The war on drugs has gone digital; but is it also a war on cellphone users?

That’s just one of the questions raised by an msnbc.com investigation into use of cellphone tracking data by local police departments across the nation. Msnbc.com built a database of thousands of invoices issued by cellphone network providers to cities after cops asked for caller location and other personal information between 2009-2011. The invoices were first obtained by the American Civil Liberties Union and released to the public earlier this month.

The database offers perhaps the first blow-by-blow accounting of several cities’ use of cellphone tracking as a crime-fighting tool and the potential blow to civil liberties that the requests represent.

While 200 cities responded to the ACLU, three cities -- Tacoma, Wash., Oklahoma City, and Raleigh N.C. – provided enough detail to paint a picture of how cellphone tracking data is being used in mid-sized police departments around the nation. Categorizing the thousands of pages of invoices supplied by the three municipalities provided some insight into why cops use cellphone locations and call records to investigate crimes and how much the carriers earn responding to these requests.

The tension between the war on drugs and privacy is most readily apparent in Tacoma, Wash., where the most frequent reason that police requested cellphone data over a two-year period was to investigate drug dealing, the analysis indicates.

In Tacoma, while many of the 139 requests for cellphone data from Jan. 1, 2009 through June 30, 2011 involved serious crimes –  including 37 murder investigations –  the most frequent charge listed as the reason for the request is “UDCS,”  or unlawful distribution of a controlled substance.  No additional details about those 51 requests, or the crimes behind them, were available. Police officials from Tacoma did not respond to requests for comment.

The bills run up by local detectives requesting cellphone data aren’t small. Tacoma spent $17,496 checking cellphone records during that time span or nearly $1 for every 10 residents. Police in Oklahoma City spent $9,033 on cellphone records checks during one three-month stretch last year, according to the data compiled by msnbc.com.  In Raleigh, officials made an average of one location “ping” request from just one carrier -- Sprint -- every three days during the second half of 2011. 

---

“Location data for cops is like a kid in a candy store,” said Mark Rasch, former head of the Justice Department’s Computer Crime Unit.  “It’s a wonderful investigative tool which is highly intrusive of personal liberty and our rules on privacy, and rules governing access to this are not only antiquated but confusing and conflicting.  Add to that a profit motive by carriers, and lack of sufficient oversight on law enforcement access to the records, and you have a prescription for, at a minimum, violations of civil liberties.” Rasch is now a consultant with Virginia-based cyber security firm CSC.

The ACLU notes that much of the cellphone location data is obtained without a warrant, meaning no probable cause hearing before a judge is required.  Many cops counter that subpoenas are always issued – and sometimes refer to these as court orders -- but Rasch said that’s a misnomer. They are often little more than a request form.

“Cops can have a pile of blank subpoenas in their desk drawer,” he said. Carriers normally consent to subpoena requests, but legally they don’t have to. If they refuse, a law enforcement agency is then required get a judge’s order to enforce the subpoena, a step that’s rarely taken, he said.

Tacoma officials deserve credit: Of the 200 cities that responded to the ACLU’s Freedom of Information Act requests, Tacoma’s documents provided the most detail and included an easy-to-read summary page. Research on other cities was far more laborious, and required sampling, which is why this report is limited to three months of Oklahoma City’s invoices from April to June of 2011, and six months of Raleigh’s invoices from July 1-Dec. 31, 2010.  For consistency, the date used for all records indicates the date the invoice was filed, not the date of the crime or the date that police requested the data.

The study involves only local cops; federal authorities file their own cellphone location requests and wiretaps, which were not considered in this report.

It’s important to note that many invoices did not include an amount. In Tacoma, about half the amount entries for the 139 requests were left blank. It’s unclear if that means the request was filled for free or if the data entry was incomplete. That means the dollar totals published here could be far lower than the actual amount paid by the city.

If Tacoma’s experience is typical  – which isn’t clear – cellphone companies are earning millions of dollars fulfilling local law enforcement’s cellphone records requests. If Tacoma’s rate of nearly $1 per 10 citizens were extrapolated nationwide, cellphone companies would have billed local cops roughly $30 million from mid-2009 to mid-2011.

There are about 25,000 municipalities in the United States. Most have their own police force, and that total wouldn’t include county and state law enforcement agencies. If each one averaged $1,000 in requests – far less than Tacoma’s $17,496 –  that would total $25 million. Cellphone companies, as we’ll see below, have real expenses associated with data lookups, and they often fulfill life-or-death requests for free. Still, with $2,500 invoices being sent to towns across the country, it’s clear there is real money being made.

“I think that this data confirms that cellphone trapping is a routine law enforcement practice, not only for serious crimes but for more routine crimes ,” said Catherine Crump, the ACLU lawyer who ran its investigation. “It is integrated into the law enforcement’s everyday arsenal, and that makes understanding what data law enforcement uses, and making sure that this complies with the Constitution, all the more important. … This is first look we have to see how pervasive  this practice is.”

