The Wireless: Law Enforcement's Secret Partnership with Phone Companies Makes Everything Transparent Except the Law

In November, U.S. District Court Judge Susan Illston dealt five consecutive life sentences to Joseph Ortiz, a shot-caller in South San Francisco's 500 Block gang — one in a coterie of Norteño cliques that spun off the 1960s prison gang Nuestra Familia. Ortiz and a group of co-conspirators were charged with two drive-by shootings during one week of December 2010. Their targets were suspected rivals from the Sureño gang. Three people were killed, six others were wounded.

Ortiz pled guilty to the murders and a battery of other charges, including armed robbery of a South San Francisco jewelry store and a 7-Eleven in Pacifica, along with obstruction of justice — he'd fled to Mexico shortly after the shootings but was apprehended in the Bay Area two years later. U.S. District Attorney Melinda Haag then indicted 19 of his associates from the 500 Block and nearby C Street Gang for serving as accessories. By all appearances, one of the Bay Area's most notorious outfits had been snuffed out.

Then the case took an unexpected turn.

Five of Ortiz's alleged associates shuffled into Illston's courtroom on Dec. 20, 2013, wearing Alameda County Jail uniforms and improbably smug expressions. Four were armed with a highly technical argument that could either be a game-changer or a futile Hail Mary pass. They claimed that federal investigators had used a little-known spy program to nail them in a violent gang case. Similar to the NSA's wholesale effort to gather call records from millions of Americans, this one is aimed specifically at drug traffickers and violent criminals. It's harder to condemn, but gets caught in the same ethical snags.

The men standing before Illston were accused gang members; three were charged with murder. Yet they'd also become unlikely torch-bearers for civil liberties.

Evidence suggests the government bolstered its case, in large part, from phone records procured from AT&T and Metro PCS, which not only linked Ortiz to the other defendants, but also revealed the approximate location from which each call was placed. By extrapolating from troves of caller data, law enforcement was able to map out the movements of every alleged 500 Block member over a period of several months. The vast constellation of interconnected cellphone numbers spoke volumes.

Investigators had relied on a program called the Hemisphere Project, a partnership between various federal and local law enforcement agencies and AT&T that launched around 2007. The project is employed nationally, but appears to be based in California and deployed for criminal investigations throughout the West Coast, as demonstrated by a series of training slides leaked to The New York Times in September.

Hemisphere spawned from the theory that call patterns resemble a fingerprint — that calling behaviors to certain numbers, at certain times, are so telling that that they can identify a person regardless of what phone number he's using. Mark Eckenwiler, a D.C.-based federal prosecutor who's now a privacy attorney, explains how it might work in the context of an investigation: "We've got Person A and Person B," he says. "A is the target. B is the person he talks to all the time. If A and B don't sync up the changes on their phones — say, A replaces his phone, and B's doesn't change — then between 2 and 4 a.m. when you see B calling some new number, he's probably calling A."

By doing a back-end analysis of scores of phone records at the same time, investigators can trace those patterns and find the thread, even before they procure an official court subpoena (which are often time-consuming, require court authorization, and have to target one phone number at a time). Safer and more efficient than traditional modes of investigation, Hemisphere probes don't require the cops to put a human informant at risk, or bust down the door to a stash house and risk an armed confrontation. It's a way to apply the principle of NSA data sweeps to drug busts, using an intricate paper trail to reveal the hidden connections between criminals.

That might be an easy sell when the cops are taking down bad guys. But attorneys at the American Civil Liberties Union and the Electronic Frontier Foundation argue that it also smacks of an extra-judicial shortcut. That, given wider acceptance, it could erode our constitutional rights.

A small cadre of EFF and ACLU attorneys sat in Illston's court to watch the December gang trial hearing. Some of them had filed friend-of-the-court briefs to denounce Hemisphere in other criminal cases, so they already had a dog in this fight. The 500 Block gang case might not itself be inherently political, but it could have bigger stakes as our desire to lock away criminals bumps up against our expectations of privacy.

