The AT&T facility at 611 Folsom St. is so stark and blocky that it makes a row of trees outside look shockingly iridescent in contrast. But inside, the facility buzzes with chatter — or vestigial traces of chatter — from millions of phone calls, instant messages, and e-mails that AT&T subscribers send over the wires each day.
Behind the facility's concrete walls is a warren of rooms and corridors, each lined with cables and optic fibers and electronic routers, each named for its discrete purpose. The "4ESS Switch Room" routes long-distance calls that course through the network machinery; the "WorldNet Internet Room" is piled high with routers, modems, and other telecom equipment, through which electronic missives are transmitted. The most perplexing addition, a secret cubby called the SG3 Secure Room, is accessible only to approved AT&T employees. According to court documents, it contains several types of advanced computing gadgetry, including a device known as a Narus Semantic Traffic Analyzer (the "Narus STA"), which analyzes massive amounts of telecom data at unimaginable speeds.
The Narus STA is just one tool that AT&T allegedly uses to pipe consumer data over to the National Security Agency, the federal arm that designed and built AT&T's SG3 Secure Room in 2003. It turns out the government has long collected and sorted through the phone data of regular telecom customers, via a process that privacy advocates say is unconstitutional. Lawyers from the San Francisco-based Electronic Frontier Foundation are fighting two cases against the NSA for its data-sweep operations with phone carriers, many of which are just coming to light.
These lawsuits — one filed on behalf of ordinary AT&T subscribers, the other on behalf of organizations whose phone records and metadata are "bulk-collected" by various telecom carriers — have turned San Francisco's federal courthouse into a battlefront where an improbable coalition of gun enthusiasts, Unitarian churches, charity organizations, and regular cellphone users has coalesced to fight a bogeyman it can't see, even though it feels its presence everywhere. Because of the nature of the enemy — a government specter whose whole purpose is to hoard and withhold information — these cases might be unwinnable. The secret room might not exist.
Still, the plaintiffs fight on.
Among them is Calguns Foundation co-founder Gene Hoffman, who says that fear of metadata collection has a chilling effect on his group.
"Look, gun owners are a paranoid bunch," Hoffman says. "You can imagine our members who want to ask questions that were always safer to ask over the phone than over e-mail. Questions like, 'I've built my AR-15 this way — is that a problem?' And now with metadata, they're worried that what they inquired could be used against them."
He pauses a beat. "And those are the rational ones."
EFF lawyers took on both cases — Jewel v. NSA and First Unitarian Church of Los Angeles v. NSA — in the hope of obtaining a court injunction that might curb bulk-data collection altogether. In the meantime, though, they've been stonewalled by government lawyers who won't disgorge enough evidence for the cases to be tried.
Jewel and First Unitarian are being heard together, for efficiency purposes. Nonetheless, the litigation has dithered on for years — long enough for one plaintiff to die and bequeath the case to his widow, and for famed whistleblower Edward Snowden to make NSA surveillance an international cause célèbre. Public pressure has only made the NSA more secretive and more protective of its data cache.
In a filing March 17, its legal team suggested that the particular data EFF is looking for might no longer exist. Department of Justice attorneys claim that they have a legal obligation to destroy all phone records after five years, whether or not they're germane to the plaintiffs' complaints.
That put the EFF's lead attorney, Cindy Cohn, in an awkward position. At an emergency court hearing last Wednesday, she exhorted the federal agency with a paradox: to preserve data she thinks it never should have obtained in the first place.
"It's somewhat ironic for me," Cohn told District Court Judge Jeffrey White during the hearing. "But I think there's a little irony on the other side, as well."
Government lawyer James Gilligan argued, to the contrary, that it's an undue burden for NSA officials to retain data beyond the five-year mark. After all, they're already overwhelmed by all the data they collect on a day-to-day basis.
But there's the rub, Cohn says. The agency has told plaintiffs that if they want to sue for inappropriate bulk-collection of phone records, they have to produce those records. And the NSA has made producing them impossible.
Former AT&T technician Mark Klein, who became an NSA whistleblower after leaving the company in 2004, says the agency often uses these types of red herrings to derail litigation.
"I know their usual tack is to claim you can't prove you've been harmed," Klein says. "So you just go around in this tautology." To him, Gilligan's argument that the agency can't retain relevant data to prove that it collects data — because it's already overtaxed by data collection — seems uncannily similar. Klein recalls a joke going around in the '70s, that the letters "NSA" stood for "No Such Agency," because agency workers were so quick to deny their office's existence.
A year before retiring, Klein says he was assigned to work in an Internet room in AT&T's Folsom Street facility that sat right above the SG3 Secure Room. The Internet Room had a cabinet, he recalls, that contained a powerful prismatic device.
That device — called a splitter — sliced through every data-rich Internet laser beam that traversed AT&T's servers, creating an exact duplicate.
"Each half carried the same information," Klein says. "Except that one went to its normal destination, and one went to the secret room. So basically, they were copying all the data that went across the Internet."
In 2006, Klein helped the EFF sue AT&T over the secret room. The suit was ultimately dismissed when the government invoked its "state secret" privilege, which would turn out to be a typical Catch-22-style defense: We can't show it to you, so you can't prove it's there. Battling the phone service-security complex meant fighting a series of paradoxes.
Unwavering in his crusade, Klein says he tried appealing to Sen. Dianne Feinstein — who chairs the Intelligence Committee. But she wouldn't grant him an audience. In 2008, Feinstein and then-Sen. Barack Obama helped Congress pass legislation that granted legal immunity to any phone service carrier that cooperates with NSA wiretapping programs. It wasn't until this month, when Feinstein realized that her own staff was being spied on, that the senator openly chastened the executive branch.
Still, the court battles slog on. By the time last week's two-hour hearing recessed, it seemed doubtful that Cohn would ever gather the evidence to bolster her clients' complaints. Judge White had offhandedly described Snowden and other whistleblowers as "treasonous," suggesting he didn't sympathize with EFF's political line.
But evidently, he wasn't persuaded by government lawyer Gilligan's argument, either. Issuing a tentative order from the bench, White said he's inclined to compel preservation of any phone record that could serve as evidence. He also extended a restraining order to prevent the government from purging phone records that are more than five years old. The two parties will continue debating over the next several weeks.
Meanwhile, more data will course through the routers and fiber-optic cables of AT&T and other service providers, providing the NSA with bigger oceans to paddle through. If the Folsom Street facility seems lifeless, rest assured that millions of conversations are happening within its walls.