Raleigh, Oklahoma City details
Raleigh and Oklahoma City offered less complete data, but enough information to provide a glimpse of the kind of requests being made.

In Raleigh, we narrowed the study to one carrier – Sprint – for the last six months of 2010. Here’s what we found: Police made 59 requests, or about one every three days, and spent $2,300 over the six-month period, according to the data. Activity was most intense in the summer, with 17 requests in July costing $660. The vast majority of these requests were simple location “pings,” that cost $30 each, but there were some requests for voice mail and “picture mail” retrieval, which also cost $30.  The Raleigh invoices included scant detail, with only one bill including a hand-written note that said, “att. Murder.” 

“Other than noting that our investigative procedures comply with all applicable statutes, I don’t believe there’s anything I can add,” said Jim Sughrue, a spokesman for the Raleigh Police Department.

Oklahoma City police took the opposite approach, spending a lot on only a few requests. From April to June, 2011, the city received $9,033 in bills for data requests that went far beyond Raleigh’s location pings. One bill Oklahoma City received from Cox Communication totaled $2,500 for 60 days of “pen register/trap and trace” activity, which would ordinarily indicate police learned call details (but not call content) for every call placed to or from a target phone. That invoice, by the way, indicates a full wiretap costs $3,500 from Cox.

During this three-month span, the city made nine other requests for 24 days or longer of pen register/trap and trace data, including four additional requests for 60 days of data. Verizon billed the city $2,446 for five separate invoices dated May 13.

Capt. Dexter Nelson, spokesperson for Oklahoma City, said his department had gone to court and obtained permission for every cellphone records request invoice viewed by msnbc.com.

“In each of the cases in that document those were criminal investigation in which someone went before either a state or a federal judge to explain that case and the need to obtain that information … (and) to provide probable cause or reasonable suspicion,” he said.

The invoices indicate they are for subpoena compliance, but Nelson said carriers require a judge’s order to perform the more invasive pen register/trap and trace operation.

Nelson said he did not know if the invoices related to a single police investigation, or multiple investigations.

“Typically those are narcotics  cases, or it could be robbery, or it could be homicide. It could be any number of different types of investigations,” he said.

One back-and-forth e-mail discussion found within the city’s invoices between T-Mobile and police officials over pricing for the records requests offers insight into the kind of negotiations that occur between cops and carriers over data cost.

“The fees set are $100 per day for this tracking tool, capped at 10 days charge, or $1,000 per month. This is substantially less that our competition charges for their ‘per-ping’ GPS-base system, and again, there is no charge for non-criminaI/E-911 emergency support,” Michael McAdoo, T-Mobile’s director of law enforcement relations, wrote to city officials on June 6, 2008.

When city officials complained that some emergency requests – such as a life-or-death request to find a lost hiker or a missing child – and other communications should be free, then city Communications Technology Manager Lucien Jones made his case with sarcasm in a June 8, 2009, email.

“Let me see if I understand this: If a guy has an argument with his wife, pushes her down and runs off with her cellphone, we can track that phone free,” he wrote. “But if an armed robber kills his victim and takes their cellphone, and continues to commit a string a robberies, then the attempt by dispatchers and patrol officers to correlate 911 data of the next robbery with cellphone location data constitutes an "investigation," and we gotta pay $100 bucks a day .... Oh, but if the killer develops shame and depression and threatens suicide, then it’s free.”

McAdoo of T-Mobile offered this retort on June 10.

“In the first scenario with the guy who pushes his wife and takes her cellphone, we would only assist in tracking this person if served with a valid … ‘reasonable and articulate facts’-type court order to do so,” he wrote. “We would have no "reasonable belief of a threat to life or serious bodily injury" to allow us to legally locate this person as an emergency exception. In your court order, the judge would likely order reasonable compensation and our charge would be $100/day.  In the second scenario, we would immediately respond without an order as we would have a belief that, if left unchecked, this series of crimes might escalate into another killing, and yes we would charge $100/day for that response. In the third scenario--or in any suicide-prevention call from a  PSAP -- we would (and do many times each night) attempt to locate the person immediately and do so free of charge. And in any other lost hiker/missing motorist/missing juvenile/wandering Alzheimer's/Iost medivac helicopter/capsized boater/stranded mountain climber/etc. event, we would immediately assist at no charge (and do so probably hundreds of times each week), unlike some other national carriers which charge $100 per ‘ping.’”

Request by carrier, other data from Tacoma
The clearest picture of what goes on in medium-sized U.S. cities comes from Tacoma, however.

While there are a couple of big-ticket requests, many are for around $30. For example, in 2010, 10 of the 38 requests were for quick-hit, single $30 location "pings."

AT&T fulfilled the most requests – 45 – while Sprint and T-Mobile each filled 36, and Verizon 15.  There were also single requests filled by Facebook and MySpace.

