Dial 'M' for misleading?

Komisarjevsky and Steve Hayes are rather benign. Their cell phones stored the back and forth: Komisarjevsky, the younger of the pair, telling Hayes to hold his horses while Komisarjevsky puts his young daughter to bed at home. Other texts show a picture message of a partially drunken margarita with the message “Check this out!” But the plot not mentioned explicitly in the text is a terrible one, for which the two have since been convicted and sentenced to death. Hours after these exchanges in 2007, a deadly home invasion and robbery ended with the suburban home in flames and a women and two girls dead.

These messages were not the smoking gun in this case; multiple other items of evidence placed the men near the Pettit neighborhood and in the same grocery store where Jennifer Pettit and her younger daughter Michaela were also documented shopping that evening. Gas station surveillance cameras and images of the wrecked Pettit family car vs. police car just a few feet from the burning Pettit home were possibly stronger evidence, however, during expert testimony at the trail the use of cell tower pings to locate the personal phones of both Hayes and Komisarjevsky—a technique that’s been in play in court since cell phones began permeating the lives of everyday Americans—were called into question. Despite its prolonged presence in investigations, cell phone pinpointing methodology has been receiving some recent challenges from technology experts asserting it as a less sound method than, say, global-position system methods. With what we know 12 years into the 21st century, what can we count on from cell tower ping evidence?

GPS vs. cell tower pinpointing

Cellular geolocation techniques utilize cell tower records to gather information to pinpoint the location of a particular device. This becomes a part of investigations when law enforcement utilizes cell data to identify where a person of interest was or was not during an incident. “It can certainly add credence to your case,” Sgt. Daniel Dytchkowskyj of the Erie County Sheriff’s Office says. But depending on the type of technology in play, there is a limit to what can be scientifically derived. For instance, he says if the data for a case in which he’s called to testify is taken from a cell tower, if it’s a Phase I tower, “all I can testify to that is that a cell is in the radius of that cell tower.”

Dytchkowskyj works in the division of police services for Erie County, which is located in Western shoulder of New York state. As commander of the Traffic Bureau and Accident Investigation Unit, his experience with cell phone evidence and cell tower geolocation techniques comes largely from identifying cell phone data as it pertains to a traffic incident, such as investigating fatality accidents. In addition to his position at Erie County Sheriff’s Office, Dytchkowskyj is the vice chair for the Transportation Safety Advancement Group (TSAG), which advises the U.S. Department of Transportation on best practices and technology to protect citizen travelers and public safety personnel who serve them.

Dytchkowskyj says in his experience, the evidence strength is limited by the technology of the phones and the towers. Older technology, like Phase I cell towers and older phones, cannot be as solidly relied on to link a phone to a location as can be ascertained from Phase II towers and newer cell phones that include global positioning system technology.

Honing in on location

The Federal Communications Commission identified that using wireless communication devices for emergency calls was problematic. In instances where people dialed 911 but could not adequately direct responders to where they were, public safety answering points were limited in their ability to locate the caller without a landline. The FCC developed a plan to require telecommunications companies to adapt the technology so phones can be more easily located in emergency situations, with the deadline of 2005. These requirements have been a process of recent years, with some companies not making the initial deadline, but with a continued move toward the following FCC terms:

Under Phase I, the FCC requires carriers, within six months of a valid request by a local Public Safety Answering Point (PSAP), to provide the PSAP with the telephone number of the originator of a wireless 911 call and the location of the cell site or base station transmitting the call.

Under Phase II, the FCC requires wireless carriers [provide] … the latitude and longitude of the caller. This information must meet FCC accuracy standards, generally to within 50 to 300 meters, depending on the type of technology used.

With Phase II, the FCC requires technology to be in place that can pinpoint a phone within 50 to 300 meters, which is better than is possible with Phase I tower technology. Don Lewis, a forensic computer analyst with Lakewood Police Department in Colorado, explains that with some types of phones using GPS information, location distance narrows. “Device applications can record GPS locations which can be more accurate,” Lewis says. “Common applications utilizing GPS include device based cameras. A good example is the iPhone, which records with a high degree of accuracy GPS locations. This GPS data is retrievable in the image metadata.”

Lewis has worked in the Lakewood PD crime lab for 23 years, nine years as a forensic computer analyst including cell phone forensics. He explains that by “reviewing the tower locations and connection times a path of travel can be established.”

