Unredacted APD #OpWardrive Documents

High-tech law enforcement under scrutiny
High-tech law enforcement under scrutiny

This post concludes EFF Austin’s investigation of DART’s #OpWardrive; here’s our initial post, announcement of operation cancellation, and update on the open records request.

In our last post, we summarized our inquiry into the City of Austin Police Department’s Digital Analysis Response Team’s (DART) Operation Wardrive, concluding that it was now up to the City to provide the documents responsive to our open records request which the Office of the Attorney General (OAG) declared were not exempt from disclosure. In a letter dated December 16th (notably well within the ten calendar day deadline initiated on December 13th), the City of Austin responded by postal mail with copies of the remaining documents.

Here’s the cover letter and documents:

Operation Wardrive Open Records Request – City of Austin Response – December 16, 2011

Included were two new documents: an “Operational Briefing” and a “Synopsis of Operation.” The operation objective is worth reproducing in full:

Operation Objective
Crack down on unsecured wireless networks in residential neighborhoods.

The Austin Police DART Unit plans to conduct a ‘wardriving’ mission around select Austin neighborhoods in an effort to educate its citizens to secure their wireless networks.

‘Wardriving’ refers to the technique of searching for unsecured wireless networks by driving the streets armed simply with a laptop or smartphone seeking network connections. When unsecured networks are found, the Police detectives will pay a friendly visit to the household or small business, informing them of the risks they are exposing themselves to and attempt to assist in securing their wireless network.

The Synopsis provides a little additional information:

Detectives should log the locations where they have made contact with residents and identify them on provided activity sheet.

There are a few items worth emphasizing here:

  1. EFF Austin requested “All documents and communications related to the selection and identification of Austin locations, neighborhoods, and/or individual citizens that will be targeted by ‘Operation Wardrive'”. The Briefing specifies target locations as “Austin Neighborhoods,” while the objective mentions “select Austin neighborhoods.” We are left to presume the neighborhoods selected would be left to the recognizance of DART detectives or decided and communicated off-the-record, perhaps during the 30-minute briefing on September 22nd prior to the operation.
  2. EFF Austin requested “All documents and communications related to the devices, software, and other technologies that will be utilized to identify Austin locations with unencrypted broadband networks.” The Briefing indicates wardriving may be practiced “simply with a laptop or smartphone seeking network connections” but does not explicitly declare this as the tools or techniques DART would be deploying.
  3. EFF Austin requested “All documents and communications related to the policies governing the protection and security of the information obtained during ‘Operation Wardrive'”. The Synopsis instructs detectives to log the names and addresses of individual citizens they paid “friendly visit[s]” to, thus creating public records of open wireless access points – one of EFF Austin’s original concerns.
  4. Perhaps most revealingly, EFF Austin requested “All documents and communications related to The City of Austin’s, Austin Police Department’s, the Digital Analysis Response Team’s, or other Austin governmental agency’s recommendations and/or suggested practices for securing wireless broadband networks.” We did not receive a single document, nor can we find a single sentence responsive to this inquiry, leaving one to ask: how could DART “Crack down on unsecured wireless networks in residential neighborhoods” if the City of Austin was unable to locate a single document explaining how citizens or detectives are supposed to go about securing those networks?

Perhaps DART detectives have received special training towards that end…

Standard Operating Procedures

The last document included in the City’s response was an unredacted version of the APD DART Standard Operating Procedures (SOP), available in the embed above. The City provided EFF Austin with a redacted version of the SOP while appealing to the Office of the Attorney General, insisting that disclosure might interfere with law enforcement and crime prevention efforts. The OAG disagreed, forcing the City to release the complete document. It is an interesting read we encourage you to review, revealing the marching orders of one of the most venerable computer forensics and cybercrime prevention units in the country.

Within the previously censored sections of the document, EFF Austin found an item that might be worth further exploration.