After drug crimes and murders, there were 16 assault-related requests, seven robbery-related requests, five rape-related requests, four involving an endangered child and two related to finding a material witness.

There was also one invoice filed regarding a crime labeled “theft of a city laptop.” No additional information was available.  

Other information in the Tacoma data:

There is $850 bill from AT&T for a robbery/rape investigation in late 2009.  That's $100 for "location activation" and 30 days of daily tracking at $25 each. Just like consumers, law enforcement agencies get hit with setup fees.

The biggest single bill in Tacoma is for $1,300: 13 days of “E911 locator” at a flat $100 per day in mid-2010. The listed crime is UDCS, or "unauthorized distribution of a controlled substance."

Rasch said he wasn’t surprised by the volume of requests. If anything, he thought the numbers were low.

“I can’t imagine any case where location data wouldn't be important. The temptation to use and overuse this data is very strong,” he said.

He also said he’s not opposed to its use.

“It's not that (I) don't want them to have the data. In some cases, we want them to have it faster,” he said. “But we want it to be accountable. We want legal standards, procedural standards, and we want more openness about what they are doing.”

Both Rasch and Crump, the ACLU attorney, expressed  mixed feelings about the carriers’ earnings from law enforcement request, which are clearly substantial but might not be profitable. Both said they wouldn’t want carriers to charge any less, because the fees act as a natural barrier to abusive data gathering.

“The amounts give a good sense of how massive (the carriers’) facilities are for processing and handing over this customer data,” Crump said. “But it is good that carriers charge. If this were free, there would be a lot more of it.”

Rasch pointed out that U.S. officials and citizens haven’t yet settled on the debate about whether location data is private or public information, further confounding the constitutional issues raised by police cellphone tracing requests.

“FourSquare is doing this 50,000 times a day,” he said. “This data just involves cellphone carriers – there are dozens, if not hundreds, of other people know where you are – EZ Pass, Google, and so on. There are plenty of other ways for authorities to find you.”

He favors a system that would require cellphone carriers to inform customers – even after the fact – that law enforcement has obtained their location or cellphone call data.  And while he’s in favor of its use for investigating serious crimes, he said routine use of cellphone data to enforce the law could lead down a slippery path.

“Once you say that criminals have no rights, where do you stop?” he said. “For example: You claim your car as a deduction on your federal taxes. Would it be OK for the IRS to subpoena cellphone records to see if you are correctly logging your miles?”

*Follow Bob Sullivan on Facebook     
*Follow Bob Sullivan on Twitter.

 

Giselle and Zenayda Sedano of Cranford, N.J., never had a chance of keeping the rampaging waters of the Rahway River out of their home when Hurricane Irene roared through northern New Jersey in August. Now they are wondering if they ever had a chance to get any of the $21 million that the Federal Emergency Management Agency sent to help New Jersey’s flood victims.

We first met the Sedano sisters a day after the hurricane hit on Aug. 28, causing the Rahway River to breach containment and wreak havoc in their suburb of Cranford, where about one in five homes were damaged. They were picking through all of their worldly belongings and looking for something, anything, that wasn’t completely waterlogged. 

Now, more than eight months later, they are wondering why they didn’t receive any federal disaster aid to flood-proof their home, which is only about 100 feet from the river, while some of their neighbors who live farther from the water are getting nearly $200,000. Other Cranford residents are asking similar questions.

---

“There are homes in plain sight of mine that were selected which I will have to witness get elevated. But I'm right next to the river. I just don't understand," Giselle Sedano said. "It’s so hard waking up every day not knowing what’s going on."

The controversy highlights the challenges that FEMA and local officials face as they try to plan ahead and minimize future flood disasters.

Msnbc.com profiled the Sedano sisters in August when writing about the towns hit hardest by Irene. Giselle is a hedge-fund analyst and Cornell graduate; Zenayda works in the pharmaceutical business and is a Rutgers graduate. The two successful 20-somethings pooled their resources to buy a home in 2009, soon after they graduated from college, so they could move with their parents to Cranford.

Their parents came from Peru in the 1980s with nothing other than the clothes in their suitcase. Irene left the entire family in a similar fate; mom, dad, and the two sisters had little left outside the clothes they took when fleeing to a nearby hotel right before the Irene hit.

Nearly six months to the day after the storm, New Jersey Gov. Chris Christie announced that FEMA had awarded the state $21.6 million through its Hazard Mitigation Grant program. The money was promised to seven municipalities hit hard by the storm; Cranford received $3.1 million for "the elevation of select dwellings."  At around the same time, some Cranford residents began receiving phone calls saying they'd been selected for elevation grants. Others, including the Sedanos, heard nothing.

Like dozens of other Cranford residents, the Sedanos had responded to a notice last fall from the township indicating they'd like to participate in the elevation grant program. It's not cheap; even with the grant money, residents have to pay 25 percent of the cost.

Neighbor Kristen Wolansky also requested elevation aid, but she said the township never even acknowledged receipt of the request.

