According to an email chain, the marketer, Josh Shaner, renewed a pitch to the San Diego Police Department for a “mobile intelligence system” called Phantom.
Two months earlier, he had written Lt. Chris Haley, now SDPD program manager for crime analysis and data service.
“Per our conversation, attached [is] our two-pager for Phantom, our flagship product,” Shaner wrote. “We try and limit the dissemination of our product information, so the password for the PDF is your email address.”
According to multiple reports, including a first by Motherboard senior staff writer Joseph Cox on Vice.com, Phantom was a mobile-phone hacking system that “can siphon a target’s emails, text messages and contact list, as well as track their location, turn on the device’s microphone and take photos with its camera.”
Medianama added: “Phantom collects all data on the smartphone including ‘instant messaging, call interception, room wiretap, camera snapshots, calendar, GPS tracking, browser history and app data such as Skype and Facebook.’ … It can also monitor WhatsApp, and collect passwords. It can ‘overcome encryption, SSL, proprietary protocols.’”
Ultimately, the pitch was rebuffed — apparently because of cost, according to emails obtained by Cox and shared with Times of San Diego.
Cox quoted spokesman Lt. Shawn Takeuchi as saying: “The San Diego Police Department quite often engages in conversations with vendors who are attempting to sell a product or service so that we can provide the highest quality of police services to our communities.”
Takeuchi told Cox via email that Sgt. Daniel Meyer evaluated vendors who contacted the department.
But ultimately, Meyer wrote Shaner: “I was able to brief Chief Guaderrama. And although I think your system sounds awesome, we simply do not have the kind of funds to move forward on such a large-scale project. Thank you much for reaching out [though].”
Spokesman Takeuchi told Times of San Diego on Thursday that it appears Shaner contacted Assistant Chief Mark Jones (now retired) several weeks before August 8, 2016.
“Sometime between August 8-10, 2016, then Sergeant Daniel Meyer and the Westbridge representative had a telephone conversation. On August 17, 2016, Sergeant Meyer contacted Wetsbridge and told them SDPD would not be purchasing their product,” he confirmed.
Takeuchi says he doesn’t know the cost at that time, and Sgt. Meyer (now Lt. Meyer) does not remember either. “After speaking with Lt. Meyer today, no, there was never a serious consideration to purchase this product.”
He added via email: “Please understand we are contacted routinely by various vendors, so this type of communication is not out of the ordinary. Vendors solicit their product or service to our department frequently.”
Former Police Chief Shelley Zimmerman, who headed the department at the time, didn’t immediately respond to a request for comment.
But Takeuchi told Vice.com that the technology “would need to be utilized only after legal authority (search warrant) was obtained.”
The technology has been the focus of investigative reports, including one on “60 Minutes,” because of its potential for spying on dissidents.
Westbridge Technologies was reportedly the North American branch of NSO Group, “a surveillance vendor best known for selling hacking technology to authoritarian governments, including Saudi Arabia,” Motherboard said Tuesday.
But in a lawsuit filing, NSO Group’s CEO says Westbridge Technologies is not part of NSO, Bloomberg reported. A former president of Westbridge called the company “the U.S. affiliate of Q Cyber Technologies.”
News of the attempted sale reached Congress, and Sen. Ron Wyden of Oregon told a British outlet that “government hacking is among the most invasive forms of surveillance – tracking someone’s movements, turning on their webcam and microphone, or accessing photos and other sensitive data on a phone or computer.”
In a statement, Wyden added: “These tools are ripe for abuse, for example, by a law enforcement officer to spy on an ex. Congress must conduct aggressive oversight into the proliferation of these spying technologies and their use by state and local agencies.”
Updated at 6:23 p.m. May 14, 2020