On September 1, 2013, the New York Times reported on a previously secret government program called “Hemisphere,” which is the largest telephone record collection program reported to date. According to the Times and a Hemisphere training PowerPoint obtained by the paper, Hemisphere allows law enforcement personnel in multiple agencies to access billions of phone records of AT&T customers, as well as any non-customers whose communication is routed through an AT&T switch; unlike the controversial NSA phone records collection program, Hemisphere also includes location information. A government subpoena to AT&T will retrieve CDRs on calls made as recently as one hour before the request was approved, and as far back as 1987.
The program, which has been in operation since at least 2007 and is funded by the Drug Enforcement Agency (“DEA”) and the White House’s Office of National Drug Control Policy, supplies “electronic call detail records” in response to both administrative and grand jury subpoenas. Every day, AT&T adds 4 billion new records to the Hemisphere database, which is used primarily for counternarcotics investigations, but is also used for a variety of other law enforcement activities.
Although the records are stored by AT&T, four of the company’s staff are paid by the program. Columbia Law professor Daniel C. Richman told the Times that “[e]ven though the data resides with AT&T, the deep interest and involvement of the government in its storage may raise constitutional issues.” Additionally, the government uses an algorithm, untethered to judicial authority, to determine which phone records to subpoena. EPIC President Marc Rotenberg noted to the Associated Press that Hemisphere “raises several privacy concerns, including that if a query returns call records that are similar to, but not, those of the suspect, agents could be reviewing call records of people who haven’t done anything wrong.”
The Hemisphere Program raises at least two complementary issues that are of substantial and longstanding concern to EPIC: domestic surveillance and private corporations’ disclosure of telephone records without judicial review.
First, EPIC is extremely active in matters of domestic surveillance. For example, in 2012, EPIC President Marc Rotenberg testified on the need for increased oversight and transparency before the House Committee on the Judiciary Subcommittee on Crime, Terrorism, and Homeland Security, which was discussing reauthorization of the FISA Amendment Act of 2008.
Additionally, EPIC filed an amicus brief with the Supreme Court in the case of Clapper v. Amnesty International USA concerning the NSA’s surveillance and collection of domestic communications. EPIC has also reported extensively on fusion centers, which aggregate information on civilians in secret databases. The degree of EPIC’s interest in surveillance issues is indicated by the amount of attention given to them at EPIC.org, which contains many pages devoted to informing the public about developments regarding the NSA phone record surveillance program, wiretapping, FISA, FISC, the USA PATRIOT Act, telephone call monitoring, and locational privacy.
Second, a substantial amount of EPIC’s work has been directed at defending the privacy of telephone records. For example, EPIC filed a successful petition to the Federal Communications Commission (FCC) concerning the illegal sale of telephone records. The FCC responded to our petition with a new order and proposed rulemaking that established limitations on the disclosure of information. As another example, in Conboy v. AT&T, a case concerning the disclosure of unlisted number, home address and telephone billing information, we argued that courts have recognized the harm that flows from the unauthorized disclosure of personal information and have expanded privacy protections in response to new threats to this fundamental right. In our efforts to defend the privacy of telephone records from unauthorized access, EPIC has recognized the importance of the neutral review offered by judicial process, which is a key issue with the Hemisphere Program.
EPIC’s Freedom of Information Act Request
On September 25, 2013, EPIC submitted FOIA requests asking for:
1) All Hemisphere training modules, request forms, and similar final guidance documents that are used in the day-to-day operation of the program;
2) Any analyses, memos, opinions, or other communications that discuss the legal basis of the program;
3) Any analyses, memos, opinions, or other communications that discuss the privacy impact of the program; and
4) Any presentations, analyses, memos, opinions or other communications for Congress that cover Hemisphere’s operations.