"There was no confirmation that your name was received. The information was just submitted into a void," she said.

The list of lucky homeowners isn't public -- "winners" were notified only by phone call, said Wolansky. But she and another frustrated Cranford resident, Steve Gorski, have pieced together a map based on conversations with neighbors. While unofficial, it shows several homes around the Sedanos' house receiving aid.

It makes sense for FEMA to flood-proof homes that are subject to repeated disasters. Like most flood victims, the Sedanos paid to participate in the National Flood Insurance program – in their case, the premiums were $2,015 annually. Elevating homes -- or purchasing them outright and making them into parkland -- is cheaper in the long run than continuing to pay pricey settlements every 10 or 20 years.

But there's not nearly enough money to buy out or elevate every home in danger -- only about 1 in 10 homes statewide in risky areas will receive funds from the $21 million FEMA grant, New Jersey state officials say. That means there's always a lot of disappointment when flood relief grants are doled out.

But the process for picking winners and losers raises questions. Ultimately, local officials decide which residents get the aid. There are complex considerations, such as preserving the character of neighborhoods, which are best left to local officials. But that also leaves them open to criticism and accusations of political patronage.

Compounding the problem are privacy requirements surrounding the process. Because participation is optional, and residents can decline the aid, the list of selected homeowners remains a secret until contracts are signed to begin work. That also means families like the Sedanos have no real avenue for appeal.

FEMA’s Hazard Mitigation Program has benefitted communities around the country. The state of Vermont received post-Irene buyout and elevation grants of $19.8 million, for example.  But the program also has a spotty history. More than $1 billion was set aside for land acquisitions and home elevations after Hurricane Katrina in Louisiana, but arguments over how to implement the program delayed the awarding of any grants for two years – and by 2008 – three years after the monster storm -- only 14 grants were paid out. Claims of contractor fraud also complicated that awards process.

By that measure, the post-Irene grant process is moving swiftly in New Jersey. Still, the Cranford secret has been kept for a while -- the homes picked by Cranford officials had to be included in the town's initial application for aid, which was filed sometime in the fall, according to state officials.

FEMA directed questions about the New Jersey grant process to state officials; the governor's office directed questions to the state’s Office of Emergency Management.

Mary Goepfert, spokeswoman for that agency, explained the process to msnbc.com.

"The homeowners have to stay private because if they don't participate, and their name is on a list … their home would be severely devalued," she said.

Goepfert said local officials must show that the choice of winners is "financially advantageous" -- that is, a buyout or elevation project must be cheaper than expected future insurance payouts. But otherwise, home selection is entirely up to municipalities, she said.

"For instance, it might make more sense to buy out three, four, five or six houses in the same neighborhood than it would to buy a house here and a house there,” she said.

But what if a resident who wasn't selected feels the process was unfair?

"That's a question for the municipality," she said.

Cranford Mayor David Robinson said he understands why some residents might be frustrated, but said the municipality initially tried to get enough money to elevate about 50 homes and was told by federal and state authorities to tone down its application.  Right now, 18 homes are slated to get elevation aid, and another five are selected as alternates in case others back out.

"We're going to go neighborhood by neighborhood and try to get all of them elevated," he said. "It's just a matter of which homes get first priority. That's what we really focused on." The town plans to apply for additional elevation grants in the future, he said.

This time, municipal officials looked at prior loss history, past flood claims and other data when picking the homes, he said, admitting that some of that data is incomplete.

"We've also found instances where people may have had private flood insurance, and we discover that's a blind spot not included in (our) loss data," he said. "We're working hard to fix that. ... (This time) we focused on homes closest to the river and going neighborhood by neighborhood with the loss data that we had." 

While the 18 "winning" homeowners and 5 alternates have been informed, he said there is no process to tell disappointed homeowners that they weren't picked, or why.

And how should a homeowner like Sedano feel if they feel left out, while neighbors benefit?

"If it's a next-door neighbor, maybe the explanation was that their loss data didn't fit into the cost-benefit analysis that was being worked on at that point," he said. 

The "losers" must simply trust that the selection was fair. The data -- and the reason for the selections -- remains private.

There is one public curiosity about Cranford's aid grant. The other six cities that were promised post-Irene grants all elected property buyouts; Cranford was the only municipality to pick home elevation.  That can be far less disruptive for homeowners, of course, because they don’t have to move. Elevation benefits the town's tax coffers, too, Goepfert said.

"With a buyout, those properties are written off from the tax ratable base," she said.  "But why Cranford chose elevation, you'd have to ask them."

Mayor Robinson said no one in the town expressed interest in a buyout.

All this mystery might be over soon. Goepfert said post-Irene aid was fast-tracked, and she hoped contracts for construction and buyouts would be signed within a month. Then, the list of winners and losers will be made public, she said.

For now, the Sedanos are slowing putting their lives, and their home, back in order. Most of the basic reconstruction of their home has been completed, and the family has moved back in, albeit with sparse furniture. They celebrated Easter Sunday at home this past weekend, their first meal in their rebuilt dining room since the flood.

