Are you on Verizon? If so, your phone records are now in the hands of the government.
The Guardian got its hands on a secret FISA court order yesterday that reveals Verizon was forced to hand over customer metadata to the NSA. The order, which was granted on April 25, allows the NSA to collect daily information on Verizon’s 98.9 million subscribers until July 19.
Here’s the relevant part of the leaked court order:
It is hereby ordered that, the Custodian of Records shall produce to the National Security Agency upon service of this Order, and continue production on an ongoing daily basis thereafter for the duration of this Order, unless otherwise ordered by the Court, an electronic copy of the following tangible things: all call detail records or “telephony metadata” created by Verizon for communications (i) between the United States and abroad; or (ii) wholly within the United States, including local telephone calls.
So, what does this metadata include:
Telephony metadata includes comprehensive communications routing information, including but not limited to session identifying information (e.g., originating and terminating telephone number, International Mobile Subscriber Identity (IMSI) number, International Mobile station Equipment Identity (IMEI) number, etc.), trunk identifier, telephone calling card numbers, and time and duration of call. Telephony metadata does not include the substantive content on any communication, or the name, address, or financial information of a subscriber or customer.
The metadata being collected by the NSA doesn’t identify you by name, nor does it include your address. What’s the big problem then? The Guardian points out that information included in the metadata would allow the NSA to easily build “a comprehensive picture of who any individual contacted, how and when, and possibly from where.”
By far, the most worrisome part about this order, however, is its scope. It’s pointed out that FISA court orders are usually issued to track a specific person. It’s rare to see the government collecting information on every single person. It’s also rare to see these orders collecting data from calls between two people in the U.S. FISA was originally established to track communications between those outside of the U.S. or one person in the U.S. communicating with a foreign entity. That is obviously no longer the case.
It should also worry you that this is order only applies to a single carrier. It’s not out of the realm of reason to assume that there may be similar court orders floating around that compel other carriers like AT&T, T-Mobile and the like to turn over their metadata to the government as well.
It’s sadly ironic then that all of this comes on the heels of the FCC announcing a vote to decide whether or not wireless carriers can share metadata with third parties. If confirmed, the new rules would require these carriers to seek your permission before sharing your metadata with advertisers, etc. Unfortunately, those same rules wouldn’t protect you when the NSA comes knocking.