Hacked Data Obtained By The Intercept Highlights Wholesale Spying On Inmate, Attorney Privileged Communications

from the institutional-apathy dept

A few months ago the FCC voted to crack down on the ripping off of inmates and their families by prison telecom companies, which for decades now have charged upwards of $14 per minute for services that cost little to nothing to provide. At the time, prison telecom companies like Securus complained hysterically about the FCC’s decision, CEO Richard Smith declaring the new price caps would have a “devastating effect” on its business, potentially ending its participation in “services and continuing inmate related programs.”

According to a massive new trove of data obtained by the Intercept, one of the “services” Securus was apparently providing was of the wholesale spying variety. Hacker-obtained data examined by The Intercept includes 70 million records of phone calls (and recordings of the phone calls themselves), placed by prisoners in at least 37 different states over a two-and-a-half year period. Of particular note are the estimated 14,000 recordings of privileged conversations between inmates and their lawyers:

“This may be the most massive breach of the attorney-client privilege in modern U.S. history, and that?s certainly something to be concerned about,? said David Fathi, director of the ACLU?s National Prison Project. ?A lot of prisoner rights are limited because of their conviction and incarceration, but their protection by the attorney-client privilege is not.”

Securus alone provides telecom services and “secure” storage of communications for 2,200 prisons around the United States, processing a million or so calls each day. Securus and other such companies serve a relatively captive and unregulated market, where prisons are paid upwards of $460 million annually in “concession fees” (read: kickbacks) to win exclusive telecom-related prison contracts. Part of Securus’ pitch to prisons is that it will offer cutting edge secure storage for these communications, though the Intercept notes this latest hack wasn’t the first.

Prisoners obviously don’t expect the full historical right to privacy; indeed Securus makes sure to include a message warning inmates that “this call is from a correctional facility and may be monitored and recorded” at the beginning of each call. Waivers of rights and the monitoring and securing of phone communications was originally pushed as a way to prevent riots, witness tampering and generally secure the prison back in the 90s. But as the Intercept points out, that doesn’t make the long-term storage of this data any less problematic, and securing the facility certainly shouldn’t include recording secure communications between inmates and their lawyers. A behavior, it should be noted, Securus itself claimed it didn’t do:

“A review of contracts and proposals completed by Securus in a handful of states reflects the company?s understanding of this right. In a 2011 bid to provide phone service to inmates in Missouri?s state prisons, Securus promised that each ?call will be recorded and monitored, with the exception of privileged calls.? But the database provided to The Intercept shows that over 12,000 recordings of inmate-attorney communications, placed to attorneys in Missouri, were collected, stored, and ultimately hacked.”

The Intercept’s findings are particularly problematic for Securus, since the company is the target of a federal civil rights suit filed in Texas in 2014. That suit, by the Austin Lawyers Guild and a prisoners’ advocacy group, alleges that Securus had been recording privileged conversations, and that intrusion into this communications (and the prosecutors’ failure to disclose this information during discovery) undermines the legal ability to defend them. This despite Securus contracts explicitly stating that phone calls “to telephone numbers known to belong [to] attorneys are NOT recorded,” and that “if any call to an attorney is inadvertently recorded, the recording is destroyed as soon as it is discovered.” Or not.

The Intercept’s latest findings not only stumble into yet another expansion of our wholesale surveillance state, but exemplify the kind of apathy about the prison industrial complex that allowed Securus to aggressively rip off inmates and families in the first place. “They’re in prison so they deserve it” is a common refrain from the apathetic to the rights trampling of the guilty, the innocent, and the millions of Americans serving massive prison sentences for relatively innocuous marijuana offenses. On a positive note the Intercept’s latest leak was courtesy of The Intercept’s Tor-enabled SecureDrop platform, another sign we’re (hopefully) moving past the Assange middleman era into one where the traditional media — with a little help — actually does its job.

Filed Under: , , , , ,
Companies: securus

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Hacked Data Obtained By The Intercept Highlights Wholesale Spying On Inmate, Attorney Privileged Communications”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Re: The Intercept's Tor-enabled SecureDrop platform

Tor is patched all the time, and there’s a redesign of hidden services being worked on. But do we have any evidence the FBI broke Tor? They claim a misconfigured server revealed itself (although some suspect it’s parallel construction).

The FBI did plant a JavaScript exploit on the Tor Mail servers (not affiliated with the Tor project). The Tor Browser Bundle and Tails projects have patched the bug—in Firefox, not Tor—and there have been some ideas on ways to mitigate such attacks. I’d say turning JavaScript off is a good idea, even when not using Tor.

art guerrilla (profile) says:

i get your point...

…but technically, replacing one ‘gatekeeper’ (assange) with another ‘gatekeeper’ (the intercept) is not exactly lessening the degrees of separation from us sheeple to the whistleblowers…
THAT would be if the whistleblower just PUT IT ALL OUT THERE, *blap*: no filters, no amelioration, no redacting, no protecting bullshit national sekurity reasons, etc…

Anonymous Coward says:

Re: i get your point...