"There were a few tears during dinner," Giselle said.

But the view of the river out their window, which once brought a sense of tranquility, now only brings trepidation. And until the list of to-be-elevated homes is published, the Sedanos are forced to wait and wonder why they weren't chosen.

"We find it totally unfair. Our home is directly in front of the river," Zedayna said.  

Here’s a handy list of credit card charges that consumers have complained about during the first part of 2012. Do any of them appear on your credit card? Read on to find out why you should probably pull out your statements and check them.

There’s a steady stream of new and clever ways for frustrated consumers to find each other online, make collective noise and get satisfaction. Among the more intriguing is BillGuard.com, which does for your credit card bill what a spam filter does for your email. 

Members sign up and let BillGuard scan their credit card statements for potentially fraudulent charges, billing errors or hidden, unexpected fees. The firm then asks consumers if they wish to tag the charge as suspicious. As soon as enough consumers say there’s a problem with a charge, all BillGuard members are warned and a suspicious-report web page is generated.     

---

Founder Yaron Samid, a startup vet who was part of the team behind Register.com, said he got the idea for BillGuard after he nearly was taken in by an automated fee that appeared on his credit card bill.

“Two years ago, I found out I was paying $10 a month for a post-transaction coupon scam after my wife bought concert tickets,” he said “When I Googled the charge, I saw countless blog posts, complaint boards and tweets screaming about the same "hidden fee." Turns out millions were duped by the same scam and were complaining about it online and to their banks. So why wasn't I told?”

Samid and partner Raphael Ouzan, a financial data security expert, set out to build a system that would harness “collective consumer knowledge” and allow credit card users to share this kind of information with each other. BillGuard also monitors other complaint-related websites and social media services for signs that a company might be misbehaving.

Customer surveys show that about 90 percent of credit card users fail to scan their bills carefully each month, so a proactive alert system is essential, he said.

To see if the system really works, we asked Samid to share with us 10 potentially problematic charges that BillGuard warned consumers about in the first quarter of 2012.

Then we contacted the 10 companies involved to see if the warnings were warranted. We’re publishing 9 of the 10 here – the tenth requires additional investigation.

The list is varied, ranging from a small company that’s sending out $500 gift cards with a catch, to a magazine empire that’s generating complaints through the way it signs up new subscribers. Several themes run through the list, including the dreaded “negative option,” which relies on consumer laziness to pile on monthly charges, to the third-party “data pass,” which leaves many consumers wondering, “How did this company get my credit card number?”

BillGuard’s statements, and the company responses, are listed below. Next to each company name is the charge as it’s listed on most consumers’ credit card bills, which is clickable to BillGuard’s complaint page about the company. Check your credit card bills to see if any of these items appear, and consider disputing them.

 

1) ShoeDazzle - SHOEDAZZLE.COM, INC. SANTA MONICA CA

BILLGUARD: “This hugely popular merchant was flagged by a user of ours who alerted us to their dubious usage of a negative-option membership model in order to charge you monthly. Upon your first purchase, ShoeDazzle “subscribes” you to their service. From that point on, you’ve agreed to be charged $39.95 every month unless you log into ShoeDazzle and click a “skip this month” link. Don’t “skip” in time, and you’re charged. In other words, you have to take action to avoid being charged. The terms and conditions explaining this subscription service are hidden at the bottom of the checkout screen in the fine print. Based on our findings and our users’ complaints about this unethical membership practice, we now propagate this information to our entire user base.”

RESPONSE: ShoeDazzle, which made a name for itself in part because of its affiliation with Kim Kardashian, says it no longer requires customers to subscribe to its service and no longer assesses a monthly charge. The firm announced the change in late March.

“Under the old model, we did communicate the process in a How It Works video, in Terms and Conditions, via email upon purchase, through our Client Service team,” said John Tabis, vice president of strategy at ShoeDazzle. He then invited us to forward any complaints that BillGuard received to him. “We are always seeking ways to improve, and we appreciate the feedback.”  

 

2) Zbiddy -- ZBIDDY.COM 877-403-6981 FL 

BILLGUARD: “Zbiddy is a penny auction site. Participants must pay a fee in order to place a bid. Every bid placed extends the allotted auction time. Due to their high profitability and cheap set-up costs, penny auction sites have been growing steadily over the past few years. Zbiddy was a relative newcomer to the scene a few months ago but has already garnered a reputation for practicing shill bidding (bids placed with intent to inflate auction price) in order to drive up prices and extend auction length. We found this out when we were monitoring the trending scams on Google.”

RESPONSE:Two e-mails to ZBiddy’s customer service were answered only by auto-generated responses, like this:

“We have received your request. Your email is very important to us. We will answer your specific query within the next 24-48 hours. Answers to most of your questions can be found out by visiting our FAQ section. Best regards, The ZBiddy Customer Loyalty Team.” One week after the first e-mail, we hadn’t received a response.

