A 15-Month Fight for Subscriber Information

The WSJ today presents a Whodunnit behind an NSL submitted to a cell company in spring 2011.

Early last year, the Federal Bureau of Investigation sent a secret letter to a phone company demanding that it turn over customer records for an investigation. The phone company then did something almost unheard of: It fought the letter in court.

The U.S. Department of Justice fired back with a serious accusation. It filed a civil complaint claiming that the company, by not handing over its files, was interfering “with the United States’ sovereign interests” in national security.

This is just the second time a challenge to an NSL has become public–the other being Calyx’s Nicholas Merrill, whom the WSJ also profiles this morning.

WSJ makes a compelling argument the company challenging the NSL is Credo, based in part on details that reveal the company has associational aspects in addition to its phone service. Assuming they’re right, I find it all the more interesting Credo is challenging not just the gag on this NSL, but the underlying order, particularly since the order asks for just the subscriber information–but not the call data–of the subscriber.

all subscriber information, limited to name, address, and length of service, for all services provided to or accounts held by the named subscriber and/or subscriber of the named account.

That is, this is by far the least invasive kind of NSL. Note, information elsewhere in this case is consistent with the possibility that this order seeks information on a group and not just an individual, though that may be boilerplate.

I’d be shocked if this were the first NSL Credo received, so there must be something about the request that makes it particularly worthwhile, from a Constitutional standpoint, to challenge (indeed, thus far a judge has not thrown out their challenge, so the possibility this subscriber is tied to a national security investigation can’t be obvious).

Credo may, after all, be challenging the order to protect the political speech of someone who has chosen to work with Credo because the company supports social causes. Or, if this is a group, it might be challenging an NSL to find out about the group’s recognizably political activities–though subscriber information doesn’t say much about that, unless this NSL would return, effectively, a membership list of a political organization.

But I’m wondering if Credo is also serving as a gate-keeper here. Credo doesn’t own its own lines; it’s just a reseller. And unless something has changed, it resells Sprint’s services. And Sprint is unique–at least as far as we know–for having set up a portal, L-Site, letting law enforcement access information, including precision location, directly.

I attended an invitation-only surveillance industry conference in Washington DC. It was at that event where I recorded an executive from Sprint bragging about the 8 million GPS queries his company delivered via a special website to law enforcement agencies in a 13 month period.

At that same event, Paul W. Taylor, the manager of Sprint/Nextel’s Electronic Surveillance team revealed that the wireless carrier also provides a next-generation surveillance API to law enforcement agencies, allowing them to automate and digitally submit their requests for user data:

“We have actually our LSite [Application Programming Interface (API)] is, there is no agreement that you have to sign. We give it to every single law enforcement manufacturer, the vendors, the law enforcement collection system vendors, we also give it to our CALEA vendors, and we’ve given it to the FBI, we’ve given it to NYPD, to the Drug Enforcement Agency. We have a pilot program with them, where they have a subpoena generation system in-house where their agents actually sit down and enter case data, it gets approved by the head guy at the office, and then from there, it gets electronically sent to Sprint, and we get it … So, the DEA is using this, they’re sending a lot and the turn-around time is 12-24 hours. So we see a lot of uses there.”

This case is noteworthy because it is a rare public challenge. It’s noteworthy because the government has claimed the telecom has no legal means to challenge the NSL.

But there seems to be more to the challenge which, given the likelihood WSJ correctly identified Credo as the company, seems to get at underlying political speech as well.

Tweet about this on Twitter0Share on Reddit0Share on Facebook0Google+0Email to someone

4 Responses to A 15-Month Fight for Subscriber Information

Emptywheel Twitterverse
bmaz @howappealing Sweet. Congratulations!
2hreplyretweetfavorite
bmaz RT @froomkin: Why is it not huge news when Israel kills UN personnel with impunity? Because it happens so often? Read @MazMHussain https://…
2hreplyretweetfavorite
emptywheel @SarahKnuckey Thing is, NYPD has long history of using CT team on protests. CF Tony Bologna. @trevortimm
3hreplyretweetfavorite
emptywheel I'm really saddened that the IPA scene in Seattle has been degraded such that @AllThingsHLS can't even bet Super Bowl w/@caidid much less me
3hreplyretweetfavorite
emptywheel @caidid They've inflated his, um, ball number. @AllThingsHLS
3hreplyretweetfavorite
emptywheel Hey @pourmecoffee! @ChuckGrassley is branching out from his NIU code. https://t.co/wU4MY2aYS0
3hreplyretweetfavorite
emptywheel Why does @ComcastSucks_ have so much of a harder time delivering toobz to my house on wires than Verizon on air?
3hreplyretweetfavorite
emptywheel @onekade Witness the license database. Didn't you, uh, tell us it was still there? (Whatev. Go back to your hangover) @caidid
3hreplyretweetfavorite
emptywheel @onekade Sure. But your cop bullshitery monitor is so finely tuned, it usu precedes MSM outrage by months. @caidid
3hreplyretweetfavorite
emptywheel @caidid and yet ... no serious press is going "HOLYSHIT DID BRATTON REALLY SAY THAT?!?!"
4hreplyretweetfavorite
bmaz @Thomas_Drake1 @MarkSZaidEsq @JesselynRadack @emptywheel @BradMossEsq Haven't seen any defamation though.
4hreplyretweetfavorite
bmaz @Thomas_Drake1 @MarkSZaidEsq @JesselynRadack @emptywheel @BradMossEsq ...testimony about me. I can understand being touchy about it.
4hreplyretweetfavorite