from the collect-it-all-because-why-not dept
For decades, the government has used the Third Party Doctrine to obtain massive amounts of phone records without a warrant.
Even prior to the creation of the Third Party Doctrine by the Supreme Court in 1979, government agencies were obtaining phone records using pen register requests that provided them with info on numbers called and the length of the calls. This method, however, required the government to supply some information of its own: specifically, a targeted source phone number phone companies could use to search for call metadata.
Then the NSA got involved. Leveraging the doctrine erected decades earlier, the NSA used its foreign surveillance authority to force Verizon to hand over every single phone record generated by users of its business services. No targeting necessary.
This mass collection was exposed by the initial Snowden leak. The FISA court order published by multiple news outlets showed the government was able to engage in bulk surveillance via a single FISA request. This one targeted Verizon’s business services, but nothing about what was published suggested this was the only cell service provider responding to these blanket orders.
At the same time Snowden was airing the government’s dirty surveillance laundry, the DEA was inadvertently exposing its delicates. A particularly spectacular unforced error by the DEA saw it handing over information on its secret “Hemisphere” program in response to records requests seeking something else entirely. The information contained in this accidentally exposed presentation not only showed AT&T had employees “embedded” in the DEA to provide more instantaneous responses to phone records requests, but also that DEA agents and experts were being instructed to engage in parallel construction to hide the origin of phones records obtained with this program that were being used as evidence in court.
The DEA’s ability to obtain phone records in bulk was confirmed several months later by none other than the DEA, which released another set of Hemisphere documents to records requesters. Perhaps figuring there was no longer any reason to pretend this program didn’t exist, the DEA was more forthcoming the second time around.
These revelations soon were buried by months of steady NSA leaks from Snowden and others. The Hemisphere program, however, never went away. Although it did receive attention from legislators and privacy advocates once it was exposed, the feds never officially ended this collection. AT&T was the only private company named in the documents, but there was never any official denial from other cell service providers that they, too, weren’t working with the DEA to provide real-time and bulk access to phone records.
Hemisphere is dead in name only. That’s only one of the revelations in this recent report from Dell Cameron and Dhruv Mehrota for Wired.
A little-known surveillance program tracks more than a trillion domestic phone records within the United States each year, according to a letter WIRED obtained that was sent by US senator Ron Wyden to the Department of Justice (DOJ) on Sunday, challenging the program’s legality.
According to the letter, a surveillance program now known as Data Analytical Services (DAS) has for more than a decade allowed federal, state, and local law enforcement agencies to mine the details of Americans’ calls, analyzing the phone records of countless people who are not suspected of any crime, including victims. Using a technique known as chain analysis, the program targets not only those in direct phone contact with a criminal suspect but anyone with whom those individuals have been in contact as well.
DAS is nothing more than a rebrand of Hemisphere — a program that underwent periodic suspensions by various presidential administrations following its exposure by journalists and public records requesters. As Cameron and Mehrota note, the first suspension followed its first exposure, delivered by Barrack Obama in 2013. Since then, the leaders of the free world have been flipping the on-off switch randomly.
[W]hile discretionary funding was withheld over the following three years, a White House memo obtained by WIRED shows that individual law enforcement organizations across the US were permitted to continue contracting with AT&T directly in order to maintain access to its data-mining service. Funding resumed under former president Donald Trump but was halted again in 2021, according to the White House memo. Last year, under president Joe Biden, the funding resumed once more, the memo says.
If there’s anything that reaches across the massive partisan divide, it’s the willingness to allow domestic law enforcement agencies to engage in domestic surveillance with minimal oversight. As pointed out above, even while the DEA was (intermittently) denied funding to engage in this phone records collection, state and local law enforcement agencies were still allowed to convert AT&T into a proxy surveillance agency.
Ron Wyden’s letter addresses information uncovered by Distributed Denial of Secrets, a collective of transparency activists that has routinely been subjected to social media bans and criticism from government officials for daring to obtain information through any means necessary and making this information available to the general public.
Just as disturbing is the fact that this program survives, despite the NSA itself choosing to end its own call records program (under Section 215 authority) because it was (1) too difficult to avoid surveilling Americans and (2) because it wasn’t all that useful.
But what the NSA has abandoned, the DEA has kept alive, using federal funding and agreements with AT&T forged by the Office of National Drug Control Policy. AT&T, for its part, has once again refused to comment on this cozy relationship with federal drug warriors, offering up nothing more than the obvious acknowledgment that it’s obliged to comply with federal subpoenas. Of course that’s true, but it doesn’t explain why AT&T was the proactive partner in this alliance, much less why it still — despite years of records requests and law enforcement leaks — appears to be the only cell service provider willing to crawl into (em)bed with the DEA to provide instantaneous access to cell records that it pretends are only subject to subpoenas.
Its statements also fail to explain why it does things it’s not required to do when it appears the only beneficiary of these actions would be the DEA and its law enforcement partners.
There is no law requiring AT&T to store decades’ worth of Americans’ call records for law enforcement purposes.
The only explanation is that AT&T considers this a feature, rather than a deliberately ignored bug. The evidence on the record shows AT&T would rather court cops than protect customers.
Documents reviewed by WIRED show that AT&T officials have attended law enforcement conferences in Texas as recently as 2018 to train police officials on how best to utilize AT&T’s voluntary, albeit revenue-generating, assistance.
The money isn’t the motive. Or, at least, it shouldn’t be, not at these prices. While AT&T is compensated for hooking up with drug warriors, the Wired report says the Office of National Drug Control Policy has contributed only $6.1 million to the program over the last decade. There are other sources of funding, of course, but it’s unclear how much of this makes its way to AT&T directly or indirectly. Sure, it’s pure profit when you’re already retaining these records for years at a time, but AT&T still has to pay analysts, liaisons, and (hopefully) a handful of lawyers — something that would appear to make the rebranded Hemisphere a loss leader, rather than a true contributor to the company’s bottom line.
It’s great that Ron Wyden is again demanding answers from the DOJ and DEA about this domestic surveillance effort, but it’s far less heartening to see that multiple presidential administrations have never been willing to shut this program down completely, despite it being something most Americans would never support. Trillions of phone records that aren’t even a subpoena away from government scrutiny isn’t the sort of thing residents of the United States expect to be happening, much less believe should be happening. The government should need more than the voluntary obeisance of one of the nation’s largest cell service providers to engage in this surveillance. But because it has this — and the periodic support of those holding the highest office in the land — phone records are still just a government plaything, something capable of putting people several degrees removed from suspected criminals under the government’s drug war microscope.