Mobile Operators Responded To An Astounding 1.3 Million Requests For Subscriber Info
from the you-have-no-privacy dept
We’ve talked for a while about just how often law enforcement seeks information from mobile operators — often without getting any actual warrant — knowing that it was astounding. But after an article from a few months ago in the NY Times noting that it was both routine and a big business for mobile operators, who charge law enforcement for each request, Rep. Ed Markey asked all of the major mobile operators just how often they get requests from law enforcement for subscriber info, and discovered that last year they responded to an astounding 1.3 million requests for subscriber info — including location info, text messages and other data. And, apparently, this number likely undercounts the true size, because it notes that there was “incomplete record-keeping” in some cases. Oh yeah, and also, this just requests, not individuals — a single request might include multiple people whose information was being sought. So, an awful lot of people were spied on this way.
Not surprisingly, the number of requests continues to rise drastically, with AT&T admitting that it had seen a tripling in requests in the last five years. As the report notes:
AT&T alone now responds to an average of more than 700 requests a day, with about 230 of them regarded as emergencies that do not require the normal court orders and subpoena…. Sprint, which did not break down its figures in as much detail as other carriers, led all companies last year in reporting what amounted to at least 1,500 data requests on average a day.
This isn’t a huge surprise, but does raise significant questions about how reasonable these information trawling operations are. Do we honestly believe that law enforcement needed all of that info? This seems like a case where, of course, if the info is easy to get, law enforcement wants it. But is that reasonable?
And, telcos have little incentive to stand up for the rights of their users. They actually make money from these kinds of requests:
AT&T, for one, said it collected $8.3 million last year compared with $2.8 million in 2007, and other carriers reported similar increases in billings.
For a company that large, this isn’t a major cash cow, but it is something. It’s unclear how carefully the telcos review the request. At least one (smaller) telco, C Spire Wireless, reported that it had rejected about 15% of the requests, but most of the other operators didn’t provide any info on rejections (and it makes you wonder if they ever rejected any requests at all).
None of this is surprising. When such a tool is available, it’s almost impossible for it not to be abused. It’s just too easy for law enforcement to snoop on anyone’s location or text messages, and they can’t resist doing so. It seems like telcos (1) could be a lot more transparent about this. While Google and Twitter both have voluntarily opened up to provide data on law enforcement requests, the only reason this info became public from the mobile operators was because of Markey’s request. On top of that, it seems that the rules concerning an individual’s privacy rights should also be a lot clearer, to give the telcos more ammo to push back against bogus requests.
Filed Under: ed markey, law enforcement, location data
Companies: at&t, c spire wireless, sprint
Comments on “Mobile Operators Responded To An Astounding 1.3 Million Requests For Subscriber Info”
$8.3 million last year
Your tax dollars at work.
Re: $8.3 million last year
Amongst the myriad of wastes of my tax money it not so bad…
On the other hand assuming 700/day (excluding weekends) that works out to about $45/request billed by ATT.
Apparently, ATT can give out my service details a damn sight cheaper than the actual service…
Surely there aren’t 1.3+ million criminals roaming around on US soil, so why do they requrest access to so much “private” user info? What “laws” are being violated? How many of these requests for subscriber info resulted in legitimate arrests for real-world crimes? And why are the telcos so willfully complicit in handing over users’ sensitive data?
All this serves to prove is that your privacy may be violated at any time by the telcos if law enforcement waves enough cash in front of their noses. Big brother is indeed watching you …and selling your private info to the highest bidder. Owning a mobile phone seems like a dangerous thing to do.
Re: Re:
Surely there aren’t 1.3+ million criminals roaming around on US soil,
That number may sound high, but considering that we have around 2.2 million people in jail or prison, it doesn’t surprise me at all.
http://en.wikipedia.org/wiki/United_States_incarceration_rate
Home of the free, indeed.
Re: Re: Re:
Our prisons are overpopulated as it stands. Besides, it’s not as if law enforcement made 1.3+ million requests because inmates are running around with mobile phones and they need to keep tabs on them. These requests are unquestionably violating the privacy of many law-abiding Americans.
Re: Re:
“Owning a mobile phone seems like a dangerous thing to do”
If you’re not trying to hide something,why would it be dangerous?
Re: Re: Re:
“If you’re not trying to hide something,why would it be dangerous?”
Easy cop-out. So you don’t mind if I snoop around in your house? After all, you’ve got nothing to hide, right?
