The Guardian is reporting that during President Obama’s administration, and for the first time, millions of telephone records are being collected wholesale without any need for probable cause or suspicion.
Most of the information is being harvested through a court order, obtained exclusively by the Guardian, that specifically requires Verizon Wireless, the largest wireless network in the U.S., to give the National Security Agency on “an ongoing daily basis” records of all phone calls that occur on its network “wholly within the United States” from April 25 until July 19.
Anything considered “metadata” was fair game. Metadata includes, according to the order, the originating and terminating telephone number, the International Mobile Subscriber Identity (IMSI) number, the International Mobile station Equipment Identity (IMEI) number, trunk identifier, telephone calling card numbers, and the time and duration of the call.
Besides the shock of the NSA having obtained (and still obtaining) countless domestic phone calls and records, the fact that the IMEI is attainable in the first place is even more stunning. The IMEI is the number that identifies a mobile phone (and the network it’s on), usually used to protect the phone against theft. If the phone is stolen, it can be disabled via the network, adding its IMEI onto a database of blacklisted phones called the Central Equipment Identity Register (CEIR).
The IMSI is used to acquire the details of the mobile phone in the Home Location Register (HLR) or the Visitor Location Register (VLR). For more details, read the link, but the basic idea here is that the HLR is a database of permanent subscriber information for a mobile network, while the VLR is a database that is unnecessarily complicated. Read this if you care. It’s a way to track the phone’s whereabouts.
The point is that obtaining this information from all of Verizon’s customers, regardless of any suspicion, is an intrusion that is completely unnecessary. It’s also unknown how court orders occurred and if other phone companies have been ordered to do the same thing.
Phone privacy is a relatively unknown and undefined world, especially with the exponential rise of cell phone owners during the late 90s and early 00s, and the latest crazes such as smartphones and tablets. There is a lot of information floating around in the palms of our hands that is easily attainable by wireless service providers, and there are virtually no black and white laws on obtaining warrants for any of that information, whether it be a text, phone call or your location.
Add to that an ambitious trend in cyber-spying that started with the Bush administration and now officially has spilled over into the Obama administration (surprise!), and there is a spectacular mash-up of undefined laws and unknown technologies that should cause quite the nerdy fireworks this summer.
However, if the Washington Post is correct, this latest snoop job could be perfectly legal under the Patriot Act:
The order falls under Section 215 of the Patriot Act, which authorizes the government to make broad demands on telephone carriers for information about calls. In this case, the order requires Verizon to provide “ongoing, daily” information about “all call detail records . . . created by Verizon for communications between the United States and abroad; or wholly within the United States, including local telephone calls.”
Also worth noting: According to the Guardian article, “metadata” has never needed a warrant because it is considered transactional, not communicational. This means it technically doesn’t include the content of messages or the personal information of the subscriber, though it does include the location and duration of the call, as well as all the corresponding information about the phones used.
Regardless of the attempts and upcoming attempts from the Obama administration to justify these actions, I still would like to see more concrete definition in the realm of cyber-warrants and law. Our technology has gotten too big for our legal britches, and instances like these reveal the scary side of leaving cyberspace laws unclear or at the mercy of an executive order.
