Forget the NSA: Police May be a Greater Threat to Privacy

Written by Victor E. Kappeler, Ph.D.

While revelations of domestic spying by the National Security Administration (NSA) have captured media and public attention, far less coverage has been given to the growing number of invasions of privacy by local and state police agencies. A recent report by the Verizon Corporation (2014), disclosed an unprecedented and growing number of police requests for information about Americans’ private communications. Although the report reveals massive surveillance and information review by police, the report was not met with the same media frenzy afforded disclosures of the NSA metadata collection program. In many ways, however, the growing number of police requests for private communications information can be more consequential and involve more extensive invasions of personal privacy than some NSA activities.

The Verizon Corporation’s report shows that in the last year alone, American law enforcement officials made at least 321,545 requests for private information about their customers. This is the number of requests police officials made to a single communications company in just one year. These requests for information about Verizon customers were categorized by predication as court orders, warrants, subpoenas and “emergency situations.” The reported number of requests by law enforcement during 2013 and their categorization is presented in the table below.

Of the 321,545 law enforcement requests made to Verizon, 54,200 of these requests were for “content” or “location” information—not just cell phone numbers or IP addresses. Content information included the actual text of messages, emails and the wiretapping of voice or messaging content in real-time. Location information usually consisted of either information about a customer’s cell phone keying of communications towers or a “cell tower dump” of data that included all of the numbers and names of people who connected to a specific tower during a particular timeframe (AT&T, Verizon and Sprint together gave police more than 9,000 cell tower data dumps in 2012).

Verizon also reported they received between 1,000 and 2,000 National Security Letters (NSL). An NSL is a request by the Federal Bureau of Investigation (FBI) for information relevant to a national security investigation. These letters often contain non-disclosure directives. Companies like Verizon are restricted from releasing the actual number of security letters they receive, but can apparently report a range. While it is impossible to determine the actual number of requests made by federal law enforcement officials, it is a safe bet that local and state police, as opposed to national spy agencies and federal law enforcement, made the vast majority of all requests for private customer information.

Law Enforcement Demands for Customer Data — United States (2013)

Subpoenas

164,184

Orders

70,665

 

62,857 General Orders

 

6,312 Pen Registers/ Trap & Trace Orders

 

1,496 Wiretap Orders

 

Warrants

36,696

Emergency Requests From Law Enforcement

50,000 (approximately)

To understand the threat to privacy that the Verizon report illustrates, one has to put the company’s disclosures in a broader context. The Verizon report drastically underestimates the massive invasion of privacy by law enforcement and is silent on how police use the information they obtain from such requests.

First, one has to take into account critical information about Verizon and how the company’s disclosure underestimates the magnitude of police invasions of privacy. Verizon is one of America’s largest broadband and telecommunications companies, generating more than 106.6 billion in revenues annually. The company controls about 101.2 million wireless connections in the United States and has more than 94 million wireless customers. According to the CTIA Wireless Association (2013) there are about 326.4 million wireless subscriber connections in the US and more than 290 million wireless users. Although the percentages vary, Verizon’s share of this market represents about 30 percent of all wireless connections and about 32 percent of all wireless users. One must keep in mind that connections are not users and many people share Internet connections or cell phones. Based on these crude figures and assuming that law enforcement requests for private information are evenly dispersed across all telecommunication companies, police may be requesting private information on over a million connections every year—and that number is growing annually (see also, Huffington Post 2014). This, however, is only the tip of the proverbial iceberg, because no one knows the actual number of people who have had their privacy invaded, or for that matter the depth of the invasion, based on requests by police.

Second, one has to take into account information about law enforcement and the criminal investigative process to illustrate the scope of privacy invasions. While some people may take comfort knowing that many of the requests by police officials for private information were made based on the issuance of a warrant or court order (presumably supported by probable cause) criminal investigations rarely stop at or are limited to reviewing information obtained from judicially approved requests. Also, many communications companies, like AT&T will provide police with information without a warrant (see, Huffington Post, 2014) and one should keep in mind that AT&T, Sprint Nextel and Verizon are the very companies Congress gave blanket immunity to for warrantless wiretapping of customers which “covered-up years of deliberate surveillance crimes by the Bush administration and the telecom industry…” (Greenwald, 2008).

It is not only those individuals suspected of crime who fall under police surveillance when telecommunications companies grant information requests. According to Pew Internet (2011), the typical Internet user has about 634 social ties in their overall communications network. So when police obtain information about an IP address, a cell phone number, or the keying of a cell phone tower, they have access to literally hundreds of people’s private information. By way of example, if police agencies obtain the records of all cell phones that key a particular tower, depending on the location and time period in question, this could result in hundreds or even thousands, of private records coming under some level of police inspection. Just driving in the vicinity of a crime scene or making a phone call near an investigation site can bring you under the watchful eye of the police.

Of course, investigations do not end with the police merely obtaining a list of the phone numbers that keyed a certain cell tower. Many innocent people can be caught up in the investigative process that comes after law enforcement officials obtain the initial information they seek. Cell phone numbers are matched to names and vehicle information and criminal histories can be obtained by any police officer through the FBI’s National Crime Information Center (NCIC). Likewise, follow-up investigations can be conducted and police may talk to employers, friends and associates of the people they are investigating. Everyone who may have had contact with the investigative target can come under some level of police scrutiny—all this occurring under the aegis of an investigation supposedly targeting a single individual or a small group of suspects. The same process holds true for cases where requests are made for text messages and IP addresses. Everyone who has texted a targeted number or who has had an exchange with the targeted IP address may come under some level of police scrutiny.

Last, we must return to the volume of privacy intrusions. Based on the data that Verizon reported, one can estimate that there are about 1 million official requests made by law enforcement to telecommunications companies every year. If we assume that Americans have only half the social connections reported by Pew Internet, the police could be bringing as many as 317 million social and communicative connections under some level of review each and every year. This level of surveillance represents a dramatic change in the capacity of the police to become involved in the everyday life of American citizens.

While the public and the more critical sectors of the media are certainly right to see the NSA as a threat to civil liberties, privacy and personal freedoms, police agencies may be the greater and even more consequential threat to your privacy.

Victor E. Kappeler, Ph.D.
Associate Dean and Foundation Professor
School of Justice Studies
Eastern Kentucky University

Sources

http://transparency.verizon.com/us-data
http://www.ctia.org/your-wireless-life/how-wireless-works/wireless-quick-facts
http://www.huffingtonpost.com/2013/12/09/cell-phone-data-requests_n_4414059.html
http://www.pewinternet.org/Reports/2011/Technology-and-social-networks/Part-3/SNS-users.aspx
http://www.verizon.com/investor/industryoverview.htm
http://www.salon.com/2008/07/09/fisa_vote/

Published on April 29, 2014