Fresh Surveillance Data Show Spike in Traffic Tracking

The Department of Justice is required to report annually to Congress on its use of an array of surveillance tools. These include so-called “pen register” and “trap-and-trace” orders (often combined as “pen/trap orders”), which give investigators realtime access to traffic data from a target’s telephone or e-mail/Internet accounts.  In combination with another type of court order, these are sometimes used to gather location tracking data on cellular users, but they’re primarily used to establish patterns of communication—to determine who the target is in contact with, and when. (Those in contact with the target may then come under further scrutiny.)

Unfortunately, there’s been no public reporting on the use of pen-traps since a five-year dump the Justice Department submitted in 2004.  It’s not clear whether Congress, at least, has been getting them—other such surveillance reports are typically posted on the DOJ Web site—but thanks to intrepid privacy researcher Chris Soghoian and the Freedom of Information Act, we now have statistics on the use of pen-trap orders. In 2002, the federal government sought 4103 pen register orders (affecting 6540 people’s phone lines).  By 2008, that number had risen to a whopping 11,126 pen register orders (affecting 13,998 people’s phones)—in other words, an increase of more than 171%. Bear in mind, that’s 13,998 people having their call behavior monitored in realtime, just at the federal level, and not counting foreign intelligence pen/traps under FISA. (I nevertheless use the first full year after 9/11 as a comparison point, since one might expect an uptick in terror-related criminal investigations.) It’s also not counting government requests for people’s historical call records—records that USA Today reported in 2006 were being vacuumed into a massive database by the tens of millions.

As the graph makes clear, it has also become more common for agencies to routinely obtain trap-and-trace orders (for data on incoming calls) when they obtain a pen register order (for outgoing calls), though the extent of the increase may be exaggerated because the U.S. Marshals Service, which appears to get combined pen/trap orders by default, did not provide separate statistics for trap-and-trace requests prior to 2004. The Justice Department also now appears to have begun tracking orders for e-mail and electronic networks, though it’s unclear whether these are being counted separately or represent a subset of the general pen/trap figures. In 2008, the FBI, DEA, and U.S. Marshals Service reported a total of 208 such orders.

What explains that substantial spike, at a lag of several years after 9/11? One possibility is that increasingly sophisticated tools for social network analysis and pattern-based data mining have made pen/trap orders a more valuable tool—or at least made them appear more valuable to investigators—for ferreting out suspicious patterns or uncovering organizational structures.  Fans of the justly-celebrated HBO series The Wire may recall the episode “Back Burners,” in which Detective Lester Freamon shows a map of the Stanfield crew’s communication patterns, suggesting that it’s typical of a drug-dealing organization. There’s another technological angle to consider: If automation and digitization of the request process make it relatively painless to get pen/trap data, agents may be more likely to request more of them.

Intriguingly, the U.S. Marshals Service accounts for a huge proportion of the increase. In 2002, they sought only 556 pen registers (compared with 1703 for the FBI and 1841 for DEA). That had grown nearly tenfold by 2008, to a stunning 5475 (far more than the 2092 sought by FBI or 3260 for DEA). This, surely, is the figure that most cries out for further inquiry.  Why is the USMS doing ten times the amount of traffic surveillance they conducted in 2002?  I’ve put in a query with their public affairs office, but I’d encourage any enterprising reporters out there to follow up as well.