http://www.baltimoresun.com/news/nationworld/bal-te.phones21jun21,0,7200046.story?coll=bal-nationworld-headlines

Police gather phone data without subpoenas

Legal experts and privacy advocates said police reliance on private vendors who committed such acts raised civil liberties questions.

Those using data brokers include agencies of the Homeland Security and Justice departments - including the FBI and the U.S. Marshal's Service - and municipal police departments in California, Florida, Georgia and Utah. Experts believe hundreds of other departments frequently use such services.

"We are requesting any and all information you have regarding the above cell phone account and the account holder ... including account activity and the account holder's address," Ana Bueno, a police investigator in Redwood City, Calif., wrote in October to PDJ Investigations of Granbury, Texas.

An agent in Denver for U.S. Immigration and Customs Enforcement, Anna Wells, sent a similar request on March 31 on Homeland Security stationery: "I am looking for all available subscriber information for the following phone number," Wells wrote to a corporate alias used by PDJ.

Congressional investigators estimated the U.S. government spent $30 million last year buying personal data from private brokers. But that number probably understates the breadth of transactions, because brokers said they rarely charged law enforcement agencies.

A lawmaker who has investigated the industry said Monday that he was concerned about data brokers.

"There's a good chance there are some laws being broken, but it's not really clear precisely which laws," said Rep. Edward Whitfield, a Kentucky Republican who heads the House Energy and Commerce investigations subcommittee. Whitfield plans to begin hearings today.

Documents gathered by Whitfield's committee show data brokers use trickery, impersonation and even technology to try to gather Americans' phone records. "They can basically obtain any information about anybody on any subject," Whitfield said.

James Bearden, a Texas lawyer who represents four such data brokers, likened the companies' activities to the National Security Agency, which reportedly compiles the phone records of ordinary Americans.

"The government is doing exactly what these people are accused of doing," Bearden said. "These people are being demonized. These are people who are partners with law enforcement on a regular basis."

Many of the executives summoned to testify before Congress this week plan to refuse to answer questions, invoking their Fifth Amendment right against self-incrimination.

Larry Slade, PDJ's lawyer, said no one at the company violated laws, but he acknowledged, "I'm not sure that every law enforcement agency in the country would agree with that analysis."

PDJ always provided help to police for free. "Agencies from all across the country took advantage of it," Slade said.

The police agencies said they used the data brokers because it was quicker and easier than subpoenas, and their lawyers believe their actions did not violate the Fourth Amendment's guarantee against unlawful search and seizure.

Some agencies, such as Immigrations and Customs Enforcement, instructed agents to stop the practice after congressional inquiries. Police in Orem, Utah, likewise plan to end the practice because of concerns about "questionable methods" used by the data brokers, Lt. Doug Edwards said.

The records also list some of America's most famous corporate names - from automakers to insurers to banks - as purchasing information on private citizens from data brokers, which often help companies track down delinquent customers.

For instance, a 2003 customer list for data broker Universal Communications Company listed Ford Motor Credit Co., the automaker's lending arm, as the single largest purchaser of phone toll records, paying $17,435 to buy such data that year. In all, Ford's lending arm spent more than $50,000 with that data broker that year. Ford also paid $9,000 to another such company, Global Information Group, in 2004, the records state.

Also on UCC's or Global Information's paying client list was the insurer State Farm's banking arm, Chrysler's consumer lending arm, Enterprise Rent-A-Car and banking giants Wells Fargo and Wachovia Financial Services.

At least 50 departments of Wachovia made data requests in 2004, accumulating thousands of dollars in charges. Some companies could not provide an immediate explanation when called for comment yesterday.

Ford Motor Credit spokeswoman Meredith Libby said yesterday that her company used the vendors in the past to help locate customers who weren't paying and had disappeared but that the companies "are no longer on our approved vendor lists."

Asked why Ford would need phone toll records, Libby said her company "did not necessarily say [to the vendor], 'Give us this specific piece of data,' but rather, 'Help us to find this person,'" and the charges for phone records were part of the process.

Wells Fargo said it ended the relationship with its data broker late last year. State Farm's banking arm made "limited use of data obtained from third parties to augment our collections operations," spokesman Mia Jazo-Harris said.

None of the police agencies interviewed said they researched their data brokers to determine how they gathered sensitive information such as names associated with unlisted numbers, records of phone calls, e-mail aliases - even tracing a person's location using a cellular phone signal.

"If it's on the Internet and it's been commended to us, we wouldn't do a full-scale investigation," Marshal's Service spokesman David Turner said. "We don't knowingly go into any source that would be illegal. We were not aware, I'm fairly certain, what technique was used by these subscriber services."

At Immigration and Customs Enforcement, spokesman Dean Boyd said agents did not pay for phone records and sought approval from U.S. prosecutors before making requests. Their goal was "to more quickly identify and filter out phone numbers that were unrelated to their investigations," Boyd said.

Targets of the police interest include alleged marijuana smugglers, car thieves, armed thugs and others.

The data services also are enormously popular among collection agencies, bail bondsmen, private detectives and suspicious spouses.

Privacy advocates bristled over data brokers' gathering records for police without subpoenas.

"This is pernicious, an end run around the Fourth Amendment," said Marc Rotenberg, head of the Washington-based Electronic Privacy Information Center, which advocates tougher federal regulation of data brokers. "The government is encouraging unlawful conduct; it's not smart on the law enforcement side to be making use of information obtained improperly."

Legal experts said law enforcement agencies would be permitted to use illegally obtained information from private parties without violating the Fourth Amendment as long as police did not encourage crime.

"If law enforcement is encouraging people in the private sector to commit a crime in getting these records, that would be problematic," said Mark Levin, a former top Justice Department official under President Ronald Reagan. "If, on the other hand, they are asking data brokers if they have any public information on any given phone numbers, that should be fine."

Levin said he nonetheless would have advised federal agents to use the practice only when it was a matter of urgency or national security and otherwise to stick to a legally bulletproof method such as subpoenas for everyday cases.

Congress subpoenaed thousands of documents from data brokers describing how they collected telephone records by impersonating customers.

"I was shot down four times," data broker employee Michele Yontef complained in an e-mail in July 2005 to a colleague. Yontef was among those ordered to appear at this week's hearing.

Another company years ago even acknowledged breaking the law.

"We must break various rules of law in acquiring all the information we achieve for you," Touch Tone Information Inc. of Denver wrote to a law firm in 1998 that was seeking records of calls made on a calling card.