That's the contention of EFF staff attorney Hanni Fakhoury, who says that even if Hemisphere was spawned in the realm of criminal prosecutions, it's now plugged into our national conversation about NSA tracking. "The issue is really at what point does technology evolve to let the government make shortcuts?" he says. To him, the logic behind Hemisphere is uncannily similar to other modes of surveillance. The government believes it has a better chance of finding individual terrorists by sifting through an ocean of raw materials; similarly, drug prosecutors think they can trace criminal relationships by analyzing hundreds of thousands of call records.

That might be a drug investigator's only recourse when he's entering a case blind, Fakhoury says. But he contends it's also a way to cheat defendants out of their right to due process. It's like searching someone's house, finding the evidence you need, and then securing a warrant to return to the house and collect the evidence.

Fakhoury finds that prospect unsettling. "I get that we all want to throw terrorists and bad guys and murderers and drug dealers in jail," he says. "But are we really gonna just let the police do whatever they want?"

And, as judges weigh in differently on the constitutionality of the Hemisphere program, it could wind up undermining the very cases it helped build. Defendants in the U.S. v. Ortiz case sent their own subpoena to Metro PCS, AT&T, and the Hemisphere Project, demanding to see all correspondence between the telecom companies and various law enforcement agencies related to the 500 Block gang. If those documents reveal some kind of handshake deal that allowed prosecutors to obtain records without due process, then down the line, pieces of evidence could get excised.

More troubling, still, is the notion that law enforcement could use Hemisphere to monitor nonviolent networks — such as protest movements or Occupy groups. Taken out of the Drug War context, the program could, in fact, grease any type of investigation that involves a confederation of people with an agenda — it doesn't have to be violent, or even criminal. As Eckenwiler points out, a tool doesn't always come with instructions on how to use it. "A hammer can be used to drive nails into someone's house," he says, "or to bash someone's head in. The hammer itself doesn't distinguish."

The 500 Block Gang was an outcropping of the Cypress Park Locos, a Norteño clan that formed around a cluster of South San Francisco housing projects during the 1980s. Internal spats led several members to secede and create 500 Block.

Joseph Ortiz, whose street name was "Little Vicious," was initiated into the gang at age 11, in 2001. He was the youngest member of 500 Block dynasty. Ortiz's father, Michael — aka "Blackie" — was one of the original C Street members, according to the federal indictment. His older brother, Michael Ortiz Jr. — aka "Vicious" — also joined in 2001, but was "jumped out" in 2008 due to drug addiction. (The elder Vicious remained closely associated with the gang even after his membership was revoked.) Ortiz's mother, Tanya Rodriguez, aka "La China," and aunt Betty Ortiz also ran with 500 Block, and helped Joseph Ortiz evade police after the 2010 murders.

In other words, the 500 Block Gang was a close-knit group of family and friends who'd all grown up around the same housing project, and who came together to form an enterprise. It had antecedents in the criminal underworld, but it also operated like a small corporation, with a fairly solid cash-flow scheme and an intractable chain of command. According to court documents, the bulk of 500 Block's business was racketeering, which requires a high level of plotting and coordination — and scores of phone calls. Local and federal investigators initially sought phone records to figure out who was calling whom, and how often; they secured a wiretap to prove that the calls were facilitating a conspiracy rather than a conversation between friends.

One of the reasons wiretaps tend to be so useful for busting gangs or crime networks is that the criminals involved spend quite a lot of time talking on the phone. Finding an effective way to listen in on those calls is the only way to get unambiguous proof of a conspiracy in real time. It's a form of fly-on-the-wall surveillance that eats up months or years but isn't as risky as interrogating a snitch or busting a door down.

"Most gangs rely on a very communication-intensive pipeline for their operation," Eckenwiler says. And, he adds, much of that is done over the phone.

