Senator Marsha Blackburn (R-Tenn.) recently wrote to the CEOs of AT&T, T-Mobile, and Verizon to ask why they had complied with subpoenas seeking phone toll records from her and other Republican senators. Senator Blackburn said the FBI had gotten call metadata for the period of Jan. 4–7, 2021.
For those not familiar with the term, metadata for telephone calls are records that a call was made, which includes the called and calling party and the time and duration of the call. Telephone companies don’t listen to or record the content of voice calls.
Today’s blog looks at telephone company rules for retaining data and responding to subpoenas.
Record Retention. Federal law and FCC rules require telephone companies to retain call records for at least 180 days. Many telcos hold call metadata longer.
There are no specific rules for the retention of text messages, and each carrier has a different policy. For example, AT&T says it doesn’t store the content of text messages. Verizon says it keeps the content of texts for 3-5 days. Most cell carriers keep the metadata for texts for longer periods, like is done with voice calls.
When you hear about court cases that use text messages as evidence, or stories in the press about text message content, the content of the text messages comes from the cellphones of one of the parties to a text. Your phone will typically keep the details of your text messages for years unless you delete them.
ISPs in the U.S. are not required to retain customer browsing data or emails. Browsing data shows the websites a user has visited and the time and duration of a connection. ISPs typically don’t try to retain encrypted web searches. Most ISPs retain browsing history or email details for a limited time, often up to several months. If an ISP still has the data, it’s likely that they would respond to a valid subpoena and produce it. Some ISPs permanently keep records of when a customer is online or offline and the amount of data consumed.
ISPs and telcos typically retain other customer data like billing records or trouble logs, often for many years.
Responding to Subpoenas. Federal and state laws require telephone companies to provide call records to law enforcement or other government entities when requested by a valid subpoena, court order, or search warrant. In the case of Senator Blackburn, AT&T, T-Mobile, and Verizon were required by law, and by longstanding common practice, to comply with a subpoena from the FBI.
Carriers are allowed to challenge a subpoena. For example, a carrier might refuse a subpoena that is not properly addressed or that lacks the proper signatures. A carrier might refuse to comply with a subpoena that was issued in a State that has no jurisdiction over where the phone records are stored. Carriers might refuse to comply if satisfying the subpoena is too burdensome or costly. But carriers respond to most subpoenas.
Wiretaps. Wiretaps occur when law enforcement wants to either listen to live voice calls or intercept broadband usage and must be obtained through a subpoena. In some cases, this is done using federal CALEA law, but can also come from a direct subpoena or court order. Most typically, law enforcement will ask to have call or data streams forwarded to them, and the ISP doesn’t do the monitoring.
Fascinating… ~R
we send the rare subpoena to legal. also, we keep basically zero data that doesn’t have to do with network management, ie individual connection details are gone as soon as that connection is closed and we just track total bytes. unless a ‘wire tap’ subpoena comes in and in that case, we use a CALEA tool to grab src/dst data and that’s it.
For an operation our size those are extremely rare though. The supreme court already deemed that an IP address alone wasn’t identifying data and that basically ended us getting subpoenas of any kind. We had a good number of subpoenas regarding piracy but literally haven’t had one in years now. I’ve heard of some other small operators getting them recently but often for data that an ISP typically doesn’t, or probably shouldn’t be collecting and storing.
this is a bit of a danger zone, because ISP operators really don’t want to be in the middle of any of this but also see and agree with the need to collect data for a criminal situation. Hard to solve both problems. The ‘best’ middle ground is likely the CALEA wire tap via subpoena.