(C) Common Dreams
This story was originally published by Common Dreams and is unaltered.
. . . . . . . . . .



How the Arizona Attorney General Created a Secretive, Illegal Surveillance Program to Sweep up Millions of Our Financial Records [1]

['Fikayo Walter-Johnson', 'Nathan Freed Wessler', 'Former Paralegal', "Aclu'S Speech", 'Privacy', 'Technology Project', 'Deputy Director', 'Aclu Speech']

Date: 2023-01-18 12:30:59+00:00

Sen. Wyden’s revelation left significant questions about the scope and legality of this program unanswered, so the ACLU and the ACLU of Arizona submitted a public records request to the Arizona attorney general’s office to learn more. Today, we are sharing more than 200 documents that shed light on this mass surveillance of Americans’ sensitive financial data.

Last year, Sen. Ron Wyden raised alarms about one of the largest government surveillance programs in recent memory. Sen. Wyden revealed that the Arizona attorney general’s office, in collaboration with the Phoenix Field Office of the Department of Homeland Security’s Homeland Security Investigations, had engaged in the indiscriminate collection of money transfer records for transactions exceeding $500 sent to or from Arizona, California, New Mexico, and Texas, as well as to or from Mexico. Any time anyone in the U.S. used companies like Western Union or MoneyGram to send or receive money to or from one of these states or Mexico — whether to send a remittance home, or help a relative with an emergency expense, or pay a bill — a record of their transaction was deposited into a database controlled by the Arizona attorney general and shared with other law enforcement agencies.

The records show the state of Arizona sending at least 140 illegal subpoenas to money transfer companies to compel them to turn over customers’ private financial data, amassing it in a huge database and giving virtually unfettered access to thousands of officers from hundreds of law enforcement agencies across the country. The database, run by an organization called the Transaction Record Analysis Center (TRAC), contained 145 million records of people’s financial transactions as of 2021, and we have reason to believe it’s still growing.

Western Union, MoneyGram, and other financial services companies often serve people who otherwise may not have access to bank accounts or traditional financial services, such as immigrant workers sending money back home to their families and people without credit scores. Because members of marginalized communities rely heavily on these services rather than traditional banks, the burden of this government surveillance falls disproportionately on those already most vulnerable to law enforcement overreach.

Further, the secrecy surrounding law enforcement access to the TRAC database has far-reaching implications for people who are accused of crimes based on this data but may not have learned it was used to investigate them. We now know of three criminal prosecutions involving TRAC records, but that is surely a tiny fraction, and criminal defense attorneys and judges need to know more.

This bulk law enforcement surveillance practice traces back to 2006. That year, the Arizona attorney general attempted to identify money transfers related to illegal activity and decided to issue administrative subpoenas to Western Union seeking information on all money transfers for more than $300 to or from a particular state in Mexico. Western Union — one of the world’s largest money-transfer businesses — resisted the requests, and a state appellate court held that the subpoenas violated Arizona law because they were overbroad and represented a bid for “limitless” investigative power. Unsatisfied, the Arizona attorney general sued Western Union under a state anti-money laundering law, and in 2010 the two sides reached a settlement. Western Union agreed to turn over records of all money transfers exceeding $500 to or from the Southwest border states and to or from Mexico for the next four years.

The parties signed a second settlement agreement in 2014, which both continued the requirement that Western Union turn over customer records, and also established TRAC, a nominally independent organization that would house all the records. In fact, TRAC was funded through hundreds of thousands of dollars in payments from Western Union and controlled by the Arizona attorney general’s office.

When the second settlement agreement expired in 2019, the Arizona attorney general’s office turned to the Department of Homeland Security, which started issuing subpoenas to Western Union and directed the company to continue turning customers’ sensitive financial records over to TRAC. We now know that those subpoenas are illegal under federal law, and once Sen. Wyden raised questions about their use in early 2022, DHS withdrew them.

But it wasn’t just Western Union. Sen. Wyden reported that dozens of other companies were also sending customers’ money transfer information to TRAC, but there was little public information about which companies, how this was happening, or why — until now.

Early reporting described the disclosures to TRAC by money transfer companies other than Western Union as “voluntary.” We now know that’s not quite right.

From 2014 to 2021, Arizona attorneys general issued at least 140 administrative subpoenas to money transfer companies, each requesting that the company periodically provide customer transaction records for the next year. Those subpoenas were issued under the same state statute that the Arizona Court of Appeals held in 2006 could not be used for these kinds of indiscriminate requests for money transfer records. This means the Arizona attorney general’s office knowingly issued 140 illegal subpoenas to build an invasive data repository.

The documents we obtained reveal the enormous scale of this surveillance program. According to the minutes of TRAC board meetings we obtained, the database of people’s money transfer records grew from 75 million records from 14 money service businesses in 2017 to 145 million records from 28 different companies in 2021. By 2021, 12,000 individuals from 600 law enforcement agencies had been provided with direct log-in access to the database. By May 2022, over 700 law enforcement entities had or still have access to the TRAC database, ranging from a sheriff’s office in a small Idaho county, to the Los Angeles and New York police departments, to federal law enforcement agencies and military police units.

[END]
---
[1] Url: https://www.aclu.org/news/privacy-technology/how-the-arizona-attorney-general-created-a-secretive-illegal-surveillance-program?initms_aff=nat&initms_chan=soc&utm_medium=soc&initms=230118_blog_tw&utm_source=tw&utm_campaign=&utm_content=230118_privacytechnology_blog&ms_aff=nat&ms_chan=soc&ms=230118_blog_tw

Published and (C) by Common Dreams
Content appears here under this condition or license: Creative Commons CC BY-NC-ND 3.0..

via Magical.Fish Gopher News Feeds:
gopher://magical.fish/1/feeds/news/commondreams/

You are viewing proxied material from magical.fish. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.