The Intercept is also a bit more… image-conscious than Wikileaks. Remember when they reported that an undisclosed country was having 100% of it’s telephony stored but wouldn’t disclose which one (and then Wikileaks confirmed it was Afghanistan)? The Intercept does do some truly excellent reporting, but they have some limitations that Wikileaks do not.

Anonymous Coward says:

Every time I accept a call from a inmate in prison on my cellphone, the GPS icon on my phone starts flashing. That’s what you call guilt by association. I know a convicted person, therefore I must be engaged in illegal activity too and warrentlessly GPS tracked through E911 features built into my phone.

I admit, there was a recording a few years ago from the local jail stating that by pressing 1 and accepting this call, I was “voluntarily” submitting to location tracking.

That was years ago. It appears if you give consent once, that means you’re giving consent to be location tracked for life.

Whatever (profile) says:

Not so simple

Here’s the problem with the story: There is no indication (not even the slightest) that shows that any client attorney priviledge was actually violated. Yes, the calls are records – all calls are recorded. The question unanswered and avoided here is how they handle those particular calls after they are recorded.

Remember, this is an automated system. I doubt they have hundreds or thousands of live operators sitting listening to every call as it happens and pushing the big “lawyer call” button to delete it. It’s way more likely that most calls are filed and never listened to at all, one way or another, and that calls are only actually listened to be a human if there is a specific request made through whatever process. At that point, they can weed out the lawyer calls as needed.

So hacking (against the law, you know) to get raw phone recordings isn’t exactly telling. In fact, it’s quite the opposite, suggesting the HACKERS may have violated the privileged communications. Oh, that would sting, wouldn’t it?

Ninja (profile) says:

Re: Not so simple

The calls should not be recorded. Period. Eben if they were not used there’s nothing preventing them from being used in the future. Of course, in your rosy land where everybody is happy and nobody is a tyrant you may be right.

So hacking (against the law, you know) to get raw phone recordings isn’t exactly telling. In fact, it’s quite the opposite, suggesting the HACKERS may have violated the privileged communications. Oh, that would sting, wouldn’t it?

You may be right but it’s yet more evidence these stored records should NOT exist. What if an interested party in the process (ie: the Government) decided to hack into the company and get said recordings? “Hey, look over there, something else!” does not help solve the issue. But it wouldn’t be you if you didn’t try it, no?

John Fenderson (profile) says:

Re: Not so simple

According to the company, they determine which calls are exempt based on the phone number involved. That’s entirely automatable and can avoid recording the call at all. No later review is necessary (and there’d be nothing to review.)

The company also says that the attorneys have to proactively inform them that they’re attorneys and their phone numbers. It’s possible that the recorded calls were with attorneys who failed to do this, I don’t know.

But even if there is no serious violation here, the outright financial abuse the company is engaging in is despicable.

Anonymous Coward says:

for profit prisons spying on private calls that could have the potential to send other people involved to prison. How on earth could they possibly profit by colluding with corrupt courts to send more people to prison using information that is obtained illegaly.

almost as if the justice system is more criminalized than the criminals they fight.

Elscorp (profile) says:



I have information concerning SECURUS and tha actual issue concerning attorney client privileged communications. The recent release from INTERCEPT is incorrect this has been going on with SECURUS since their inception. Take a look at U.S. vs Novak. The issue is much larger than anyone is talking about. In every facility in all state and federal cases that SECURUS provides service the discs for different inmates are ordered in 5-10% of all cases.

Every time the software was updated, even if any blocks had been placed to restrict recording, the blocks were wiped out for all attorneys and all privileged employees paralegals and private investigators working on cases across the entire country.

Across the country US Attorneys, State Attorneys, Alphabet agencies all received these calls and in not one case of them receiving privileged communications did they report it to SECURUS, the defendants council, or the Courts. Committing fraud on the courts in every case. In Colorado their has been a pattern of intentionally placing difficult cases and high profile cases by the US Attorneys office in SECURUS phone service facilities. I wonder why? This issue litterally effects 1,000’s of defendants in every state that SECURUS provides services to in both State and Federal facilities.

I can provide a list of Law Enforcement individuals including one ex FBI employee that if deposed can confirm all of the above. This problem has been going on much longer than 2011. It goes back to at least 2006. They were aware of problem in US vs Novak 2006, again they were notified in 2009/2010, and now once again. This is called a pattern and history of abuse. This is the largest violation of prisoner rights, civil rights, and wire tapping violations, it is also Fraud on the Courts in every case state or federal that it occurred in.

If you would like to discuss further please feel free to contact me. Otherwise I plan to discuss with Plaintiffs counsel and the press.
Lance C. Migliaccio


Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...