You’ve probably heard that every level of law enforcement (as well as our friends at the military NSA) is tracking cell phones — a lot. In many cases, these requests are conducted under authorities that grant prosecutors and police the power to conduct broad fishing expeditions into our private lives. No warrant? No problem.
But how many people are affected by this surveillance-gone-wild, exactly? Thanks to Massachusetts Democrat Ed Markey, we now have a clearer window onto the full picture.
Senator Ed Markey knows that advocacy groups like the ACLU can’t get accurate figures on precisely how often state, local, and federal law enforcement demand access to our private cell phone information. That’s because freedom of information laws don’t grant the public access to information held by private companies. Therefore the only way for the ACLU to request information like this is to ask police departments nationwide, department by department. We tried that a couple of years ago and got good results, but since we didn’t —and practically speaking, couldn’t — ask every single agency in the country for records, the results were a mere sampling. We couldn’t get raw numbers to understand exactly how common are these surveillance demands.
That’s why the Senator’s help is so, well, helpful. Using his gravitas as a member of congress, he has twice sent letters to cell phone companies asking them to disclose how many law enforcement demands they received in 2012, as well as details about those requests. The documents Senator Markey released today reaffirm what we learned from the last batch: police are very hungry for the revealing information about us held by our mobile phone carriers.
My colleague Catherine Crump describes the significance of the documents for Slate:
Seven companies provided information in response to the inquiry. The letters Markey received, which were covered today in the Boston Globe, Washington Post, and New York Times, show that the quantity of requests for these records is staggering. T-Mobile and AT&T together received nearly 600,000 requests for customer information in 2012. AT&T has to employ more than 100 full-time workers to process them. And police demand for our call records is growing rapidly, with requests to Verizon doubling in the last five years.
It used to be impossible for law enforcement agents to monitor all of the people all of the time, but now our cellphone carriers do it for them. The contents of the communications aren’t even necessary for law enforcement to glean insight into you. The carriers also know whom you call and text, and they hold on to that information for years. These records reveal your social network and hint at the nature of those connections. The relationship you have with someone you text repeatedly at 2 a.m. is not the same as the relationship you have with someone you call once a week on Sunday afternoons.
As for anyone who says they have "nothing to hide": let me know if I can borrow your phone for a couple of hours, just to go through it looking for interesting stuff.
The documents released today by Senator Markey provide more insight into a growing problem: warrantless police access to sensitive information about our movements, communications, and associations. But they also made me scratch my head in confusion.
In the age of nearly unlimited, cheap data storage, how long do the companies keep this private information about us, their customers? The details vary by company and by data type, ranging from no storage at all (AT&T says it doesn’t keep text messages) to seven years (the length of time AT&T keeps subscriber information, after you’ve canceled your service).
In its letter to Senator Markey, AT&T claims that it keeps call detail records (CDRs) for five years. These are the records the NSA and FBI routinely suck up with a FISC-authorized vacuum cleaner — records showing who we call and when, and how long our calls last. Five years is a long time. Just imagine how surprised you’d be to see the details of your former life — friends from another city, old jobs and acquaintances, your former lovers — if you were handed a social map created by mining your call detail records over a five year period.
But I digress. No, the significance of this data isn’t what has me confused. I’m confused because according to a New York Times report from September 2013, AT&T pays employees to sit with Drug Enforcement Agency units, where the company provides drug warriors with access to “phone data from as far back as 1987.” According to the Times, this program “The Hemisphere Project”, “covers every call that passes through an AT&T switch — not just those made by AT&T customers — and includes calls dating back 26 years.”
Wait a second. Which is it, AT&T? Do you retain call detail records for five years, or forever?
Either way, it’s past time that state and federal lawmakers upgraded privacy law to bring it into the 21st century. As it stands, police can get much of our private email and text message content without a warrant. Only two states in the country — Maine and Montana — have laws requiring police to get a warrant to track your movements through your cell phone. It’s time our laws reflected the world we live in now, instead of the big hair era.
Thanks to Senator Markey, we now have more evidence that the balance between law enforcement needs and the rights of individuals has been fundamentally upset when it comes to electronic surveillance. Instead of waiting for courts to address the problem, which is creating a patchwork of inconsistent rules nationwide, congress and state legislatures need to act right away to begin to restore that balance.
“Get a warrant” is not exactly a radical proposal, and should be the default option for electronic surveillance in the 21st century. Tell your lawmakers to support ECPA reform now.