The duties of the Sergeant of DART, the ranking officer of what appears to be a team of five detectives, are described in section .05.C.1 under “Personnel Duties, Authority, and Responsibilities.” Item “aa” on page 5 states:

Act as unit coordinator with the Austin Metro High Tech Foundation (AMHTF) Board of Directors:

  1. Prepare annual budget for December meeting which projects anticipated expenditures of the AMHTF monies over the upcoming calendar year.
  2. Supervise expenditures of these budgeted monies over the budget year and authorize all expenditures from these monies.
  3. Prepare annual reports for the board of directors meetings itemizing budgeted expenditures for the previous year.
  4. Prepare reimbursement request(s) for the AMHTF, as needed, to recover monies from authorized expenditures. Provide a receipt for all items in the reimbursement request.
  5. Authorize disbursements from and provide accounting on the travel and training fund provided by the AMHTF.

What is the Austin Metro High Tech Foundation? Some historical perspective can be found at what appears to be the Foundation’s most recent website, a lonely Geocities relic worthy of review for its quirky mid-90’s Internet aesthetic alone. Quoting from the site:

The Austin Metro High Tech Foundation (AMHTF) is an organization founded by local companies and law enforcement personnel to battle high-tech crime in the Austin Metro area. The Foundation began in mid-1994, when seven area security managers decided to join with local law enforcement to form a policing unit dedicated to investigating high-tech crimes.

Since 1994, the Foundation membership has grown, along with the expertise of the law enforcement personnel assigned to high-tech crimes.

And what does the Foundation do – or rather what did the Foundation do at this time?

Foundation members provide funds, training and in-kind donations to support the law enforcement community’s high-tech crime efforts. The funds are used for education, equipment and travel required by law enforcement personnel. The benefit to members is the increase in prosecutions and restitution associated with high-tech crimes.

This 1999 LA Times story (“Tech Firms Pay Police Agencies to Fight Cyber Crime”) mentions the Austin foundation, and its byline (“Law enforcement: Intel funds sheriff’s unit that chases computer pirates. Some fear conflict of interest.”) hints at reasons why AMHTF may opt for a low profile.

This is not to say funding from the Foundation is without cause or merit; from the article:

When losses mounted from armed robberies at computer chip plants in Austin in the early ’90s, the city’s high-tech companies decided to finance a private nonprofit group to train officers to deal with the problem. Through the Austin Metro High Tech Foundation, firms including IBM and Dell Computer Corp. annually donate up to $10,000 each for investigators’ training, travel and equipment.

In return, businesses–including Applied Micro Devices, National Instruments and Motorola Corp.–say they expect law enforcement to treat computer crime as seriously as drugs and gang violence.

In 1999, according to the article’s author, public sentiment was decidedly mixed on the appropriateness of private corporations funding specific law enforcement efforts narrowly focused on crime prevention within their business sector. Is that the cause for AMHTF deciding to assume a low public profile? Is that the reason why public servants of the City of Austin attempted to perpetuate the Foundation’s low profile through selective application of the secrecy attendant on the darkness of redaction?

In the cleansing sunlight, perhaps we’ll see.

APD #OpWardrive Open Records Update

Official seal of the Office of the Attorney General of Texas
Official seal of the Office of the Attorney General of Texas

In late September, the Austin Police Department (APD) aimed to identify open residential wireless access points around the city and educate their owners about the risks of providing free Internet access. The initiative, dubbed Operation Wardrive, was announced by an APD Public Information Office press release which was quickly picked up by local ABC-affiliate KVUE. Word circulated throughout the community and back to local officials, who quashed the nascent effort by APD’s Digital Analysis Response Unit (DART) prior to deployment. It remains uncertain whether the project will be restarted.

One facet of the community response to #OpWardrive was an open records request filed by EFF Austin with the City of Austin’s Communications and Public Information Office on September 21st. We made ten distinct requests for information, ranging from details about the inception and planning of the initiative, to the technologies and techniques DART intended to employ to reliably associate an omnidirectional access point signal with a particular residence in a densely populated metropolitan area.

Why did we make these requests? If the Austin Police Department gathers data about open wireless access points operated by local citizens and organizations, we think it’s important to have a full and complete understanding of both intention and process. How will this data be used? Where will it be stored? Will it be retained and mapped? Is there a surveillance aspect to this activity? IF this activity is limited in scope, as suggested by one email we acquired suggesting that the wardrive would be only one time for a few hours, what is the target area, and why was it selected?

