SHARE



ABOUT THE AUTHOR


Martha Buyer
Martha Buyer is an attorney whose practice is limited to the practice of telecommunications law. In this capacity, she has...
Read Full Bio >>
SHARE



Martha Buyer | December 15, 2016 |

 
   

Hacked Recordings Put Inmate Calling Systems on Trial

Hacked Recordings Put Inmate Calling Systems on Trial The twists and turns that occur in the telecom legal world are varied and fascinating.

The twists and turns that occur in the telecom legal world are varied and fascinating.

Most telecom litigation doesn't make for great cocktail party patter (and it is that season), but the case I read about last week is not only interesting, but appropriate for all audiences. Most importantly, it shines a bright light onto an oft-ignored regulatory realm for communications law junkies. Prepare to be captivated.

Aaron Hernandez was a member of the New England Patriots from 2010 through 2012. Over the course of his three-season career, he played in 38 games and had a total of 175 receptions for gain of 1,956 yards, 11.2 yards on average per reception. That's where the good news for him ends. In 2015, Hernandez was convicted in the 2013 shooting death of a friend in North Attleboro, Mass., and sentenced to life in prison without the possibility of parole. He is awaiting trial in another murder, reportedly the result of a 2012 drive-by shooting that occurred because Hernandez believed he had been disrespected by a patron in a Boston nightclub.

In 2016, Hernandez sued inmate calling provider Securus Technologies, claiming that the company's records had been hacked and three of his phone conversations exposed. Apparently, however, none of the hacked Hernandez calls were with his attorneys, and as an incarcerated person, he has no expectation of privacy on any calls but those made to or received from his attorneys. Much more troublesome is the hack and exposure of the contents of Securus call recordings between other clients and their attorneys.

First, a bit of a primer on the inmate call hacking problem, which was initially published by The Intercept, an online publication started in 2014 by First Look Media, the news organization created and funded by eBay founder Pierre Omidyar. In its own words, the publication is a platform to report on the documents released by Edward Snowden in the short term, and to "produce aggressive, adversarial journalism across a wide range of issues" in the long term. The original piece on the Securus security breach ran in November 2015. The article made public that an anonymous hacker believed Securus's operations violated the constitutional rights of inmates, and leaked via SecureDrop not only information covering more than 70 million records of phone calls made from prisoners to others located in 37 states, but included at least 14,000 actual recordings of calls between inmates and attorneys.

This breach has created a number of problems for Securus, not to mention those imprisoned customers whose attorney-client privileges were breached in clear violation of the law. Recording of inmate calls is a relatively recent thing, as prisons seek to find new ways to monitor who's saying what to whom. Certainly, prisoners are made aware that calls may be recorded and monitored. However, calls between attorneys and clients have always been sacrosanct, with attorneys registering their phone numbers so that the system provider can -- should -- block recording of such calls.

Compounding the number identification issue is that attorneys often call prisoners on mobile devices that may not be registered with the prison's phone system, thus not triggering the "no recording" obligations. This particular problem is not limited to Securus, and creates challenges for its competitors as well. But no other provider has been hacked with its records breached in such a significant -- and harmful -- way. As a provider, Securus has claimed that it meets high standards for the security of its information. For the past year, however, Securus has been aware of its exposure. Nonetheless, it's still selling systems.

Providers of inmate calling systems have long imposed costly user fees, making calls from prisoners to the outside world ridiculously expensive. Within the past few months, the FCC has taken action to cap most per-minute call fees, but litigation brought by the providers of these systems has put the newly proposed caps on hold. Instead, and until the courts can find an equitable solution, current price caps apply only to interstate long-distance calls -- rates for neither in-state long distance nor local calls are protected from price gouging. The rates are 21 cents a minute for debit/prepaid interstate calls, and 25 cents a minute for interstate collect calls. Since the average cost/minute for non-operator assistance calls is less than 20% of these rates, everyone except the vendors of these services, along with the facilities that receive revenue streams used to fund other programs on the backs of those people making calls, look forward to the day when rates are capped at reasonable rates across the board.

