FYI.

This story is over 5 years old.

News

El Chapo’s lawyers want to suppress evidence from spyware used to catch cheating spouses

The kingpin's lawyers have long suspected the government used spy technology to bust their client. Now, they appear to have proof.

Joaquin “El Chapo” Guzmán is a notorious ladies man. The cartel kingpin is currently married to a former beauty queen, but countless tales describe him smuggling prostitutes into Mexican prisons and having trysts with female guards and inmates. He once escaped nearly naked from an early-morning police raid through a tunnel beneath his bathtub with a mistress at his side.

It might make sense, then, for law enforcement to have busted Chapo with help from a spyware app that’s been marketed to people who suspect their partners of cheating. Chapo’s lawyers have long suspected the government used spy technology to bust their client. Now, they appear to have proof.

Advertisement

Ahead of Chapo’s upcoming trial in Brooklyn federal court, Chapo’s legal team filed a recent motion to suppress evidence obtained through FlexiSPY, a type of software that allows users to secretly tape a person’s phone calls, remotely switch on a device’s microphone and camera, and track their location. It can also monitor activity on apps such as Tinder and Facebook.

"We believe that the government didn’t follow proper procedures in seizing evidence related to Mr. Guzmán.”

The Thailand-based FlexiSPY bills itself as “the world's most powerful monitoring software,” and the company’s website lists prospective buyers as concerned parents who want to spy on their kids and companies interested in snooping on their employees. But the app has also been dubbed “stalkerware” because it was initially marketed to jealous spouses paranoid about infidelity. FlexiSPY has also previously been linked to at least one U.S. law enforcement official.

Exactly how FlexiSPY figures into Chapo’s case remains murky. All documents associated with the motion filed late Monday evening by Chapo’s lead attorney, Eduardo Balarezo, remain under seal. A public docket entry, however, describes the evidence as “FlexiSPY data.” Balarezo declined to comment except to say the material should not be admissible in court.

“We believe that the government didn’t follow proper procedures in seizing evidence related to Mr. Guzmán,” Balarezo said. “There’s some issues with respect to warrantless seizure of evidence. There’s issues with respect to warrants that were not valid for various reasons.”

Advertisement

The U.S. Attorney’s Office for the Eastern District of New York, which is prosecuting Chapo, declined to comment.

To install FlexiSPY, the person who wants to do the spying needs to be in physical possession of the target phone or device. Once the software is uploaded, it can run in the background, completely hidden from the device’s owner while it siphons off data and other information.

Riana Pfefferkorn, a cryptography fellow at the Stanford Law School’s Center for Internet and Society, said FlexiSPY is “kind of an app version of a wire.” Wiretaps are the traditional monitoring tool used by law enforcement after obtaining a warrant signed by a judge.

“It can be done quickly, but it’s not something that can be done remotely,” Pfefferkorn said. “That raises the question for me of whether this was a U.S. law enforcement agency that installed this on Chapo’s phone, if it was his phone.”

It’s also possible that an informant working for the DEA or another U.S. law enforcement agency installed the software on a phone used to communicate with Chapo. The feds are known to possess their own sophisticated spy technology, but Pfefferkorn speculated that law enforcement may have chosen FlexiSPY, rather than in-house tools, to keep their capabilities secret.

“They might have developed those tools but aren’t sharing it with the DEA, even for a drug kingpin bust situation like this,” Pfefferkorn said. “If you’re on intelligence and national security side, you don’t want those tools to be discussed in court.”

Advertisement

FlexiSPY declined to say whether it has sold software to U.S. law enforcement agencies. “We do not share information on our customer relationships, but we happily comply with any request for information from legal authorities,” the company wrote in an email to VICE News.

How it's used

In January, Motherboard used data obtained from FlexiSPY to report that a former DEA official working as a special agent at the Florida Department of Law Enforcement had purchased the software, apparently without the knowledge of his own agency. The agent, who’s now retired, told Motherboard reporter Joseph Cox FlexiSPY was “probably a program I used on a case or tried it to understand how it worked.”

The FlexiSPY data obtained by Motherboard, however, shows no record of purchases by law enforcement officials from the DEA, FBI, or the Department of Homeland Security, Cox told VICE News. But he noted it’s possible an agent could have used a personal email address to conceal the transaction.

DEA spokesman Rusty Payne said he wasn’t aware of FlexiSPY, and that “DEA and law enforcement in general do not typically reveal specific means and methods utilized in our investigations.” He declined to comment further.

Motherboard also reported in February that data obtained by hackers showed that email addresses associated with several federal law enforcement agencies, including the FBI and ICE, as well as branches of the U.S. military had been used to purchase Mobistealth, another type of commercial spyware similar to FlexiSPY.

Advertisement

Last October, Balarezo filed a motion asking the government to hand over any evidence “derived from eavesdropping through warrantless wireless surveillance.” He specifically requested evidence obtained via the National Security Agency’s PRISM program, as well as data from “Triggerfish” devices, which mimic cell towers and trick phones into sharing data.

But while those requests were essentially fishing expeditions, the specificity of Balarezo’s recent filing indicates the government has already turned over records that confirm FlexiSPY was somehow used in the Chapo investigation.

For Pfefferkorn, the Stanford expert, the potential use of FlexiSPY by federal agency is troubling. Not only has the company been criticized for enabling invasions of privacy, she said, it’s unclear whether judges are being fully informed about technologies like FlexiSPY.

“We don’t know whether judges know that something that could be used to stalk your spouse could be used in a law enforcement context,” Pfefferkorn said.

Even if the judge on the case grants the request from Chapo’s attorney to suppress the FlexiSPY data, prosecutors still have a massive amount of evidence at their disposal. Chapo’s trial is currently scheduled to start in September, but Balarezo has requested a postponement, citing the need to sift through “more than 320,000 pages of documents, and thousands of intercepted and recorded audio and electronic communications and dozens of videos” that prosecutors have handed over as potential evidence.

Chapo’s judge has yet to rule on the request to delay the trial, or on Balarezo’s motion to suppress the FlexiSPY evidence.

If turns out that FlexiSPY was critical to the case against the Sinaloa cartel boss, the company said it would be “happy that our product was able to help apprehend someone who is allegedly a notorious criminal.”

Cover image: Joaquin "El Chapo" Guzman is escorted to a helicopter in handcuffs by Mexican Navy marines at a navy hanger in Mexico City on Feb. 22, 2014. (AP Photo/Eduardo Verdugo, File)