I was recently in a discussion concerning the type of process needed for law enforcement to obtain a tower dump from a service provider. A tower dump allows police to request the phone numbers of all phones that connected to a specific tower within a given period of time. Beyond this list, law enforcement could also request customer information, allowing them to match the cell numbers with a specific customer's name, address, and other account information.
Under the Stored Communications Act (SCA), information can be obtained from phone companies (and other service providers) by use of a subpoena, 2703(d) order, or search warrant, depending on the type of data requested. For example, a subpoena can be used to obtain basic subscriber information. However, account logs and transactional records require a 2703(d) order - which requires specific and articulable facts to believe the records are relevant to an ongoing criminal investigation.
So the question to my readers is this - what type of process is required for a tower dump? We're just curious as to how easily phone companies are giving the information away. The specific and articulable facts standard seems too high for a tower dump, but a subpoena doesn't exactly seem sufficient. Or does a tower dump even fit under the SCA since that report alone only gives away phone numbers and not account information? Please leave a comment to this article if you have any ideas.
Last month, the ACLU released a report on the use of cell site data by law enforcement. Click here for my earlier post.