Investigators figured out how to intercept telephone communications almost as soon as the telephone was invented, in the 19th century, and U.S. courts spent much of the 20th century carving out rules for this powerful form of surveillance. In 1979, the Supreme Court ruled that an electronic searching device called a pen register — which traces all the phone numbers called from a particular line — didn't require a warrant under the Fourth Amendment, which prohibits unlawful search and seizure.

Thus, the call data collected by phone companies isn't constitutionally protected.

Though it seemed like a blip in constitutional history, that case — Smith v. Maryland — paved the way for an increasingly surveillance-oriented culture. And it only amplified after 9/11, which begat the Patriot Act, which gave the Justice Department leeway to dip into business records and sweep through e-mail in the name of protecting national security. Federal and state governments spent much of the next decade strengthening their power to spy or gather intelligence. And because the resulting spate of security laws coincided with the advent of social media, American citizens had already grown accustomed to being watched. Many of us had already begun assiduously broadcasting our lives to acquaintances — and advertisers — so the idea that cops could also be privy to it didn't seem that far afield.

It wasn't until Edward Snowden revealed a secret court order to Verizon, demanding that it furnish the NSA with all of its customer communications records, that people began grappling with the sheer scope of government surveillance.

Yet even as law enforcement and government agencies used technology to their advantage, so too did criminals become more shrewd and discerning. "One thing that law enforcement and anyone who's watched The Wire is aware of — criminals are very surveillance-conscious," Eckenwiler says. Gang members who engage in the type of conspiracies described in the 500 Block case typically use pre-paid "burner" phones, meaning they'll either throw the phones out and exchange them frequently, or use multiple phones in tandem.

"And if the target is smart — meaning he doesn't do something dumb like call the new phone from the old phone — then those practices make him much harder to track," Eckenwiler explains.

That's where Hemisphere comes in. While no one outside the program knows exactly how it operates, The New York Times report hints at a back-door arrangement: Law enforcement asks AT&T for troves of records with similar call patterns to discern whether they originated from the same person. That helps the cops make their subpoenas more refined and directed. Hemisphere also purports to have a special algorithm that matches every dropped phone to its new number.

The U.S. Attorney's office downplayed its use of Hemisphere in U.S. v. Ortiz, dismissing defense attorneys' claims as "speculation." But Oakland-based attorney David Andersen, who represents accused murderer and alleged 500 Block gang member Justin Whipple, says that documents he's seen suggest that AT&T and Metro PCS both disgorged phone records before they received any subpoenas from the courts — and that cops corresponded with a thing called "Hemisphere" to get them.

One of the biggest puzzles in the U.S. v. Ortiz case is a letter that the Daly City police sent to AT&T on April 15, 2011, requesting phone records for several of the defendants. It was followed by a subpoena issued from San Mateo Superior Court five days later. It seemed cops had asked the phone company to hand over phone-call information long before they had a signed order from a judge.

At the Dec. 20 hearing, prosecutor Wai Shun Wilson Leung insisted that investigators often give phone companies a heads-up to let them know they're about to receive a subpoena. And the letter was just that — a courtesy rather than an exhortation.

Defense attorney David Andersen wasn't buying it. He believes the letter — addressed to AT&T, Hemisphere Project, and a place called the Los Angeles Clearing House — was a means for the cops to launch a fishing expedition before they began their official probe.

"We suspect they're essentially tailoring subpoenas to information they've already obtained without the benefit of legal process," Andersen says. Thus, he continues, Hemisphere gives them that information, and then the cops go through and decide what's useful and what's not.

But those suspicions are hard to prove, namely because the phone company employees who work with Hemisphere have an edict to never allow information to be traced back to them. "Hemisphere says you can ask us for information, and we'll give it to you," Andersen explains. "But you can never use our name publicly — you just have to say you got the information by way of a subpoena to AT&T."

