The Phone Company and the Feds — a Buddy Movie from Hell
For over 65 years, this private-public alliance has partnered in surveillance, changing the laws when they seemed to get in the way. Will this story ever change?
This month’s news that AT&T has evidenced “extreme willingness to help” the NSA collect, filter, analyze, and disseminate billions of communications by Americans wasn’t particularly surprising. After all, the giant phone company has been tightly involved with America’s national security operations for decades.
The obvious next question: Who will get to boss whom around? I offer three data points that may help us find an answer.
The first involves antitrust, and the strange resolution of the executive branch’s balancing of two different government interests involving the phone company. Back in 1949, AT&T, then also known as the Bell System, had complete dominion over phone service in the U.S. So it was a big deal when AT&T insisted on buying all of its phones from a single supplier: Western Electric, which just happened to be one of its subsidiaries. The Antitrust Division of the Department of Justice was concerned that AT&T was inflating Western Electric’s phone prices in order to charge subscribers more, and sued to force the company to divest that manufacturing subsidiary.
At about the same time that lawsuit was filed, however, the government came to AT&T to ask a favor. The Atomic Energy Commission needed an institution to manage the national atomic bomb stockpile in New Mexico, and asked AT&T. The company pointed out to the Chairman of the AEC that the DOJ’s antitrust lawsuit “seeks to terminate the very same Western Electric-Bell Laboratories-Bell System relationship which gives our organization the unique qualifications to which you refer” in asking that the Bell System manage the atomic material. AT&T then took over operation of the production of atomic weapons and continued to manage the stockpile for 25 years.
The antitrust lawsuit dribbled on, the Cold War continued, and the Eisenhower administration came in — but now the phone company had much more leverage. By 1952, it seemed to the Eisenhower team that it would be a good idea to gracefully get rid of the antitrust suit. Attorney General Herbert Brownell met with the AT&T general counsel in July 1953 at the Greenbrier Hotel in White Sulphur Springs, West Virginia; there, the general counsel reminded Brownell of AT&T’s “contribution to the national defense,” and Brownell said “a way ought to be found to get rid of the case” by agreeing to practices that could be enjoined with “no real injury” to the AT&T business. The Department of Defense strongly supported AT&T’s request to be free of the antitrust suit. And it was settled, without a divestiture remedy.
The second data point occurred in the beginning of the 21st century. (By then, thanks to a series of mergers, the “AT&T” giant that had been broken apart in 1984 had essentially re-formed as a telecom giant.) At that time, AT&T employee Mark Klein was a Computer Network Associate working at a company facility in San Francisco. Klein noticed that a secure room, about 24 feet wide by 48 feet long, was being built next to the room housing the main switch — the physical set of computers transferring data from one network to another — and that access to that secure room was extremely limited. Only employees cleared by the NSA could enter the secure room.
Klein also noticed that the signals from that switch’s optical circuits were being split, with a mirror image of the data they carried going into the secure room. Because he knew what was going on inside the switch, he could tell that copies of communications from and to many ISPs were being transferred to the secure room. He also learned that similar “splitter cabinets” were being installed in other cities, including Seattle, San Jose, Los Angeles, and San Diego.
In July 2008, after EFF sued AT&T on behalf of AT&T subscribers for what appeared to be — based on Klein’s report — massive, illegal wiretapping of American communications, Congress promptly moved to award AT&T retroactive immunity from any liability in connection with the government’s warrantless wiretapping.
Here’s the last and most recent story. In 2010, the Inspector General for the Department of Justice — the watchdog inside the agency — issued two extraordinary reports documenting the close relationship between communications service providers, primarily what it referred to as “Company A,” and the FBI in unlawfully obtaining non-content telephone records from 2003 to 2007. Together, the FBI and Company A had created an informal “exigent letter” process for getting this information to the FBI. The process violated the Electronic Communications Privacy Act, DOJ guidelines, and internal FBI policy; the letters themselves made factual misstatements and often couldn’t be matched to an investigation — a requirement under the law.
“Company A,” of course, was AT&T.
The OIG also reported that, often, Company A’s employees simply let FBI personnel look over their shoulders for “sneak peeks” — no letters used at all — at calling-activity information. Totally illegal. This wasn’t physically difficult: Company A employees, their computers hooked up to Company A’s databases, were co-located at FBI offices. Everyone was in the same space. The Company A personnel had FBI email accounts, called themselves “Team USA” members, and went to happy hours with their FBI colleagues.
Company A wasn’t just sharing data with the FBI. It was also analyzing patterns and preparing visual presentations based on what it saw. Company A employees generated “exigent letters” for FBI employees to sign — letters asserting that an emergency mandated release of the data. It was sort of a three-ring circus of irregular practices: the FBI personnel weren’t getting any guidance about the lawfulness of these letters, didn’t keep copies of them, couldn’t track them, and didn’t understand what they meant. Meanwhile, Company A employees were speedy, constantly available, technically adept, and undeniably helpful.
Ryan Singel, reporting for Wired, revealed that after the OIG reports came out the entire process was retroactively legalized.
Back to the present. Thanks to The New York Times and ProPublica, we’re looking at yet another instance of AT&T’s helpfulness: collecting, filtering, analyzing, and reporting data about American communications. The government may say that because it was AT&T doing the snooping, any Fourth Amendment strictures — applying to government actors, in general, and not to private parties — don’t matter. It also often takes the position that whatever AT&T does at its behest is a “state secret,” and thus the courts should simply not get involved. AT&T is already signaling that it will argue it hasn’t violated the law because voluntary disclosure of this information was necessary in order to protect American lives threatened by terrorism.
There will be bundles of legal arguments. EFF will point out that NSA can’t wash its Fourth Amendment obligations away by shifting its operations to a private company. And it seems dubious that a relationship on the front page of The New York Times can continue to be a “state secret.”
But if history is our guide, AT&T will sternly declaim, as it always does, how central these invasions of privacy are to the country’s national defense. Someone will suggest that a settlement or some crazy form of retroactive, reverse-double-backflip immunity makes total sense in this context. And we’ll be back in our lawless, might-makes-right swamp all over again.
We really haven’t moved much since 1949. Behind closed doors, AT&T treats government as, at best, a peer. The NYT/ProPublica-revealed documents make this clear: NSA employees are told not to think of this relationship as contractual. It’s a “partnership.” It’s a “unique Government/Partner relationship.”
AT&T and our government are not, and should not be, peers plotting how to avoid existing legal constraints by collaborating. But that seems to be what happens, over and over again.
What’s the solution? The clear, accessible explanations of the independent Privacy and Civil Liberties Oversight Board have shone a bright light on the implementation of some of our national security surveillance programs. At least we’re now able to talk about (part of) what’s happening, and how legal it is. The only way we’ll get through this is to continue to support the PCLOB, continue the legal dialogue, and remember, always, that companies are subject to the rule of law.
And not the other way around.