Hacked Data Obtained By The Intercept Highlights Wholesale Spying On Inmate, Attorney Privileged Communications

from the institutional-apathy dept

A few months ago the FCC voted to crack down on the ripping off of inmates and their families by prison telecom companies, which for decades now have charged upwards of $14 per minute for services that cost little to nothing to provide. At the time, prison telecom companies like Securus complained hysterically about the FCC's decision, CEO Richard Smith declaring the new price caps would have a "devastating effect" on its business, potentially ending its participation in "services and continuing inmate related programs."

According to a massive new trove of data obtained by the Intercept, one of the "services" Securus was apparently providing was of the wholesale spying variety. Hacker-obtained data examined by The Intercept includes 70 million records of phone calls (and recordings of the phone calls themselves), placed by prisoners in at least 37 different states over a two-and-a-half year period. Of particular note are the estimated 14,000 recordings of privileged conversations between inmates and their lawyers:
"This may be the most massive breach of the attorney-client privilege in modern U.S. history, and that’s certainly something to be concerned about,” said David Fathi, director of the ACLU’s National Prison Project. “A lot of prisoner rights are limited because of their conviction and incarceration, but their protection by the attorney-client privilege is not."
Securus alone provides telecom services and "secure" storage of communications for 2,200 prisons around the United States, processing a million or so calls each day. Securus and other such companies serve a relatively captive and unregulated market, where prisons are paid upwards of $460 million annually in "concession fees" (read: kickbacks) to win exclusive telecom-related prison contracts. Part of Securus' pitch to prisons is that it will offer cutting edge secure storage for these communications, though the Intercept notes this latest hack wasn't the first.

Prisoners obviously don't expect the full historical right to privacy; indeed Securus makes sure to include a message warning inmates that "this call is from a correctional facility and may be monitored and recorded" at the beginning of each call. Waivers of rights and the monitoring and securing of phone communications was originally pushed as a way to prevent riots, witness tampering and generally secure the prison back in the 90s. But as the Intercept points out, that doesn't make the long-term storage of this data any less problematic, and securing the facility certainly shouldn't include recording secure communications between inmates and their lawyers. A behavior, it should be noted, Securus itself claimed it didn't do:
"A review of contracts and proposals completed by Securus in a handful of states reflects the company’s understanding of this right. In a 2011 bid to provide phone service to inmates in Missouri’s state prisons, Securus promised that each “call will be recorded and monitored, with the exception of privileged calls.” But the database provided to The Intercept shows that over 12,000 recordings of inmate-attorney communications, placed to attorneys in Missouri, were collected, stored, and ultimately hacked."
The Intercept's findings are particularly problematic for Securus, since the company is the target of a federal civil rights suit filed in Texas in 2014. That suit, by the Austin Lawyers Guild and a prisoners' advocacy group, alleges that Securus had been recording privileged conversations, and that intrusion into this communications (and the prosecutors' failure to disclose this information during discovery) undermines the legal ability to defend them. This despite Securus contracts explicitly stating that phone calls "to telephone numbers known to belong [to] attorneys are NOT recorded," and that "if any call to an attorney is inadvertently recorded, the recording is destroyed as soon as it is discovered." Or not.

The Intercept's latest findings not only stumble into yet another expansion of our wholesale surveillance state, but exemplify the kind of apathy about the prison industrial complex that allowed Securus to aggressively rip off inmates and families in the first place. "They're in prison so they deserve it" is a common refrain from the apathetic to the rights trampling of the guilty, the innocent, and the millions of Americans serving massive prison sentences for relatively innocuous marijuana offenses. On a positive note the Intercept's latest leak was courtesy of The Intercept's Tor-enabled SecureDrop platform, another sign we're (hopefully) moving past the Assange middleman era into one where the traditional media -- with a little help -- actually does its job.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: attorney-client privilege, jails, phone calls, prisons, privacy, recordings
Companies: securus


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    avideogameplayer, 11 Nov 2015 @ 12:22pm

    I wonder how much info is passed to DAs...

    And how many people get nailed for it...

    link to this | view in thread ]

  2. icon
    DannyB (profile), 11 Nov 2015 @ 1:18pm

    A technically accurate statement

    "if any call to an attorney is inadvertently recorded, the recording is destroyed as soon as it is discovered."

    While technically accurate, it would be even more accurate to append . . .