Re: Re: Re:
What has not hiding something got to do with it? Most people have something to hide. Having something to hide is not a criminal offense…yet.
Re: Re: Re:
But I am trying to hide something — just not criminal behavior. I’m trying to hide every last bit of data that I can from corporations & the government (but I repeat myself).
It’s called “privacy”. It’s an important thing to do since history (even recent US history) teaches us with certainty that this data will be abused in a way that is harmful to us all.
And even if it wasn’t going to be abused, I claim privacy under the well-known “it’s none of your damn business” rule.
Re: Re: Re:
Well, as I’m sure you’ve got nothing to hide, why not post with an account, giving your name, home address, phone number, and any other details people might want to know.
After all, if you’re not guilty of something, you should have no trouble matching actions with words, since according to you the only reason someone would want to keep their privacy is to hide wrongdoing.
Chances are about 100% that you will have privacy issues with Google and probably 1% from the government.
Re: Re:
I have no problem with Google having some of my private information.
At least they sometimes send an advertisement my way that I might enjoy.
The government though?
*pulls out a flamethrower*
Time to get to work.
Re: Re: Re:
I have tried to adopt an attitude of “so what” regarding Google but really became offended when they started to send ads to my inbox based on the subject of my emails.
As long as everyone doesn’t have a problems with these type of invasions, they will only get worse.
Re: Re:
Of course, I should have know — this is all a conspiracy by Google.
Re: Re:
Chances are 100% that any private information Google has on me was given to them voluntarily….BY ME. Kind of different than my telco giving a third party that is supposed to represent me information on my private communications, eh?
Re: Re: Re:
That says nothing about the relationship between NSA and Google in regards to your data.
Re: Re:
I think your percentage wrt the government is way too low. Nonetheless:
Chances are about 100% that I can choose not to share any information with Google. Chances are about 0% that I have the same option with the government.
But, but - Terrists Everwhere!
Do we honestly believe that law enforcement needed all of that info?
Do you honestly believe in this day and age in “The Land Of The Free” (it’s very hard to write that with and be serious) that for even one femtosecond that law enforcement care in the slightest what you think?
It’s called a Police State. Please! Get used to it.
Re: But, but - Terrists Everwhere!
You don’t say “please” in a Police state….
Point of Order.
Re: Re: But, but - Terrists Everwhere!
You don’t say “please” in a Police state….
Whoosh!
With Editing error
It used to say “it’s very hard to write that with a straight face”.
I goofed. I wanted to edit it to “it’s very hard to write that and be serious”, but I missed deleting “with”.
So just ignore the “with” and get on with doing something useful in your life. OK?
What’s really bad about this HUGE rate of warrantless accessing of people’s info is what happens when courts inevitably rule that it DOES need a warrant.
How many tens or hundreds of thousands of people court cases will then fall apart, and convicts get let freed or need to be retried without the cell phone evidence against them?
This is a VERY expensive problem as well as a violation of privacy. The sooner such a problem is fixed the better and cheaper it is for the government and tax payer.
Re: Re:
They don’t use the illegally obtained information as evidence. They use it to get legal evidence.
Re: Re:
Or they’ll use the information like this.
The numbers don’t sound very high at all. Actually, they seem sort of low. It would be pretty normal to assume that AT&T’s breakdown is common, so about 1/3 of all of the requests are emergency related and not subject to warrants or other “official” style requests.
So you are down to something like 800,000 requests. It’s about 255 per 100,000 population. Now you can go here:
http://en.wikipedia.org/wiki/United_States_cities_by_crime_rate
and you can see the major crime rates in those cities. Since almost every citizen in the US carries a cell phone, and may have had that phone with them at the time, and may have had it on them at the time of their arrest, it’s not unreasonable for an investigator to want to look at the call history for that person.
When you look at the true numbers, the actual number of requests appears shockingly low. It would appear that authorities are being careful here.
Oh well, another Techdirt rant blown into the weeds.
Re: Re:
To you. To me, the numbers appear shockingly high and indicative that while they aren’t casting the broadest net they possibly can, they’re not exactly being “careful.”
Re: Re: Re:
Why would you think that? They are asking for about 1 in 50 or even 1 in 100 of the major crime rates in any of the major cities, and there are plenty of other crimes that merit cell phone information. It seems like a very small number when cast against the overall rate of crime.
I didnt buy a mobile phone to be spied upon. It not a feature i looked for, its not a feature i asked for.