As compared to other states, Texas has admirable Open Records laws defined in Chapter 552 of the Texas Government Code. Conforming with § 552.301(b), the City of Austin (CoA) responded to our request on October 5th (within 10 business days) providing a handful of documents responsive to our inquiry while simultaneously requesting a decision from the Office of the Attorney General (OAG) on the disclosure of additional records.

Operation Wardrive Open Records Request – City of Austin Response (Oct 5, 2011) – Letters

The documents withheld are alleged to fall under the protection of the attorney-client privilege (§ 552.107(1)) or potentially interfere with law enforcement and crime prevention efforts (§ 552.108(b)(1)). The documents provided to EFF Austin included emails discussing the Operation Wardrive press release and a heavily redacted document detailing APD DART’s Standard Operating Procedures (SOP).

Operation Wardrive Open Records Request – City of Austin Response (Oct 5, 2011) – Records

The Texas Attorney General had 45 business days to issue a ruling on the CoA’s request, and dutifully responded on December 13th (EFF Austin opted not to exercise its right to comment in support of the release of the requested materials as described in § 552.304). The Office of the Attorney General concurred with the City of Austin concerning records protected by attorney-client privilege, but did not entirely agree with the assertion that the remaining documents could be withheld for fear of disrupting law enforcement efforts. The remaining documents include an “operational briefing” and the redacted sections of the SOP (with the exception of the cellular phone numbers of DART detectives, which are wisely protected pursuant to Open Records Decision 506 at 2 (1988)).

Operation Wardrive Open Records Request – Attorney General Response (Dec 13, 2011)

The City of Austin now has ten calendar days to either provide the requested information or access to it, or contest the OAG’s decision in court. We’ll post updates as the story unfolds.

Next Meetup: Sandy Stone on “Online identity and the fight for cyberfreedom”

Anonymous, ZModem, and Whiskey
Anonymous, ZModem, and Whiskey
Image Credit: Jacob Dexe - "Hacktivismen som demokrativerktyg"

“How in Hell Did We Get Here?: Online identity and the fight for cyberfreedom in the age of the Military-Industropolitical Complex”
by Allucquére Rosanne (Sandy) Stone

A fast-forward, semifictional history of online identity, with particular attention to the present collisions of massive political power and individual and collective agency, including how the speaker was transformed into a cat and survived the Great Hurricane of ’39 to become complicit in a Mexican Revolutionary Movement; with Graphical Illustrations, Extremely Bright Lights, and the Sound of Explosions. Maybe.

DATE: Thursday October 6th 7-9pm
NEW LOCATION: B.D. Riley’s Irish Pub and Restaurant [ @BDRileysAustin ], 204 E. 6th Street, Austin, Texas 78701; between Brazos and San Jacinto. We’ll be meeting in a dedicated space towards the back.
RSVP: Plancast
HASHTAG: #EFFatx

Allucquére Rosanne (Sandy) Stone [ website, wikipedia, cyborg anthropology entry ] is an academic theorist, media theorist, author, performance artist, and general troublemaker. She is Professor Emerita in the College of Communication at the University of Texas at Austin and Founding Director of the Advanced Communication Technologies Laboratory (ACTLab) in the department of Radio, Television and Film. Concurrently she is Wolfgang Kohler Professor of Media and Performance at the European Graduate School (EGS) and Founding Director of the radical new Experimental Media program ACTLab@EGS, senior artist at the Banff Centre for the Arts, and Humanities Research Institute Fellow at the University of California, Irvine. Stone has worked in and written about film, music, experimental neurology, writing, engineering, and computer programming. She is transgender and is considered a founder of the academic discipline of transgender studies, is the author of numerous books, novels, and essays, has been profiled in ArtForum, Wired, Mondo 2000, and many other publications, and Jon Lebkowsky has referred to her as “a force of nature.” She loves chocolate, cats and, apparently, getting herself into hair-raisingly scary situations from which escape is nearly impossible. Nevertheless she finds time to be a loving wife, boon companion, caring mother, and exemplary grandmother, while still running the hell all over the world to perform at conferences in too many disciplines to mention.

B.D. Riley’s on 6th Downtown

Map