• United States



4 billion call records added daily to AT&T database for DEA phone surveillance

Sep 03, 20135 mins
Cellular NetworksData and Information SecurityMicrosoft

AT&T works for a secret DEA Hemisphere surveillance project, storing phone call records and adding four billion daily call records to a database that is even bigger than the NSA's.

If you don’t like that the NSA stores phone data for five years, then you definitely won’t appreciate that the DEA has data on phone calls from as far back as 1987. You can thank AT&T for that as the telecom giant is paid by the government to have its employees work on the Hemisphere Project next to law enforcement agents in government offices. It gives new meaning to the “rethink possible” marketing tagline.

Peace activist Drew Hendricks obtained a Hemisphere PowerPoint presentation — AT&T training slides showing that Hemisphere, part of the High Intensity Drug Trafficking Areas (HIDTA) program, started in 2007. However, the Hemisphere project is now used by the DEA, DHS and FBI. The New York Times reported:

Hemisphere covers every call that passes through an AT&T switch – not just those made by AT&T customers – and includes calls dating back 26 years, according to Hemisphere training slides bearing the logo of the White House Office of National Drug Control Policy. Some four billion call records are added to the database every day, the slides say; technical specialists say a single call may generate more than one record. Unlike the N.S.A. data, the Hemisphere data includes information on the locations of callers.

It started as a more “efficient” way for AT&T to respond to subpoenas about its customers’ phone records, but now “the scale and longevity of the data storage appears to be unmatched by other government programs, including the NSA’s gathering of phone call logs under the Patriot Act.” It can even search for replacements of “dropped” phones. The Hemisphere project “is queried for phone numbers of interest mainly using what are called ‘administrative subpoenas,’ those issued not by a grand jury or a judge but by a federal agency, in this case the DEA.”

Justice Department spokesman Brian Fallon emphasized the fact that the phone company, not the government, stores the phone records. Maybe that is supposed to make you feel better, but it “certainly raises profound privacy concerns,” as the ACLU’s Jameel Jaffer’s pointed out. “The integration of government agents into the process means there are serious Fourth Amendment concerns.”

Hemisphere documentation states, “All requestors are instructed to never refer to Hemisphere in any official document.” That may sound familiar since it was revealed a month ago that the DEA said the same thing about its “secret” Special Operations Division (SOD) unit.

The DEA SOD unit funnels “information from intelligence intercepts, wiretaps, informants and a massive database of telephone records to authorities across the nation to help them launch criminal investigations of Americans.” SOD has two-dozen partner agencies, including the FBI, CIA, NSA, IRS and DHS, but that seems like a deceivingly low number since DICE, the SOD database, can be accessed by “about 10,000 federal, state and local law enforcement agents.”

DICE “contains about 1 billion records” and includes “tips from overseas NSA intercepts, informants, foreign law enforcement partners and domestic wiretaps.” Although the cases “rarely involve national security issues,” LEA agents are told “to conceal how such investigations truly begin – not only from defense lawyers but also sometimes from prosecutors and judges.”

It remains to be seen if law enforcement will switch from using the DEA’s Hemisphere Project to a newly developed “undetectable” forensic method to track and wiretap GSM cellphones. Not all U.S. wireless service providers use the GSM standard, but AT&T and T-Mobile do.

Criminals know that law enforcement can target a cellphone for lawful interception wiretapping if they have the International Mobile Station Equipment Identity number (IMEI). Bad actors commonly use burner phones, “swap out SIM cards, and/or spoof IMEI so law enforcement cannot track or wiretap their phones.” However, a team of German computer scientists developed a forensic method “to identify phones in GSM networks even if crooks take steps to thwart being tracked.” The team of researchers told New Scientist, “Our method does not send anything to the mobile phones. It works completely passively and just listens to the ongoing transmissions of a mobile phone – it cannot be detected.”

Like this? Here’s more posts:

Follow me on Twitter @PrivacyFanatic

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.