By proxy, this is a form of censorship, with the capabilities that smart phones offer these days the access methods of communication, being forced to choose to communicate or protect my privacy……..is censorship, by proxy
Imagine a world where all future communication devices are setup to SPY on their users……….having to imagine that future is getting easier by the day
Wow…nice to pull your heads out of the sand.
It is only because our information is available that anyone notices that our privacy is at risk.
Prior to the internets, few people raised such a stink because, let’s face it, there wasn’t a whole lot of information available as easily as today.
Frankly, it’s much ado about nothing. If you have a problem with putting your information out there, then don’t. And certainly don’t expect a corporation to protect your information…on the contrary, they will use it for all it is worth….literally.
Re: Re:
This is tantamount to saying that if you don’t want to be subject to unwarranted searches, then stop being a part of society.
I think that’s a destructive message. It’s better to change the behavior of the oppressors than the oppressed.
one would think...
we have criminals and terrorists everywhere. Wonder how many of the requests were really worth it or were they just fishing expeditions hoping to find something.
B.S.
I love the claims in the linked article about needing this information because cell phones are common.
If our forebears were this daft, police would have been spying on our phone lines without warrants as soon as they became popular. They’d have been spying on your mail without a warrant too.
That they are common means accessing information about them and their users makes things easier for police, but not having access does not make solving crimes any harder than before cell phones existed. These claims about “need” are a crock of crap.
Isn't AT&T Wireless a govt sponsored monopoly?
Doesn’t AT&T lease their rights from the government the radio spectrum they use for providing mobile communications? If so then the government should demand that AT&T provide the data they are requesting for free as part of the conditions for enjoying a government sponsored monopoly. So, instead of profiting from all these requests AT&T will have to start pushing back or else be consumed by the costs.
I’m contracting with AT&T to provide me with best-effort mobile communications service and compensate them handsomely for it. So yes, I do expect them to vigorously protect my privacy from everyone including themselves. They are not giving me a heavily discounted or free service such as those provided by Google and others – so yes, I do expect them to protect my data and not relinquish it to anyone, including law enforcement, without a legitimate warrant. Otherwise it’s no different from indiscriminate searches, which we are protected against by the U.S. constitution.
“…telcos have little incentive to stand up for the rights of their users”. Perhaps massive boycotts and loss of customers might give them a little more incentive, no matter how much money they make from these requests.
Re: Re:
Boycotting a monopoly or oligopoly is rather difficult, especially when their product or service has become such an integral part of one’s life. I stopped having a land-line long ago when it became apparent that I was always using my mobile phone instead. To now just go back to using a land-line will be rather difficult and I wouldn’t be saving too much anyway considering how much they jacked up their prices too.
Re: Re:
Sadly in a lot of cases there is quite simply no alternative to go to when boycotting, and cutting yourself off from the internet would be totally impractical for most people these days, if for no other reason than due to how much people do with it(banking, bills, jobs, etc.)
So yeah, the quote is spot on, they know they can get away with it, because people simply don’t have a choice about it, it’s either put up with it, or do without entirely.
How it Really Works
A little perspective here: back in the late 90’s, I worked for the largest wireless carrier in the SF Bay Area. One of my responsibilities was overseeing requests from law enforcement. Now, it’s been 15 years, but I don’t have any reason to believe the substance of what goes on here has changed:
1. We had a copious set of procedures that we followed for different kinds of requests – which come from every imaginable branch of law enforcement at the federal, state, county and municipal level.
2. We pushed back on law enforcement all the time. Every day. It’s not hard to do.
3. Most of the time, information is only provided in response to a subpoena or court order. The egregious stuff – wiretaps, contents of communications, etc. – isn’t provided unless very specific procedures are followed by law enforcement, including specific types of court orders.
4. The exception to this is the “emergency” requests where a warrant is not required. These are always location information – phone records can wait for an order or subpoena, and contents of communications must have an order. Law enforcement typically wants this info to follow up on a crime in progress; we dealt with it in several kidnapping cases. Again, we would routinely push back on law enforcement if it sought too much info or it wasn’t emergent and very time-limited.
5. We only charged law enforcement for setting up wiretaps and pen registers (which again, we only did with a very specific type of court order) because those involved real costs to us each time. We viewed the rest – my time and the time of my subpoena compliance folks – as a cost of doing business. It appears from the NYT article that this remains the practice for carriers.