Privacy SOS

‘Operation Hemisphere’ is the logical conclusion of pernicious administrative subpoena laws

The New York Times reports that the Drug Enforcement Agency has a special relationship with telecom giant AT&T, granting drug warriors at the local, state and federal levels access to 26 years of Americans’ phone records — all without warrants. The story highlights the now widespread use of a pernicious investigative tool to obtain access to the troves of data that companies retain about their customers: the administrative subpoena

The program disclosed by the NYT, called ‘Operation Hemisphere’, operates at ‘High Intensity Drug Trafficking Area’ or HIDTA fusion centers in Hawaii, Nevada, California, the Northwest, and Arizona. AT&T employees sit side by side with local detectives and federal agents, giving them nearly immediate access to tap into billions of our private call records. The program sucks up the phone records of four billion communications per day, including those about non-AT&T customers.

The NYT report about the DEA-AT&T partnership is based off of a slide presentation obtained via public records requests from police on the West Coast. The presentation describes how agents can access call records just an hour old, and obtain not simply subscriber information and communications records but also location information pinged from target cell phones. The information in the database goes all the way back to 1987. That’s odd, because the Department of Justice released a document to the ACLU a few years ago showing that AT&T only holds onto call records for 5-7 years. Apparently that isn’t true.

What’s an ‘administrative subpoena’? Who cares?

Instead of applying to a judge to get a warrant to access call records, prosecutors at every level of government can simply fill out a form called an ‘administrative subpoena’ and submit it to telecoms and internet companies. In exchange the state receives volumes of information about us and our communications or online activities. No probable cause or judicial oversight is required during this process, and the companies that receive the subpoenas almost never challenge them — with notable exceptions. That means the people who are targeted by this warrantless surveillance most likely won’t know about it and therefore will never have an opportunity to challenge the subpoena in court before the records are turned over.

The new information about the DEA surveillance program is further evidence that this state secrecy is intentional. The powerpoint presentation describes how agents hide the existence of Operation Hemisphere from the public and from criminal defendants. If agent X finds something interesting about target Y using Hemisphere, she can go back and subpoena the records through the normal business procedures, without using the Hemisphere database. In this way, she can ‘reconstruct’ the investigation without mentioning the secretive program. The slide describes it like this:

Protecting the Program: When a complete set of [Call Detail Records] are subpoenaed from the  carrier, then all memorialized references to relevant and pertinent calls can be attributed to the carrier’s records, thus “walling off” the information obtained from Hemisphere. In other words, Hemisphere can easily be protected if it is used as a pointer system to uncover relevant numbers.

In special cases, we realize that it might not be possible to obtain subpoenaed phone records that will “wall off” Hemisphere. In these special circumstances, the Hemisphere analyst should be contacted immediately. The analyst will work with the investigator and request a separate subpoena to AT&T.

All requestors are instructed to never refer to Hemisphere in any official document. If there is no alternative to referencing a Hemisphere request, then the results should be referenced as information obtained from an AT&T subpoena.

Investigators want to keep secret the existence of Operation Hemisphere for the same reason that the DEA wanted to keep secret its tapping into the NSA’s databases, the NSA wants to keep secret its mass surveillance, and the NYPD wants to keep secret its COINTELPRO-like spying operations directed at Muslims: The government is afraid that people will act to change policy, to take power away from the authorities, if they find out how it is being used. So in effect, it is actually the government which “has something to hide,” because it is afraid of the wrath of the governed.

That’s unacceptable in a democracy. And not coincidentally, so are administrative subpoenas.

Administrative subpoenas are a silent privacy killer. Largely unknown to the public, they grant prosecutors broad authority to obtain our private information without any evidence that we are involved in criminal activity. All prosecutors have to do is sign their names, promising that the records they seek are relevant to an investigation. As any lawyer will tell you, relevance is barely a standard at all. 

To the contrary, the relevance standard governing administrative subpoenas is essentially a tautology: If a prosecutor wants to see it, it’s relevant to an investigation. After all, prosecutors investigate crimes. So if the prosecutor is doing it, it must be relevant. Wash, rinse, repeat: in secret.

The process is so bureaucratic, as opposed to judicious, that here in Massachusetts a secretary was filling them out and filing them without even a signature from a prosecutor. Administrative subpoenas are that routine, and their use is hardly monitored at all, making them the perfect tool for inappropriate or even abusive prosecutorial fishing expeditions.

It should take a lot more than a prosecutor’s say-so for the government to be able to pry into our private lives. The story about the DEA’s ‘Operation Hemisphere’ collaboration with AT&T shocks because it means that the drug warriors have more information about our phone records than does the all-mighty NSA, which reportedly retains call records for five years. But it shouldn’t come as such a shock. If we give the state a powerful investigatory tool to exercise in the dark, we shouldn’t be surprised to find that authorities are using it at full throttle. 

Administrative subpoenas are dangerous tools ripe for abuse. If police and prosecutors want to find out who we talk to or where we go, they should get a warrant. The probable cause warrant standard has worked well for our country for over two hundred years, and cell phones need not change that. 

We are working hard to repeal the administrative subpoena statute here in Massachusetts, because even before stories like this started coming out, we knew where this kind of warrantless surveillance would lead. Join us in telling legislators to ensure the police and prosecutors get warrants before prying into our private lives. The rights you save may be your own.

© 2021 ACLU of Massachusetts.