and jaws drop. Typically, the deals grow in terms of the geographical area they wanna cover and the number of government agencies that want access to this type of intelligence.
http://www.wired.com/dangerroom/2011/07/global-phone-tracking/all/1