It's not even exactly clear whether Hemisphere is a brick-and-mortar office building where phone employees and narcotics detectives sit in adjacent cubicles, or whether it's just a set of rules. Nor has anyone transparently defined the Los Angeles Clearing House; in court documents, it's described, tautologically, as "a state agency that coordinates and facilitates communications involving state law enforcement agencies." Hemisphere's official training slides note that Los Angeles Clearing House coordinates the project, but a spokesman at the California Attorney General's office said he hadn't heard of the Clearing House. Calls to the Los Angeles Clearing House, whatever it is, were not returned.

To be fair, it might not shock the average citizen that the government uses a secret program to entrap criminal networks, or that it employs big data to make the program run more efficiently. But ACLU and EFF attorneys insist that if district court judges willingly condone Hemisphere, they'd give the government latitude to paw through any citizen's phone records, whether or not that person had been linked to a crime. The attorneys argue that Hemisphere raises just as many constitutional concerns as the NSA's mass call-tracking database.

Perhaps more: Because Hemisphere records divulge information about location that can't be gleaned from a mass-call database, the program appears to have a broader scope than other forms of surveillance.

Also disturbing, to Fakhoury and other civil liberties stalwarts, is the code of secrecy that Hemisphere uses to inure itself from judicial review — the logic being that no court can assess a program it doesn't know exists.

"The government shrouds its surveillance practices in secrecy," Fakhoury and ACLU attorney Linda Lye write, in a friend-of-the-court brief critiquing the program. "But that secrecy undermines democratic governance and prevents the federal courts from reviewing legally intrusive and unconstitutional forms of surveillance."

In October, four of the defendants in U.S. v. Ortiz — Whipple, Victor Flores, Benjamin Campos-Gonzalez, and Armando Acosta — subpoenaed Metro PCS, the Hemisphere Project, and the Los Angeles Clearing House to produce copies of all communication with law enforcement. Leung objected, contending that the defendants' attorneys — along with the EFF and the ACLU — were trying to use this case as a vehicle to gather more information about Hemisphere, so they could "turn it into a cause celebré."

But Judge Illston sided with the defendants.

The irony of a secret program being described as a "heads up" certainly wasn't lost on Lye, who attended the hearing as a spectator. "I loved that part," she exclaimed to an elevator full of listeners.

Washington peace activist Drew Hendricks was on a little fishing expedition of his own when he discovered the Hemisphere Project and decided to leak it to The New York Times. A long-time whistleblower who studies the mechanics of government surveillance partly from a sense of social obligation and partly out of curiosity, Hendricks was digging into a different government spying program — one used to track the movements of activists and protest leaders — when he stumbled upon Hemisphere. A "relatively inexperienced" public records officer sent the Hemisphere Project training slides by accident, attached to an e-mail that was being passed between gang investigators in the western states, Hendricks says.

The e-mail wasn't ostensibly related to the public-records search in question; it just got caught in a very wide net. But Hendricks says that when he read the missive, his interest was piqued.

The Hemisphere slides initially struck him as some kind of "special operation" protocol. "I thought it was special ops because it had a lot of the same language that law enforcement use when it's advising itself on how to keep stuff secret from judges," he explains. "Like the evidence used to make warrants."

But it turned out this was a new breed of procedural bypass, already 6 years old, but hitherto unreported. And Hendricks isn't convinced that it will remain solely a tool to bust gangs or narcotics rings. Nor does he think it will stay sealed off from the political realm.

"Keep in mind the FBI did something very similar to this in the 1950s, when J. Edgar Hoover was still in charge," Hendricks says, referring to one of the most famous historical periods of warrantless wiretapping. "They've definitely moved stuff off the books in the past."

It's conceivable that history could repeat itself. After all, Hendricks points out, the gang investigators who were distributing the Hemisphere slides were closely related to an Organized Crime Intelligence Unit in Washington, which passes around dossiers of known activists, Hendricks says. "Including people who aren't convicted of acts of political violence — just protest organizers who were seen by authorities as key figures who needed to be stopped."

