AT&T Refuses to Disclose to Shareholders What Data It Shares with the NSA
The American Civil Liberties Union of Northern California filed a “shareholder proposal” with AT&T after it was revealed in the news that the company is sharing data with the US government. It demanded that AT&T “publish semi-annual reports, subject to existing laws and regulation, providing metrics and discussion regarding requests for customer information by US and foreign governments, at reasonable cost and omitting proprietary information.”
According to the Associated Press, AT&T sent a letter to the Securities and Exchange Commission on Thursday claiming the company “protects customer information and complies with government requests for records ‘only to the extent required by law.'” It also added “information about assisting foreign intelligence surveillance activities is almost certainly classified,” and the company “should not have to address the issue at its annual shareholders meeting this spring.”
AT&T argued it did not have to disclose transparency reports because the information demanded in the “shareholder proposal” was “over-broad,” and, by law, it involves data companies are not allowed to make public. AT&T highlighted National Security Letters (NSLs). Also, the issue of “disclosure practices with the NSA has not been a topic of “sustained debate over the last several years,” which is a standard required for “public reporting.”
Although the “shareholder proposal” only addressed data passed on to the NSA, it is absolutely false that AT&T is sharing data “only to the extent required by law.” The New York Times revealed in a report in early November that AT&T has a more than $10 million contract with the CIA to provide the intelligence agency with data on calls that cross the company’s networks all over the world. While information provided is for “overseas counterterrorism investigations,” and the targeting of foreign suspects, information provided to the CIA sometimes involves data from Americans’ international calls.
In September, it was also reported by The New York Times that AT&T had a partnership with the Drug Enforcement Agency called The Hemisphere Project. The project granted the DEA access to records of “decades of Americans’ phone calls.”
Both the partnership with the DEA, started in 2007, and the CIA contract, which began in 2010, are voluntary. No agency compelled the telecommunications giant to provide customers’ data. The company determined there were profits to be made and power to be gained and chose to make a deal that would make the company a more integral part of the US surveillance state.
As the times noted, “AT&T helped “facilitate” the Bush administration’s warrantless wiretapping program. It, along with two other phone companies, embedded employees in an FBI facility to help provide “quick analysis of call records” from 2003 to 2007 until the “embedding was shut down amid criticism by the Justice Department’s inspector general that officers were obtaining Americans’ call data without issuing subpoenas.”
AT&T has a record of doing business with the government in such a manner that customers’ data is likely being passed on to the government in ways that are illegal or stretch the legal boundaries of what is permissible. That the data provided as part of these arrangements could wind up incriminating a customer because of warrantless surveillance is a reasonable concern for shareholders.
The Electronic Frontier Foundation, in an annual report card released this year, notes that AT&T: does not require a warrant from the government before providing content, does not tell users about government data requests, does not publish law enforcement guidelines and will not fight for users’ privacy rights in court.
While it is true that there is much data the government refuses to allow companies to disclose, there are companies like Google and Microsoft that have challenged the government and released data on NSL requests.
The “shareholder proposal” was not filed in the aftermath of revelations around partnerships with the DEA or CIA. It was filed in response to disclosures from former NSA contractor and whistleblower Edward Snowden that the NSA is collecting metadata on all phone calls of Americans from companies that include AT&T and Verizon.
A “shareholder proposal” was submitted to Verizon, but thus far there has been no public report of a response by Verizon to the letter.
It is unknown if AT&T or Verizon have any contracts with the NSA to help the agency with surveillance and possibly profit in the process.
On Wednesday, The Washington Post’s Barton Gellman and Ashkan Soltani revealed, based on documents from Snowden, that the NSA was collecting “nearly 5 billion records a day on the whereabouts of cellphones around the world.” The data often includes “tens of millions of Americans who travel abroad with their cellphones every year.”
“Two unnamed corporate partners” with the code names ARTIFICE and WOLFPOINT assist in the collection. These partners administer NSA’s “physical systems,” also known as “interception equipment.” The “NSA asks nicely for tasking/updates” from a signals intelligence activity designator or “sigad” named STORMBREW.
The corporate partners were not named, but, given the global reach of AT&T and Verizon, both telecommunications companies should probably be considered prime suspects.
Photo by NontrivialMatt, used under Creative Commons license