UPDATE, April 23, 2012: Seth Dillon of ZBiddy contacted msnbc.com and offered the following response:

"I've reviewed and responded to the complaints on the BillGuard website. Thank you for bringing those complaints to our attention. .. (It) is not accurate that we have a reputation for shill bidding. ... ZBiddy does not now - nor have we ever - engaged in any unethical bidding practices to artificially inflate the cost of items on our site. With respect to the complaints about unauthorized charges, please note this reply, which has been posted on BillGuard: "To place bids and win products on Zbiddy, you must first register and purchase a bid package. This process is standard across the penny auction industry and is not exclusive to Zbiddy. If you have questions about the registration process, or if you were unaware that you were being charged at the time of your purchase, please contact our Customer Service department at 1-888-406-6509. Our friendly agents are standing by to take your call and help resolve your issue. The Customer Service Desk hours are Monday through Saturday from 8 a.m. to 12 a.m. ET."

 

3) Scoresense -- OTL*SCORESENSE.COM 800-679-6327 TXAP15CTE

BILLGUARD: “What Scoresense claims to offer are 'free' credit services such as credit score, credit monitoring etc., .... What actually happens is the following: The user feels safe in giving Scoresense their financial information in order to receive their 'free' credit report and usually fails to notice that the 'free' report lasts for a limited time, (after) which Scoresense uses the supplied financial information of the user in order to charge him monthly for a membership service.”

RESPONSE: A customer service representative who answered a telephone call told us to write to customercare@scoresense.com. An email sent to that address was answered only with an automated response: “Thank you for your email inquiry to ScoreSense.  Emails are typically responded to within 3 business days. If you have an urgent matter or wish to cancel your account please contact customer care toll free …” After 48 hours, we hadn’t received a response.

 

4) TWX/Synapse --- TWX MAGAZINE SUBSCRIPTIONS

BILLGUARD: “TWX/Synapse uses a data pass model in order to trick consumers into costly subscriptions. What happens in data pass models is the following: Consumers buy a product at a participating third-party merchant. The merchant may be a physical grocery store or an online shop. During or after the checkout process the consumer is offered a free trial for magazines of his choice. Assuming that the company offering him the magazine subscription does not have his financial information and that he is entering a 'no-risk' trial period, the user signs the dotted line. What he does not realize is that the financial information he supplied to the participating third-party merchant is passed on to TWX and will later be used to charge him for the magazines once the free trial ends, without any notice between the trial and paid periods.”

RESPONSE: “Our customers are incredibly important to us, as millions of them enjoy our services. Terms are disclosed clearly, including verbally if the sales environment is face to face.  Additionally, if consumers for whatever reason are dissatisfied, we work very hard to settle any issues to their complete satisfaction.  We have an A+ rating with the Better Business Bureau for these and other reasons. Please attribute to a Synapse Spokesperson.”

 

5) LendNet -- LENDNET 101

BILLGUARD: “Short-term daily loans is are a growing field. The lender typically offers a short-term loan for very high interest rates. In this instance, the merchant offers to find you a suitable short-term loan provider. LendNet is in essence a middle-man. In order to find you a good loan provider LendNet requests your financial information.  It then uses the supplied information to bill you for a service fee ranging from $30 to $50. You need to have super-human vision and at the very least a law degree in order to find this fee in the fine print of the terms and conditions. In addition to this sneaky fee, some users have also reported that they were subsequently given a loan from a third party without prior consent to the loan terms or conditions resulting in monstrous interest rates. 

RESPONSE: The website is now down; e-mails sent to it were returned as undeliverable. There’s a host of complaints about the site in other locations online, including this one.   

 

6) FreeShipping.com -- IC FREESHIPPING.COM

BILLGUARD: “FreeShipping.com offers to supply you with free shipping from various merchants for a flat monthly fee. The problem is that FreeShipping works with multiple third-party merchant affiliates who unknowingly subscribe you to a membership. During the checkout process with the third-party merchant there is a small button at the bottom of the page, usually opted in by default, and unless you notice it and opt-out, your financial data is passed on to FreeShipping and you are a monthly paying member.”

RESPONSE: Thomas Caporaso, FreeShipping.com CEO, said BillGuard’s description of the service was “simply untrue.”

“There is no way that we can collect any billing information from the user without them physically entering it into our member registration form,” he said. “When people register for FreeShipping.com, they must enter all of their information into our signup page, including their credit card number and billing address. The terms of the offer are presented clearly, immediately next to where they would enter their credit card information, explaining that they may cancel at any time within the 30 days with no charges to their card, and that after the 30 days are over, the subscription converts into a paid membership at $12.97 per month. They are also required to check a box agreeing to the terms of service before we are able to process their trial.  Lastly they may cancel at any time after that with no additional billing from us.”

