By John Gruber
WorkOS: APIs to ship SSO, SCIM, FGA, and User Management in minutes. Check out their launch week.
Dell Cameron and Dhruv Mehrotra, reporting for Wired:
A little-known surveillance program tracks more than a trillion domestic phone records within the United States each year, according to a letter Wired obtained that was sent by US senator Ron Wyden to the Department of Justice (DOJ) on Sunday, challenging the program’s legality.
According to the letter, a surveillance program now known as Data Analytical Services (DAS) has for more than a decade allowed federal, state, and local law enforcement agencies to mine the details of Americans’ calls, analyzing the phone records of countless people who are not suspected of any crime, including victims. Using a technique known as chain analysis, the program targets not only those in direct phone contact with a criminal suspect but anyone with whom those individuals have been in contact as well.
The DAS program, formerly known as Hemisphere, is run in coordination with the telecom giant AT&T, which captures and conducts analysis of US call records for law enforcement agencies, from local police and sheriffs’ departments to US customs offices and postal inspectors across the country, according to a White House memo reviewed by Wired. Records show that the White House has, for the past decade, provided more than $6 million to the program, which allows the targeting of the records of any calls that use AT&T’s infrastructure — a maze of routers and switches that crisscross the United States.
In a letter to US attorney general Merrick Garland on Sunday, Wyden wrote that he had “serious concerns about the legality” of the DAS program, adding that “troubling information” he’d received “would justifiably outrage many Americans and other members of Congress.” That information, which Wyden says the DOJ confidentially provided to him, is considered “sensitive but unclassified” by the US government, meaning that while it poses no risk to national security, federal officials, like Wyden, are forbidden from disclosing it to the public, according to the senator’s letter.
Ron Wyden and his office are indispensable on matters related to government surveillance. A few non-obvious aspects worth considering regarding the DAS/Hemisphere program:
The information collected by DAS includes location data.
This is not just about AT&T wireless customers and their phone calls. This is related to the entire U.S. phone system infrastructure — the old Ma Bell. Landline calls and calls from Verizon and T-Mobile cellular customers get routed through this AT&T system, and are thus surveilled by this same system. You can use over-the-top services like iMessage, FaceTime, WhatsApp, or Signal to avoid DAS, but if you place calls using the traditional phone system, you could be impacted even if you’re not an AT&T customer — and you won’t ever know, because you have no idea how your phone calls are routed.
It is completely unclear to me whether DAS/Hemisphere collects text messages — SMS, MMS, RCS — in addition to voice calls. I’ve spent my afternoon trying to find out, and the only answer I’ve gotten is it’s unclear. I hope text messages are not included, but until we get a definitive answer, it’s only safe to assume that text messages are included. (If anyone reading this knows whether DAS includes text message records, please let me know.)
★ Tuesday, 21 November 2023