Even if the program hasn't yet been directed at protest organizers, it seems to be routinely used, and so far unquestioned, in criminal proceedings. Just as advertisers meticulously track our browsing habits online through thousands of data point, governments pursue justice through oceans of information. And they now have the tools to paddle through it.

In fact, U.S. v. Ortiz isn't the only criminal case in San Francisco that's being stymied by a questionable phone records search. Just two floors down, in the same federal courthouse, the 20 co-defendants in U.S. v. Diaz-Rivera are accused of transporting and distributing bulk amounts of cocaine and methamphetamine from San Francisco to Seattle. To indict them, the government tracked more than 700,000 phone calls from about 600 different phone numbers, tracing their date, time, the direction from which they hit the cellphone tower, and sometimes, the approximate location of the phone.

Yet prosecutors from the U.S. Attorney's office only produced court orders for 52 of the phone numbers in question, according to a brief filed by the EFF and the ACLU.

In this case, the defense doesn't have any paper trail to show that San Francisco cops and DEA agents were communicating with AT&T before any subpoena was issued — they just see a lot of gaps in the record. "Ideally," Fakhoury says, "you should be able to draw a line between every phone record, and every order or subpoena — so that every piece of data has a request attached to it."

At a December hearing, prosecuting attorney Syed Waqar Hasib argued that it would be pointless — and extremely laborious — for the U.S. Attorney's office to produce administrative subpoenas for all 600 phone numbers. Yet he grudgingly agreed to pull together a complete record if the judge ordered one. (In January, Judge Elizabeth Laporte ordered the prosecution to provide subpoenas for five to 10 phone numbers.) Fakhoury and Lye believe his reluctance is just a cover-up. They think the prosecution knowingly built its case on evidence procured through Hemisphere and other controversial surveillance programs, such as "stingray" devices that act like miniature cellphone towers, scooping up information from wireless devices in the vicinity.

In an amicus brief filed in October, Fakhoury and Lye lay out their reasons for suspecting Hemisphere was deployed in U.S. v. Diaz-Rivera. The drug-trafficking ring in question spanned California and the Northwest — "exactly the geographic and subject-matter focus of the Hemisphere project," they write — and most of the 700,000 call data records procured have no subpoena attached. But the real clincher, they say, is that in this investigation, federal agents quickly identified burner phones as targets — suggesting they did the kind of back-end phone records analysis that's enabled by the Hemisphere Project.

Meaning the cops pored through phone records to find those "fingerprints" of calling behavior, and traced the patterns to 20 individuals.

"The fact that the government's affidavits nowhere mention Hemisphere or other surveillance programs is not surprising," Fakhoury and Lye write. As the training slides indicate, "All requestors are instructed to never refer to Hemisphere in any official document" — just as DEA agents who harvest information from NSA surveillance are supposed to ascribe it to some other source, even if they have to independently re-create the investigation.

It would seem the people hired to track other people's trails take pains to conceal their own.

No one has yet proven that investigators used Hemisphere to launch their indictment in U.S. v. Diaz-Rivera the way they apparently did in U.S. v. Ortiz. The outcome of the December hearing is still pending, and it may require several rounds of hearings before the defense can prove a Fourth Amendment violation and get evidence tossed out — if that's even possible. But if Fakhoury and Lye's theories are correct, then San Francisco may have become a new world stage for the data collection and civil liberties debate. The notion of two concurrent Hemisphere prosecutions in one city also illustrates how common the program might be. It could be standard operating procedure in federal investigations, even if the feds emphatically deny its existence.

Fakhoury shies away from blanket judgments about the program's prevalence, especially given how little he know about it. "What I will say is that law enforcement routinely uses cell phone records in big complex criminal cases... and Hemisphere facilitates access," he says. It doesn't afford the all-hearing power of wiretap, but it's obviously a potent tool. And because it delegates broad investigative duties to telecom workers who aren't versed in statutory law, it could be dangerous.