Many of the complaints generated against FreeShipping.com involve third-party websites sharing consumer information with the service. Caporaso said those consumers are also informed of the cost.

“Regardless if the member goes directly to Freeshipping.com or through a third-party merchant the enrollment process is the same as outlined,” he said.

There are many complaints about FreeShipping.com across the web, such as at this page. To support its complaint about Freeshipping, BillGuard also pointed to this lawsuit against the firm, and noted that there are 341 complaints about the company on ComplaintsBoard.com, and 66 complaints on Scambook.com.

 

7) Cellulean -- CELLULEAN.COM

BILLGUARD: “A free sample of a miracle diet product! Unfortunately, as some of our users learned, unless you call them and request to opt out within a few days of placing your free trial order you are sent a second package for the pricey sum of $75. The main reason most users do not call to cancel their subscription is that they never knew they were enrolled in one to begin with. Cellulean requests your financial information during the checkout process of the free trial supposedly to cover the shipping costs. What they are actually after is your financial information so they may bill you monthly for their product.”

RESPONSE: An operator at Cellulean’s customer service center told us to write an e-mail to CEO Patrick Leddy. He sent this response: 

"Our website and offer meets all legal guidelines set forth by the Federal Trade Commission and the Electronic Retailing Association (ERA). In fact, we place our terms and conditions in full-size readable font right next to the ordering section, instead of hiding them at the bottom of the page (which is the FTC/ERA requirement).  We then go another step further, beyond the requirements, by placing a check box next to the order button, which states: "I am 18 years of age and agree to the Terms and Conditions".  The customer is not allowed to check out of the website unless this box has been checked.  Furthermore, we give the customer two direct purchase options, instead of just the free trial offer, allowing them to choose if they want to enter into the agreement, or simply buy the product with no terms or conditions. When a complaint has been made by a customer, stating they were shocked when they were billed, and never knew they enrolled themselves into such a program, we have to scratch our heads in wonderment.  This is a classic case where the customer attempts to pass blame on to the manufacturer, when in fact they entered themselves into a legal binding agreement - with their full knowledge and consent beforehand.  Customers are not forced to place an order, they do so freely on their own willingness, and should be accountable for their choices."        

 

8) Redstarworldwear -- SUNGLASSES-EYEWEAR 0

BILLGUARD: “Redstarworldwear is an online retailer of sunglasses and watches. They send out gift certificates “worth” $500 to unsuspecting consumers informing them that they have won a special prize. Joyful of the prize, the unsuspecting customer then goes to Redstarworldwear website and purchases as much as he can using his newly minted gift card. During the end of the checkout process the customer is informed that there is a separate shipping and handling fee that cannot be deduced from the gift cards value. The customer then enters his financial information in order to pay for the (that), which turns out to be a costly 9 percent of the order value. We were interested how valuable these supposed $500 gift certificates actually were so we had a look around eBay, they can be had for under $2!”

RESPONSE: The firm did not reply to two e-mails, but a section of its website offers an explanation for confusion over the gift cards, and makes clear consumers aren’t getting something for nothing.

“There is a 9% Service Fee (per item) that pays for all expenses that RedStar incurs to get the product into your hands. This 9% service fee includes: USPS First Class delivery, processing and handling and general overhead which includes; customer service, order processing, warehousing, labor, cost of goods and materials, profit and marketing.”

There are other complaints online about the firm’s gift cards.

 

9) Blizzard -- BLIZZARD ENT WOW SUB

BILLGUARD: “Blizzard, the hugely popular merchant behind the Warcraft series, is not a name that usually comes up in discussions on unfair charges. So we were surprised to learn of several complaints from our customers regarding unwanted charges from them. After investigating the matter we learned that Blizzard enables a phone billing option called PaymentOne PhoneBill. This billing option allows you to pay for Blizzard games and subscriptions by merely entering your phone number information in the account settings tab. Obviously, given the young age and lack of credit card availability to some its users, this option has a high potential for unwanted and unauthorized purchases by young family members.”

RESPONSE: Blizzard was unable to provide a response by press time.

 

*Follow Bob Sullivan on Facebook     
*Follow Bob Sullivan on Twitter. 

Why would the well-heeled suburb of Gilbert, Ariz., spend a quarter of a million dollars on a futuristic spy gadget that sounds more at home in a prime-time drama than a local police department?

The ACLU caused a stir Monday with its extensive report of cellphone surveillance by local police departments, which routinely request location information and other data from cellphone providers, often under vague legal circumstances.

But one bit of information provided by Gilbert officials suggests that cops sometimes try to cut out the middle man. Buried in the 380 public records requests sent by the ACLU is a response from Gilbert which indicates that the town purchased a device that allows it to track cellphones on its own for $244,195.

---

"The Gilbert Police Department obtained a $150,000 grant from the State Homeland Security Program," the agency wrote to the ACLU in response to a public records request. "These funds, along with $94,195 of R.I.C.O monies, were used to purchase cell phone tracking equipment in June 2008 (total acquisition cost of $244, 195)."

