As someone who has decades of tech experience and have been the target of various Government agencies for many years... I have a few things to add:<p>Most devices have some kind of GPS or positioning system. Phones in particular still communicate certain information to cell towers and E911 even if there is no SIM installed. Wrapping your phone in aluminum foil does not block all the signals as many have been lead to believe. It is not certain, especially with 5G what faraday bags can work. Your best bet is a phone where you can remove the battery. Even this could leave residual power in the device.<p>One of the most non technical aspects of Government surveillance, especially in the United States, is that their ability to request data depends on each specific provider. Usually, law enforcement has long standing relationships with all these companies and the higher up you go in the U.S. Govt, you get more of this. After all, there are a million ways the Govt can keep a device off the market if they do not comply with whatever the Government wants. Maybe most importantly, parallel construction is often used here. For example, law enforcement will only follow the rules and get a warrant if they intend to present a case in court. Often, they just want information and if they want to use it they will find a way to parallel construct its source. Do not rely on your constitutional protections or anything else. In many cases it is simply not a factor for them.<p>Everything about your phone comes back to the sim card. It is extremely difficult to get a working SIM without some form of ID. Most SIM cards are traceable this way, especially if you purchase them in the U.S.
Most services require a form of authentication as well, often a phone number which requires the SIM belong to someone, or an email address, which very often requires a phone number to create. Used burner phones are your best bet.<p>Any cloud service connection your phone initiates is able to be intercepted and the Govt can deploy a form of a man in the middle decryption attack with the help of your cell provider. This is not used as often but unless everything you have uses certificate pinning, and often this isn't the case, it is very easy to man in the middle your end to end traffic and decrypt it.<p>Applications also leak like crazy to various APIs and other things they use. Connections can be downgraded to HTTP and all other forms of tricks to monitor you are used.<p>For example, if you are using an end to end encrypted messaging app, and you have the content of those messages going to the apple or google notification system, you do not have end to end encrypted messaging. This is why Signal disables the content in the notification by default.<p>There are other attack surfaces here as well. Keyboard autocomplete is one as it uses remote services. If LE knows you are using something like Signal, and they can see you created a new contact on your phone to message them, they already know who you are talking to you, and if your phone keyboard is using autocomplete or grammar correct, they could potentially get what both sides are writing to each other without actually breaking the encryption.<p>There are other methods as well. iPhones have the ability to use a form of Remote Desktop that can be accessed over the cell connection. So as you are using the app, your screen can be monitored, thus defeating any encryption security you think you have.<p>If Law enforcement knows you have cloud accounts, say with iCloud or Google Docs, and you are working on something in there, you can be sure that it is possible for your work to be viewed as you are working on it. This has a ton of implications for people just doing normal non activist work as well. Maybe you're working on your own legal case and they can literally just watch you build a legal defense and then plan accordingly. It really is endless what they can do.<p>If the Govt is interested in you, most cities are full surveillance cities now. You can have no phone, no RFID anything, change your routes, change your appearance and you will still be found. There are rare exceptions to this but for the most part assume you cannot move around a city without being constantly monitored. Even if you only have a pair of bluetooth headphones, there are all kinds of devices collecting broadcast data, and these can be correlated with device lists uploaded when you pair a device.<p>This is just a short list of things I've experienced personally... There is so much more. Any large formal resistance basically cannot happen without the Govt knowing about it.<p>EDIT: Sorry for the wall of text