Lewis explains that sometimes, the leads are hidden there within data and with closer analysis, can become helpful in a case. Lewis says in a recent case the cell tower data and what the investigators knew about the phone lead them to dig a little deeper. In the case, a phone was found beneath a deceased victim. But cell tower activity continued for days after the scene had been secured (from towers several miles away), confusing investigators. Lewis explains:

“There was some initial confusion by investigators that the phone was still connecting to towers over some distance, in a metropolitan area, while it was under the deceased and saturated in blood. It was found a cloned SIM card was being used in a similar phone. Using cell tower connection data ... we were able to locate the building the subject using the phone was residing in. Cell tower connection times were compared to surveillance video from the building identifying the subject of interest. Forensics from the recovered phone in possession of the subject contained content discussing the homicide.”

Multimedia forensics in question

Three years ago, the National Academy of Sciences reported to Congress that there were flaws in the science of forensics that undermine the unbiased classification that the title “science” requires. Of the many forensic disciplines, DNA was the only area that the report backed as solid. For the others, such as forensic odontology and tool mark analysis, the report gave recommendations from experts in the forensic community on how to strengthen the disciplines (Read the 2009 LET feature, “Flawed forensics?” on the original report at www.officer.com/10233455.)

The 2009 “Strengthening Forensic Science in the United States: A Path Forward” also touched on digital and multimedia forensics. In the report’s conclusion, it states:

(1) the digital evidence community does not have an agreed certification program or list of qualifications for digital forensic examiners;

(2) some agencies still treat the examination of digital evidence as an investigative rather than a forensic activity; and

(3) there is wide variability in and uncertainty about the education, experience, and training of those practicing this discipline.

Similarly, Michael Cherry, president of Cherry Biometrics, a security technology firm, has concerns about the origins of using cell tower evidence in criminal cases. Cherry and his colleagues have served as expert witnesses in cases that challenged cell tower science. In January/February issue of Judicature, the American Judicature Society publication, an article titled “Cell tower junk science” cited three recent cases in which defense attorneys challenged the cell tower pinging evidence and were successful in arousing suspicion amongst others in their effort. “We’re doing this because we think it’s important,” Cherry says. He adds that the firm has background with the cell phone companies and applicable telephone experience. With his knowledge and understanding of the technology, he says “we saw that there were flaws and we went after [cell tower evidence].”

The argument against cell tower geolocation techniques as solid evidence is described in the Judicature article, in which the coauthors state, “No one who understands the relevant science would ever claim that data from a single cell phone tower is adequate.”

Cherry says while he contests single cell tower geolocation methods to pinpoint a cell device, the FCC’s rule for its Enhanced 911 that requires carriers to provide GPS location information from the device can provide more reliable scientific evidence.

Dytchkowskyj says he prefers device GPS data, if it’s available. “If they’ve got GPS on their phone, it’s much more accurate, so in court it’s much easier” to back up down the road, should a case reach that stage. Dytchkowskyj says for his agency, there are less issues with relying on the older Phase I geolocation methods, since most towers in Erie County are now Phase II. However throughout the country, that is not always the case.

Takeaway

How should investigators proceed given the limits of cell tower ping location? Dytchkowskyj and Lewis say the method still has its merits and is helpful as a tool to sketch an outline, such as using patterns or an idea of a path of travel.

Lewis says “Understanding the source of the required data and an overview of how devices and service providers record location data is important in knowing what is truly available.”

Dytchkowskyj says staying on top of technology like new phone devices and geolocation methodology as it evolves is important for investigators. “Law enforcement has got to educate themselves about technology. You have to understand what information you can glean from cell tower records.

“I wouldn’t say it’s a smoking gun but it adds to the case in the sense that we can say you were in the area. But you need a heck of a lot more evidence [than just cell tower records].”

The convictions of Komisarjevsky and Hayes are not a landmark case for cell phone tower pinpointing evidence. There were many other types of evidence that placed them at the scene and factored into convicting them. But the challenge to the geolocation evidence was an unpublished headline; not important in the overall guilty conviction but rather the start of a conversation outside of that case on whether geolocation methods can lead to smoking gun evidence.

An emphasis on understanding the technology at hand is important in investigations where science is used to convict or exonerate an individual. If the techniques and tech capabilities are misunderstood, the evidence is misrepresented, too; a disservice to justice.

As Cherry puts it, “flawed evidence produces risks all the way around.”

 

More information about Next Generation 911 can be found at the Transportation Safety Advancement Group, of which Sgt. Dan Dytchkowskyj works with the Law Enforcement Emergency Response Group, can be found at the organization’s website, www.tsag-its.org/tsaglibrary.php. Access “Cell tower junk science” article through the Educated Evidence division of Cherry Biometrics at http://educatedevidence.com/Viewpoint_J-F.pdf.

Loading