    ". . . as soon as it is discovered that we might get into trouble for this."

    link to this | view in thread ]

  3. icon
    DannyB (profile), 11 Nov 2015 @ 1:22pm

    Re: A technically accurate statement

    . . . as soon as it is discovered that someone outside of our organization knows about it.

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 11 Nov 2015 @ 2:01pm

    The Intercept's Tor-enabled SecureDrop platform

    Just wondering, but was Tor ever patched after the FBI's famous Silk Road hack that lead to the subsequent massive bust of that online drug bazaar?

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 11 Nov 2015 @ 3:03pm

    "Secure"

    Securus alone provides telecom services and "secure" storage of communications for 2,200 prisons around the United States
    Come on, I'm sure they were following "best practices" (which is to say that their security is about as bad as anyone else's).

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 11 Nov 2015 @ 3:18pm

    Re: The Intercept's Tor-enabled SecureDrop platform

    Tor is patched all the time, and there's a redesign of hidden services being worked on. But do we have any evidence the FBI broke Tor? They claim a misconfigured server revealed itself (although some suspect it's parallel construction).

    The FBI did plant a JavaScript exploit on the Tor Mail servers (not affiliated with the Tor project). The Tor Browser Bundle and Tails projects have patched the bug—in Firefox, not Tor—and there have been some ideas on ways to mitigate such attacks. I'd say turning JavaScript off is a good idea, even when not using Tor.

    link to this | view in thread ]

  7. icon
    John Fenderson (profile), 11 Nov 2015 @ 5:58pm

    Re: Re: The Intercept's Tor-enabled SecureDrop platform

    There is no evidence that Tor has been fundamentally broken. However, there has been a cat-and-mouse game with Tor from the very start, and weaknesses are periodically found and fixed.

    link to this | view in thread ]

  8. icon
    art guerrilla (profile), 11 Nov 2015 @ 6:21pm

    i get your point...

    ...but technically, replacing one 'gatekeeper' (assange) with another 'gatekeeper' (the intercept) is not exactly lessening the degrees of separation from us sheeple to the whistleblowers...
    THAT would be if the whistleblower just PUT IT ALL OUT THERE, *blap*: no filters, no amelioration, no redacting, no protecting bullshit national sekurity reasons, etc...

    link to this | view in thread ]

  9. icon
    That One Guy (profile), 11 Nov 2015 @ 6:28pm

    Re:

    'Unknown' and 'No-one but the hackers if the government can find them' respectively.

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 11 Nov 2015 @ 6:50pm

    Every time I accept a call from a inmate in prison on my cellphone, the GPS icon on my phone starts flashing. That's what you call guilt by association. I know a convicted person, therefore I must be engaged in illegal activity too and warrentlessly GPS tracked through E911 features built into my phone.

    I admit, there was a recording a few years ago from the local jail stating that by pressing 1 and accepting this call, I was "voluntarily" submitting to location tracking.

    That was years ago. It appears if you give consent once, that means you're giving consent to be location tracked for life.

    link to this | view in thread ]

  11. icon
    Whatever (profile), 11 Nov 2015 @ 9:54pm

    Not so simple

    Here's the problem with the story: There is no indication (not even the slightest) that shows that any client attorney priviledge was actually violated. Yes, the calls are records - all calls are recorded. The question unanswered and avoided here is how they handle those particular calls after they are recorded.

    Remember, this is an automated system. I doubt they have hundreds or thousands of live operators sitting listening to every call as it happens and pushing the big "lawyer call" button to delete it. It's way more likely that most calls are filed and never listened to at all, one way or another, and that calls are only actually listened to be a human if there is a specific request made through whatever process. At that point, they can weed out the lawyer calls as needed.

    So hacking (against the law, you know) to get raw phone recordings isn't exactly telling. In fact, it's quite the opposite, suggesting the HACKERS may have violated the privileged communications. Oh, that would sting, wouldn't it?

    link to this | view in thread ]

  12. identicon
    Anonymous Coward, 12 Nov 2015 @ 2:55am

    Re: i get your point...