Eckenwiler has seen plenty of cases in which a phone company blindly hands over records that it should have kept private.

"I certainly saw this from time to time while I was at the Department of Justice," he recalls. "It's sort of like saying 'Jump,' and the recipient asks 'How high?' while they're on the way up."

If a company like AT&T oversteps its bounds — which seems a lot more likely in a Hemisphere Project search than in more traditional searches — then it becomes vulnerable to a lawsuit. Or it could be at least partly liable for hampering a massive drug or gang prosecution.

That won't help Joseph Ortiz, the 500 Block gang leader who will spend the rest of his life in jail. But it could weaken the cases against some of his associates. After the Dec. 20 hearing in U.S. v. Ortiz, Judge Illston issued an order compelling prosecutors to hand over all their correspondence with phone companies. If Andersen's suspicions are correct, those missives could constitute a breakthrough for the defense. They could also reveal volumes about modern criminal investigations.

If Illston and other U.S. District Court judges decide to jettison evidence procured through Hemisphere, then the government might have to refine its approach. Or, if judges start upholding Hemisphere evidence, they might empower the government to search deeper into our personal information.

Fakhoury believes that the courts may have to draw sharper privacy boundaries — and even reconsider prior rulings — at a time when technology is moving much faster than the law. Smith v. Maryland, the 1979 Supreme Court case that stripped phone calls of certain fundamental privacy protections, was decided in an era when people still used land lines, and had no Internet — so even the most thorough phone records search only represented a small snapshot of a person's activity — nothing like the fine-tuned fingerprint that phone records reveal today.

"There's just no way the judges at that time could have anticipated what's happening today," Fakhoury says. "Now the data trail we're generating is way greater, and they know where you are when you've gone outside your house... and the government just has direct access to everyone's phone-data stream and can get into it willy nilly."

And, he says, phone companies are doing whatever they can to help connect the lines.

Show Pages
My Voice Nation Help

What is VERY key about this article is - like every other policing "innovation" tried out on the worst-of-the-worst™ in "extremely limited" situations, it will inevitably become the routine go-to tool in law enforcement's quiver.

You can't invest millions without trying to amortize its costs. You can't justify these vast sums for "only" less than a score of worst-of-the-worst™ bad guys. You can't get additional funds - or even keep an existing program running at current levels - without new worst-of-the-worst™ bad guys to target. Or even, meh-of-the-meh college protesters, former Occupiers or folks unsure whether gentrification should be allowed to be an unrestrained hurricane stripping San Francisco's soul bare with nary a complaint or picket.

Remember a decade past when we'd see armored police using military tactics and armored personnel carriers to perform the simplest tasks and think, "What a horrible country; lucky it's not here."? Now everyone -or someone's grandmother next door - potentially abusing a Medical Marijuana permit faces these full-throttle, military-grade tactics. Same with Asset Forfeiture laws. Coming soon, same with aerial drones. Etc. 

Today it's a bunch of crack-dealing, meth-slinging murderers. The very same Hemisphere technology will DEFINITELY be used for the next protest, the next net-based defense of the next Edward Snowden or the next peaceful demonstration suggesting perhaps - just perhaps - the needs and concerns of us 99% might also be considered when setting policies and enacting laws.

Nip it now, before it's you in its crosshairs.


This technology successfully helped send three SF murderers to prison for life... They are detailed in a previous story by the SFWeekly entitled "The Dark Prince".  The whole story can be found at Until Someone Gets Hurt dot com.  If it helps puts the bad guys away, then I say use it!!!

Federale topcommenter

LOL, liberals and immigrant drug gangs working together to spread drugs and crime.  

Prachi Singh
Prachi Singh

Arpan Bajaj I thought this was you for a sec hahah

San Francisco Concert Tickets
©2014 SF Weekly, LP, All rights reserved.