 

Gilbert didn't offer additional details about the device to the ACLU, and Chief of Police Tim Dorn didn't immediately respond to requests for comment.

But several surveillance experts said the device sounds like a gadget that's sometimes called a stingray.  

The stingray, made by Harris Wireless Products Group of Melbourne, Fla., lets users set up what amounts to a fake cellphone tower and trick all phones nearby into connecting with it. That data can then be used to track the physical location of anyone nearby carrying a powered-on cellphone -- even if the citizen isn’t on a phone call. A stingray can also register other data, such as the phone numbers dialed by all phones while connected to it. The device reportedly cannot record or intercept the content of a phone call, so it does not act like a wiretap.

Still, the stingray is at the heart of a hotly contested criminal case involving an identity thief named Daniel David Rigmaiden, who allegedly stole $4 million through a fake tax return scheme. Federal authorities used a stingray to find Rigmaiden in California in May 2008, then sent him to Arizona for trial.

Perhaps Gilbert was impressed with the result -- it says it acquired its device one month later.

In September 2011, a federal court in Arizona heard Rigmaiden's request to receive all details about the government's secretive use of the surveillance technology. Federal prosecutors are resisting disclosure because they say it will jeopardize use of the critical law enforcement technology in other cases.

Rigmaiden's case, as yet undecided, is largely seen as a test of the constitutionality of stingray and related police surveillance technologies. Would use of a stingray constitute a search, and thus require application for a time-consuming search warrant? Or do cellphone users give up their expectation of privacy by turning on a phone and carrying it in their pocket? The issues were discussed extensively in this recent Wall Street Journal story.

Use of a stingray-like device raises even thornier issues than cellphone records requests, said Catherine Crump, the lawyer who headed the ACLU project.

"I think when law enforcement starts purchasing technology that allows them to track cellphones in that manner, it raises a whole host of questions about how that technology is being used that are even more serious when they track people through carriers," Crump said. "At least when a carrier is involved, there's a third party that may raise concerns if the request is of questionable legality. But when a law enforcement agency can do on its own surveillance, that raises even more serious questions about whether there is appropriate oversight."

No other local police department that responded to the ACLU's public records requests mentioned purchase of a stingray-like device -- one other community mentioned borrowing such a gadget -- but Crump said that's because she didn't specifically ask about them.

"If I had to write the requests it over again, I would,” she said. “We didn’t realize how big an issue these devices were at the time. We know that there are others purchased by other agencies around the country, mainly from press reports."

The Miami police department, for example, asked Harris for a price quote in 2008. The firm's response is still on the city of Miami's website. A more extensive price list from Harris can be found at this website. 

A spokesman for Harris Wireless said the company didn't comment on clients' purchases and referred questions to Gilbert's Police Department.

The use of fake cellphone towers by law enforcement has caught on outside the U.S., too. Britain's Metropolitan Police, which serves the greater London area and is that nation's largest police force, began deploying similar technology provided by England-based Datong PLC last year, according to The Guardian. The disclosure began a round of debate about civil liberties in Britain.

Matt Blaze, a computer science professor at the University of Pennsylvania and an expert on stingray-like devices, said they are a mixed bag.

"Certainly these devices are powerful surveillance tools that, if misused, have the potential to be quite invasive against the privacy of innocent people," he said.  "But, then again, so do many other law enforcement investigative methods -- physical searches, hidden microphones, informants and so on. The question is how they are used, how often they are used and the oversight mechanisms in place to prevent and detect misuse."

Devices like stingrays are technologically limited in scope, however -- they can only monitor a limited physical area in real time -- so Blaze is less concerned about them than he is the revolving door of data between private companies and law enforcement.

"I'm less worried about law enforcement agencies with stingrays and other targeted surveillance gadgets than I am about location and other kinds of tracking through the carriers, especially when done without strong legal oversight or without probable cause," he said. "While I do worry about abuse of these kinds of electronic surveillance devices, the fact that they are inherently rather targeted in what they can collect acts as something of a built-in safeguard. I'm more concerned, in the long run, about large-scale surveillance capabilities being included in our communications infrastructure."

Still, privacy researcher Chris Soghoian – who has written extensively on law enforcement use of cellphone technology for surveillance – said police use of the stingray device is among the most troubling privacy developments in years. Some phone companies allow police officers to use a website to download customers’ GPS location data easily, “from the comfort of their own desks,” he said, and charge as little as $5 for the information. With phone company record access that easy and inexpensive, there’s no need for stingray, he argued.

“The real issue is that this device is about allowing police to perform surveillance when the phone company would say no,” said Soghoian, who is Graduate Fellow at the Center for Applied Cybersecurity Research at Indiana University. “This is not about saving time and money … it’s about the fact that there’s no one to insist that the law be followed when a stingray is used.”

 *Follow Bob Sullivan on Facebook     
*Follow Bob Sullivan on Twitter.