The bottom line is this. Making calls into and out of correctional facilities is not only costly, but despite strong claims to the contrary, vendors of these services are vulnerable if the records they claim to be secured from outside access are hacked and accessed. Although prisoners do not have a guaranteed right to privacy, they are guaranteed an absolute attorney-client privilege, which has been clearly violated with this massive breach on two levels. First, attorney calls should never be recorded. Period. Secondly, if they are illegally recorded, and if confidential communication between attorneys and clients is no longer confidential, the service providers that have sold their systems as meeting required standards have failed miserably, which will result in significant costs to inmates, correctional facilities, attorneys, and the judicial process as a whole.

As for Aaron Hernandez, he's got much bigger problems than the fact that three of his calls -- none to his legal representatives -- were hacked and the contents of those calls accessed. However, to his credit, his lawsuit against Securus, which was moved to federal court in Massachusetts in November, should serve to draw additional attention to the vulnerabilities of inmate call recordings.





COMMENTS



Enterprise Connect Orlando 2017
March 27-30 | Orlando, FL
Connect with the Entire Enterprise Communications & Collaboration Ecosystem


Stay Up-to-Date: Hear industry visionaries in Keynotes and General Sessions delivering the latest insight on UC, mobility, collaboration and cloud

Grow Your Network: Connect with the largest gathering of enterprise IT and business leaders and influencers

Learn From Industry Leaders: Attend a full range of Conference Sessions, Free Programs and Special Events

Evaluate All Your Options: Engage with 190+ of the leading equipment, software and service providers

Have Fun! Mingle with sponsors, exhibitors, attendees, guest speakers and industry players during evening receptions

Special Offer - Save $200 Off Advance Rates

Register now with code NOJITTEREB to save $200 Off Advance Rates or get a FREE Expo Pass!

April 5, 2017

Its no secret that the cloud offers significant benefits to enterprises - including cost reduction, scalability, higher efficiency, and more flexibility. If your phone system and contact center are

March 22, 2017

As today's competitive business environments push workforces into overdrive, many enterprises are seeking ways of streamlining workflows while optimizing productivity, business agility, and speed.

March 8, 2017

Enterprise IT's ability to innovate is critical to the success of the business -- 80% of CIOs agree. But the CIO role has never been more challenging than it is today, with rising operational respo

March 23, 2017
Tim Banting, of Current Analysis, gives us a peek into what the next three years will bring in advance of his Enterprise Connect session exploring the question: Will there be a new model for enterpris....
March 15, 2017
Andrew Prokop, communications evangelist with Arrow Systems Integration, discusses the evolving role of the all-important session border controller.
March 9, 2017
Organizer Alan Quayle gives us the lowdown on programmable communications and all you need to know about participating in this pre-Enterprise Connect hackathon.
March 3, 2017
From protecting against new vulnerabilities to keeping security assessments up to date, security consultant Mark Collier shares tips on how best to protect your UC systems.
February 24, 2017
UC analyst Blair Pleasant sorts through the myriad cloud architectural models underlying UCaaS and CCaaS offerings, and explains why knowing the differences matter.
February 17, 2017
From the most basics of basics to the hidden gotchas, UC consultant Melissa Swartz helps demystify the complex world of SIP trunking.
February 7, 2017
UC&C consultant Kevin Kieller, a partner at enableUC, shares pointers for making the right architectural choices for your Skype for Business deployment.
February 1, 2017
Elka Popova, a Frost & Sullivan program director, shares a status report on the UCaaS market today and offers her perspective on what large enterprises need before committing to UC in the cloud.
January 26, 2017
Andrew Davis, co-founder of Wainhouse Research and chair of the Video track at Enterprise Connect 2017, sorts through the myriad cloud video service options and shares how to tell if your choice is en....
January 23, 2017
Sheila McGee-Smith, Contact Center/Customer Experience track chair for Enterprise Connect 2017, tells us what we need to know about the role cloud software is playing in contact centers today.