Phone Metadata Suddenly Not So ‘Harmless’ When It’s The FBI’s Data Being Harvested
from the turntabled dept
The government’s next-best argument (after “Third Party Doctrine yo!”) in support of its bulk collection of US persons’ phone metadata via the (now partly-dead) Section 215 surveillance program was this: hey, it’s just metadata. How harmful could it be? (And if it’s of so little use to the NSA/FBI/others, how is it possible we’re using it to literally kill people?)
While trying to fend off attacks on Section 215 collections (most of which are governed [in the loosest sense of the word] by the Third Party Doctrine), the NSA and its domestic-facing remora, the FBI, insisted collecting and storing massive amounts of phone metadata was no more a constitutional violation than it was a privacy violation.
Suddenly — thanks to the ongoing, massive compromising of major US telecom firms by Chinese state-sanctioned hackers — the FBI is getting hot and bothered about the bulk collection of its own phone metadata by (gasp!) a government agency. (h/t Kevin Collier on Bluesky)
FBI leaders have warned that they believe hackers who broke into AT&T Inc.’s system last year stole months of their agents’ call and text logs, setting off a race within the bureau to protect the identities of confidential informants, a document reviewed by Bloomberg News shows.
[…]
The data was believed to include agents’ mobile phone numbers and the numbers with which they called and texted, the document shows. Records for calls and texts that weren’t on the AT&T network, such as through encrypted messaging apps, weren’t part of the stolen data.
The agency (quite correctly!) believes the metadata could be used to identify agents, as well as their contacts and confidential sources. Of course it can. That’s why the NSA liked gathering it. And that’s why the FBI liked collections it didn’t need a warrant to access. (But let’s not pretend this data was “stolen.” It was duplicated and exfiltrated, but AT&T isn’t suddenly missing thousands of records generated by FBI agents and their contacts.)
The issue, of course, is that the Intelligence Community consistently downplayed this exact aspect of the bulk collection, claiming it was no more intrusive than scanning every piece of domestic mail (!) or harvesting millions of credit card records just because the Fourth Amendment (as interpreted by the Supreme Court) doesn’t say the government can’t.
There are real risks to real people who are affected by hacks like these. The same thing applies when the US government does it. It’s not just a bunch of data that’s mostly useless. Harvesting metadata in bulk allows the US government to do the same thing Chinese hackers are doing with it: identifying individuals, sussing out their personal networks, and building from that to turn numbers into adversarial actions — whether it’s the arrest of suspected terrorists or the further compromising of US government agents by hostile foreign forces.
The takeaway isn’t the inherent irony. It’s that the FBI and NSA spent years pretending the fears expressed by activists and legislators were overblown. Officials repeatedly claimed the information was of almost zero utility, despite mounting several efforts to protect this collection from being shut down by the federal government. In the end, the phone metadata program (at least as it applies to landlines) was terminated. But there’s more than a hint of egregious hypocrisy in the FBI’s sudden concern about how much can be revealed by “just” metadata.
Filed Under: bulk collection, doj, fbi, hacking, metadata, section 215, surveillance
Companies: at&t
Comments on “Phone Metadata Suddenly Not So ‘Harmless’ When It’s The FBI’s Data Being Harvested”
Typical cop mindset–nothing is government overreach until it happens to a cop.
Re:
All the more reason to demonstrate that point to ’em.
Re:
And even then it’s not a problem unless it happens to a cop because they’re so far above us ordinary peons they’re not even citizens anymore.
Good. I hope they pay the ultimate price. I hope the people who collect this data end up hanging themselves after realizing they killed people.
Re:
Oh come on now.
We all know they will keep their jobs, that cosy pension, and possibly run for an elected office like POTUS.
I won’t mention her name though.
This comment has been flagged by the community. Click here to show it.
Threat Vector
Just wait until the FBI gets compromised further by a successful spear phishing attack. Then they’ll REALLY want to get serious about privacy.
Re: Threat Vector
Why do you assume that it hasn’t already happened? Do you really think the FBI would to admit anything more than a minor compromise?
Couldn’t happen to a more deserving bunch of asshelmuts. But major players of The Blame Game® will still act like corporate C-suite assholes for some time to come, bleating loudly that we should ignore the little man behind the curtain.
‘Sfunny how time has a way of correcting errors like this, even if it’s never soon enough for the rational folk among us.
It was through just such contact tracing that Italy discovered a US extraordinary rendition (Abu Omar).
My understanding is also that Hamas rolled up an Israeli spy network through contact tracing, but I cannot find a direct link. (Hamas has otherwise proven to be pretty adept at SigInt
What's the big deal?
Someone should tell them to stop freaking out, it’s only metadata after all, it’s not like anyone can use that to identify and/or track any of their people.