Prison Phone Monopoly Securus Under Fire Again, This Time For Doling Out Everybody's Private Phone Location Data

For years now we've noted how a company by the name of Securus has managed to obtain a pretty cozy, government-supported monopoly over prison phone and teleconferencing services. Like any monopoly, this prison monopoly has pretty traditionally resulted in not only sky high rates upwards of $14 per minute for phone calls, but comically poor service as well. It's something advocates (like outgoing FCC staffer Mignon Clyburn) have been trying to rectify for years, only to have Trump FCC boss Ajit Pai completely deflate those efforts last year.

But Securus' monopoly -- and the government pampering and cronyism that helped create it -- has other additional costs as well. Interstate inmate calling service (ICS) companies effectively buy their privileged positions from local governments, who then expect some favors in return. For example, Securus was recently accused of routinely spying on privileged inmate attorney communications, information that was only revealed after Securus was hacked in late 2015. Given the generalized apathy for prison inmates and their families ("Iff'n ya don't like high prices, don't go to prison son!") reform on this front has been glacial at best.

Meanwhile, the problems caused by these government-sanctioned monopolies continue to pile up. A recent court case has also exposed how some law enforcement officials also make routine use of a Securus service that helps track people's cellphones without court orders. While the service is marketed to government as a way for law enforcement to track fleeing drug treatment or even Alzheimer's patients, zero oversight means it's routinely abused. In this case, the law enforcement official used the Securus service to not only track members of the general public, but Judges and other law enforcement officials as well:

"The service can find the whereabouts of almost any cellphone in the country within seconds. It does this by going through a system typically used by marketers and other companies to get location data from major cellphone carriers, including AT&T, Sprint, T-Mobile and Verizon, documents show.

Between 2014 and 2017, the sheriff, Cory Hutcheson, used the service at least 11 times, prosecutors said. His alleged targets included a judge and members of the State Highway Patrol. Mr. Hutcheson, who was dismissed last year in an unrelated matter, has pleaded not guilty in the surveillance cases."

In addition to being another warning about the threat of government-pampered monopolies, the scandal again highlights how our nonexistent to lax consumer privacy laws (especially for wireless carriers) routinely come back to bite us. In this instance, Securus was easily able to buy cell carrier location data, then upload it to a company portal. Law enforcement officials can then easily plug in a cell phone number to track its location, provided they supply an "official document giving permission." Overview of the validity of these documents appears to be half-assed at best.

We've long noted that wireless carriers routinely sell browsing, location and other data to absolutely everyone, and while these companies insist that "anonymizing" the data protects user identities (it doesn't), the rules governing the use of such data are laughable at best. Efforts to then pass more meaningful privacy protections then get quickly and repeatedly scuttled by influential lobbyists, as companies fight tooth and nail against any measures that could possibly hamstring user data monetization efforts.

As you might expect, Securus took no ownsership of the scandal or the routine abuse of private data:

"Securus requires documentation and reasonably relies on the professionalism and integrity of our law enforcement customers and their counsel. Securus is neither a judge nor a district attorney, and the responsibility of ensuring the legal adequacy of supporting documentation lies with our law enforcement customers and their counsel."

Senator Ron Wyden, meanwhile, has fired off a letter to FCC boss Ajit Pai (pdf), lamenting the fact that the oversight of this entire process is the glorified equivalent of a "pinky promise":

"I recently learned that Securus Technologies, a major provider of correctional-facility telephone services, purchases real-time location information from major wireless carriers and provides that information, via a self-service web portal, to the government for nothing more than the legal equivalent of a pinky promise. This practice skirts wireless carrier's legal obligation to be the sole conduit by which the government conducts surveillance of Americans' phone records, and needlessly exposes millions of Americans to potential abuse and surveillance by the government."

Securus is the perfect storm created by lax privacy rules, rampant cronyism, the government's tendency to pamper and embolden monopolies, and the routine skirting of wiretap and privacy law by corporations and law enforcement alike.