Verizon Communications, the nation's second-largest telecom company, told congressional investigators that it has provided customers' telephone records to federal authorities in emergency cases without court orders hundreds of times since 2005.
The company said it does not determine the requests' legality or necessity because to do so would slow efforts to save lives in criminal investigations.
In an Oct. 12 letter replying to Democratic lawmakers, Verizon offered a rare glimpse into the way telecommunications companies cooperate with government requests for information on U.S. citizens.
Verizon also disclosed that the FBI, using administrative subpoenas, sought information identifying not just a person making a call, but all the people that customer called, as well as the people those people called. Verizon does not keep data on this "two-generation community of interest" for customers, but the request highlights the broad reach of the government's quest for data.
The disclosures, in a letter from Verizon to three Democrats on the House Energy and Commerce Committee investigating the carriers' participation in government surveillance programs, demonstrated the willingness of telecom companies to comply with government requests for data, even, at times, without traditional legal supporting documents. The committee members also got letters from AT&T and Qwest Communications International, but those letters did not provide details on customer data given to the government. None of the three carriers gave details on any classified government surveillance program.
From January 2005 to September 2007, Verizon provided data to federal authorities on an emergency basis 720 times, it said in the letter. The records included Internet protocol addresses as well as phone data. In that period, Verizon turned over information a total of 94,000 times to federal authorities armed with a subpoena or court order, the letter said. The information was used for a range of criminal investigations, including kidnapping and child-predator cases and counter-terrorism investigations.
Verizon and AT&T said it was not their role to second-guess the legitimacy of emergency government requests.
The letters were released yesterday by the lawmakers as Congress debates whether to grant telecom carriers immunity in cases in which they are sued for disclosing customers' phone records and other data as part of the government's post-September 11 surveillance program, even if they did not have court authorization. House Democrats have said that they cannot contemplate such immunity without first understanding the nature of the carriers' cooperation with the government.
"The responses from these telecommunications companies highlight the need of Congress to continue pressing the Bush administration for answers. The water is as murky as ever on this issue, and it's past time for the administration to come clean," said Rep. Edward J. Markey (D-Mass.), who launched the investigation with panel Chairman John D. Dingell (D-Mich.), and Rep. Bart Stupak (D-Mich.).
Congressional Democrats have been largely stymied in their efforts to have the Bush administration disclose the scope and nature of its surveillance and data-gathering efforts after the Sept. 11, 2001, attacks. Revelations have come through press reports, advocacy groups' Freedom of Information Act lawsuits and Justice Department inspector general reports.
In May 2006, USA Today reported that the National Security Agency had been secretly collecting the phone-call records of tens of millions of Americans, using data provided by major telecom firms. Qwest, it reported, declined to participate because of fears that the program lacked legal standing.
Last month, the Electronic Frontier Foundation, a privacy group in San Francisco, obtained records through a Freedom of Information Act lawsuit showing that the FBI sought data from telecom companies about the calling habits of suspects and their associates, the New York Times reported. Neither Qwest nor AT&T answered the lawmakers' question as to whether they had received such requests for information.
Yesterday's 13-page Verizon letter indicated that the requests went further than previously known. Verizon said it had received FBI administrative subpoenas, called national security letters, requesting data that would "identify a calling circle" for subscribers' telephone numbers, including people contacted by the people contacted by the subscriber. Verizon said it does not keep such information.
"The privacy concerns are exponential each generation you go away from the suspect's number," said Kurt Opsahl, senior staff attorney with the EFF. "This shows that further investigation by Congress and the inspector general is critical."
Earlier this year, the Justice Department's inspector general found that the FBI may have improperly obtained phone, bank and other records of thousands of people inside the United States since 2003 by using national security letters and exigent letters, or emergency demands for records.
Michael Kortan, an FBI spokesman, said the bureau has suspended use of community-of-interest data "while an appropriate oversight and approval policy" is developed. He added that the inspector general is reviewing the use of those data.
Both Verizon and AT&T suggested in their letters that they already enjoy legal immunity under existing laws. But AT&T said that when the lawsuits involve allegations of highly classified activity, the company cannot prove its immunity claims.
Carriers are facing a raft of lawsuits from individuals and privacy advocates, such as the EFF and the American Civil Liberties Union, for allegedly violating Americans' privacy by aiding the NSA's warrantless surveillance program.
The federal government has intervened, arguing that to continue the case would divulge "state secrets," jeopardizing national security.
The Senate Intelligence Committee could draft a bill this week that includes relief for the carriers. The administration is seeking blanket immunity, which would extend to anyone sued for assisting the government -- not just telecom carriers -- in its post-Sept. 11 surveillance programs.
"It's rare in these situations where there's agreement between the plaintiffs and the defendants -- that there are plenty of protections for telecommunications providers in the existing laws," said the EFF's Opsahl, adding that no new immunity is necessary. "It appears that we both agree that the court should be able to look at the full situation, despite the state-secrets privilege."
In its letter, Verizon said that on occasion, it receives requests without correct authorizations. For instance, it said, it once received a request for stored voice mail without a warrant. The company does not respond until proper authorization is received, it said.
AT&T and Verizon both argued that the onus should not be on the companies to determine whether the government has lawfully requested customer records. To do so in emergency cases would "slow lawful efforts to protect the public," wrote Randal S. Milch, senior vice president of legal and external affairs for Verizon Business, a subsidiary of Verizon Communications.
"Public officials, not private businessmen, must ultimately be responsible for whether the legal judgments underlying authorized surveillance activities turn out to be right or wrong -- legally or politically," wrote Wayne Watts, AT&T's senior executive vice president and general counsel. "Telecommunications carriers have a part to play in guarding against official abuses, but it is necessarily a modest one."