The Democratic National Convention in Chicago in August saw a massive security presence, as thousands took to the streets to protest Israel’s deadly attacks on Gaza. US Capitol Police, Secret Service, the Department of Homeland Security’s Homeland Security Investigations, sheriff’s deputies from surrounding counties, and local police officers from around the country converged on Chicago to help manage the crowds and ensure the event proceeded without major disruptions.
Amid the headlines and largely peaceful protests, WIRED was looking for something less obvious. We were investigating reports about cell site simulators (CSSs), also known as IMSI catchers or Stingrays, the name of an earlier device of this technology developed by Harris Corporation. These controversial surveillance tools mimic cell towers and trick mobile phones into connecting to them. Activists have long worried that the devices, which can capture sensitive data like location, call metadata, and app traffic, could be used against political activists and protesters.
Armed with two rooted Android smartphones and a waistpack stuffed with three Wi-Fi hotspots running CSS detection software developed by the Electronic Frontier Foundation, a digital rights nonprofit, we conducted our first wireless survey of signals around the DNC.
WIRED attended protests around the city, events at the United Center (where the Democratic National Convention was held), and social gatherings with lobbyists, politicians, and influencers. Before, during, and after these events, we walked along the march routes and around the planned protest sites.
Along the way, we captured Bluetooth, Wi-Fi, and cellular signals. We then analyzed those signals for specific hardware identifiers and other suspicious indicators that might indicate the presence of a cell-site simulator. Ultimately, we found no evidence that a cell-site simulator had been deployed at the DNC. But the hundreds of thousands of data points we collected in Chicago together show how invisible signals from devices can create vulnerabilities for activists, police, and everyone in between. Our investigation uncovered signals from as many as 297,337 devices, including 2,568 associated with a major police body camera manufacturer, five associated with a law enforcement drone manufacturer, and a vast array of consumer electronics, including cameras, hearing aids, IoT devices, and headphones.
WIRED has observed the same devices pop up in different locations time and time again, revealing patterns in the movements of their operators: For example, a Chevy Wi-Fi hotspot originally installed in a law enforcement parking lot at the United Center was later found parked on a side street at a protest in Chicago; a Wi-Fi signal from a Skydio police drone hovering over a large anti-war protest was detected again the next day over the Israeli Consulate; and an Axon police body camera with the same hardware identifier was found at different protest sites several days apart.
“Surveillance technologies leave behind traces that can be found in real time,” says Cooper Quintin, a senior staff technologist at EFF. Regardless of the specific technologies WIRED uncovered, Quintin notes that the ability to identify police technologies in real time is important. “Many of our devices beacon in ways that allow them to track us through radio signals,” he says. While this allows police to track us, “it also makes protesters vulnerable to the same kinds of attacks as well,” Quintin says.
The signals we collected are a by-product of our highly networked world, and they point to a widespread and disturbing reality: military, law enforcement, and consumer devices constantly emit signals that can be intercepted and tracked by anyone with the right tools. In critical situations such as election events, gatherings of prominent politicians and other officials, and large-scale protests, our findings have implications for law enforcement and protesters alike.