    The Intercept is also a bit more... image-conscious than Wikileaks. Remember when they reported that an undisclosed country was having 100% of it's telephony stored but wouldn't disclose which one (and then Wikileaks confirmed it was Afghanistan)? The Intercept does do some truly excellent reporting, but they have some limitations that Wikileaks do not.

    link to this | view in thread ]

  13. identicon
    Anonymous Coward, 12 Nov 2015 @ 3:51am

    Re: i get your point...

    good idea,

    if every hacked database with important private information will be thrown to the open web

    the sheeple could start to get scared of their data

    link to this | view in thread ]

  14. icon
    Ninja (profile), 12 Nov 2015 @ 6:36am

    Re: Not so simple

    The calls should not be recorded. Period. Eben if they were not used there's nothing preventing them from being used in the future. Of course, in your rosy land where everybody is happy and nobody is a tyrant you may be right.

    So hacking (against the law, you know) to get raw phone recordings isn't exactly telling. In fact, it's quite the opposite, suggesting the HACKERS may have violated the privileged communications. Oh, that would sting, wouldn't it?

    You may be right but it's yet more evidence these stored records should NOT exist. What if an interested party in the process (ie: the Government) decided to hack into the company and get said recordings? "Hey, look over there, something else!" does not help solve the issue. But it wouldn't be you if you didn't try it, no?

    link to this | view in thread ]

  15. identicon
    Anonymous Coward, 12 Nov 2015 @ 6:36am

    Re: Not so simple

    Yeah, nothing to see here folks - move along.

    link to this | view in thread ]

  16. icon
    John Fenderson (profile), 12 Nov 2015 @ 8:42am

    Re: Not so simple

    According to the company, they determine which calls are exempt based on the phone number involved. That's entirely automatable and can avoid recording the call at all. No later review is necessary (and there'd be nothing to review.)

    The company also says that the attorneys have to proactively inform them that they're attorneys and their phone numbers. It's possible that the recorded calls were with attorneys who failed to do this, I don't know.

    But even if there is no serious violation here, the outright financial abuse the company is engaging in is despicable.

    link to this | view in thread ]

  17. identicon
    US Citizen Born and Raised, 12 Nov 2015 @ 9:42am

    Tel Comms Stop

    CEO Richard Smith declaring the new price caps would have a "devastating effect" on its business, potentially ending its participation in "services and continuing inmate related programs."

    GOOD!

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 13 Nov 2015 @ 6:58pm

    for profit prisons spying on private calls that could have the potential to send other people involved to prison. How on earth could they possibly profit by colluding with corrupt courts to send more people to prison using information that is obtained illegaly.

    almost as if the justice system is more criminalized than the criminals they fight.

    link to this | view in thread ]

  19. icon
    Elscorp (profile), 7 Feb 2018 @ 9:03pm

    SECURUS LARGEST WIRETAPPING VIOLATION IN US HISTORY

    ECURUS WIRETAPPING VIOLATION OF INMATE CONSTITUTIONAL RIGHTS

    I have information concerning SECURUS and tha actual issue concerning attorney client privileged communications. The recent release from INTERCEPT is incorrect this has been going on with SECURUS since their inception. Take a look at U.S. vs Novak. The issue is much larger than anyone is talking about. In every facility in all state and federal cases that SECURUS provides service the discs for different inmates are ordered in 5-10% of all cases.

    Every time the software was updated, even if any blocks had been placed to restrict recording, the blocks were wiped out for all attorneys and all privileged employees paralegals and private investigators working on cases across the entire country.

    Across the country US Attorneys, State Attorneys, Alphabet agencies all received these calls and in not one case of them receiving privileged communications did they report it to SECURUS, the defendants council, or the Courts. Committing fraud on the courts in every case. In Colorado their has been a pattern of intentionally placing difficult cases and high profile cases by the US Attorneys office in SECURUS phone service facilities. I wonder why? This issue litterally effects 1,000’s of defendants in every state that SECURUS provides services to in both State and Federal facilities.

    I can provide a list of Law Enforcement individuals including one ex FBI employee that if deposed can confirm all of the above. This problem has been going on much longer than 2011. It goes back to at least 2006. They were aware of problem in US vs Novak 2006, again they were notified in 2009/2010, and now once again. This is called a pattern and history of abuse. This is the largest violation of prisoner rights, civil rights, and wire tapping violations, it is also Fraud on the Courts in every case state or federal that it occurred in.

    If you would like to discuss further please feel free to contact me. Otherwise I plan to discuss with Plaintiffs counsel and the press.
    Lance C. Migliaccio

    720.380.0059
    lm@grpfusion.com

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.