AT&T helping US drug cops in 'vast, troubling' phone snoop scheme

Telco keeps records for 26 years and provides them at will


The US Drug Enforcement Administration has enlisted telecom giant AT&T to develop a massive telephone records database that may put the National Security Agency's domestic phone surveillance to shame.

Dubbed the Hemisphere Project, the partnership sees AT&T employees working closely alongside DEA agents to supply them with phone data, The New York Times reported on Sunday.

And unlike the NSA's XKeyscore program, which potentially allows the agency to archive US citizens' phone records for up to five years, Hemisphere's records are maintained solely by AT&T, meaning they are apparently exempt from government restrictions on data retention.

Upon request, AT&T is reportedly able to provide the DEA with phone records dating back as far as 1987.

A Justice Department spokesman told the NYT that Hemisphere "simply streamlines the process of serving the subpoena to the phone company so law enforcement can quickly keep up with drug dealers when they switch phone numbers to try to avoid detection," adding that such subpoenas are "a bread-and-butter tactic in the course of criminal investigations."

But a set of PowerPoint slides obtained by the paper seems to indicate that Hemisphere is anything but business as usual. The DEA has kept a tight lid on the program's existence ever since it launched in 2007. One slide instructs law enforcement issues who request information from the database to "never refer to Hemisphere in any official document."

What's more, the news comes not long after leaked documents revealed that a Special Operations Division within the DEA has been receiving tips and surveillance data from the NSA, with the understanding that the DEA would cover up the source of its information.

Similarly, an AT&T spokesman would only disclose vague information about Hemisphere, beyond acknowledging that it does exist. He would not discuss how many phone calls it monitored or the size of its database.

Whether other phone companies besides AT&T are also involved in Hemisphere, or other programs like it, is also not known. Sprint, T-Mobile, and Verizon – the other "big four" US mobile carriers – all declined to speak to the NYT.

For its part, the DEA claims that Hemisphere has helped the agency make several successful arrests. The leaked slides cite cases in which agents caught a man who impersonated a top-ranked military officer, a woman who made a series of bomb threats, and drug dealers who were trafficking some 136 kilos of cocaine.

But in a blog post on Tuesday, the American Civil Liberties Union described the Hemisphere program as "vast" and "troubling," adding that "the government is deliberately concealing the origins of all information obtained by the program."

"As a result," ACLU staff attorney Catherine Crump wrote, "defendants have no opportunity to test the legality of these investigative tactics – and, just as troublingly, no court will have the chance to weigh in on the program's validity."

Crump added, however, it was the willing participation of AT&T, with its 26 years' worth of call records, that made Hemisphere possible. "If AT&T didn't build it, the government would not come," she observed. ®

Similar topics

Broader topics


Other stories you might like

  • EnemyBot malware adds enterprise flaws to exploit arsenal
    Fast-evolving botnet targets critical VMware, F5 BIG-IP bugs, we're told

    The botnet malware EnemyBot has added exploits to its arsenal, allowing it to infect and spread from enterprise-grade gear.

    What's worse, EnemyBot's core source code, minus its exploits, can be found on GitHub, so any miscreant can use the malware to start crafting their own outbreaks of this software nasty.

    The group behind EnemyBot is Keksec, a collection of experienced developers, also known as Nero and Freakout, that have been around since 2016 and have launched a number of Linux- and Windows-based bots capable of launching distributed denial-of-service (DDoS) attacks and possibly mining cryptocurrency. Securonix first wrote about EnemyBot in March.

    Continue reading
  • Microsoft pushes ahead adapting Azure for 5G telecoms after swallowing AT&T's Network Cloud
    But is the telco backing itself into a corner?

    Analysis Microsoft has given more info on its efforts to draw telcos to its Azure cloud platform, building on intellectual property and skills gained from last year's partnership with AT&T, under which the telco opted to move its core 5G network operations to Azure.

    Microsoft announced Azure for Operators in 2020, saying it was adding capabilities to its cloud to support carrier-grade network operations such as low-latency connectivity and network slicing. The idea was that telcos would be able to take advantage of the elastic capabilities of the cloud and reduce the need to invest so much capital expenditure in new infrastructure for their 5G rollouts, in much the same way that enterprise customers have adopted the technology.

    This clearly appealed to AT&T, because in June last year it announced it was not only moving its 5G mobile network to Azure, but also providing Microsoft access to its IP and technical expertise. This included handing over the Network Cloud platform it had developed to operate its 5G services to the Windows giant, along with any of the engineering team willing to transfer to Redmond.

    Continue reading
  • Hey, AT&T, you ripped off our smartwatch-phone group call tech – and we want our $1bn, say entrepreneur pair
    Seattle duo go back to court demanding promised royalties

    AT&T has been sued by two Seattle entrepreneurs who accused the telecoms giant of stealing their technology and launching a rip-off version to avoid paying massive royalty fees.

    They now want $1.35bn for breach of contract and patent infringement: $450m in unpaid royalties and triple damages for "willful and egregious infringement." And the unfortunate reality for AT&T is that the duo look like they have a good case.

    John Wantz and Kyle Schei were college friends who devised, in 2012, a way to group or pool together phone numbers. Calls placed to a number in the pool could be redirected to another member of the group automatically, and calls originating from the group could be made to appear from any of the group's numbers. The idea being that, say, a child only has to remember – or store in their phone – one number in a group, and when they call it, the system would automatically pass it around the pool until someone answered.

    Continue reading

Biting the hand that feeds IT © 1998–2022