Docs Reveal Hundreds of US Agencies Spying on Americans' Money Transfers
"Ordinary people's private financial records are being siphoned indiscriminately into a massive database, with access given to virtually any cop who wants it," said the ACLU's Nathan Freed Wessler.
"These records paint a damning portrait of government overreach."
That's how Nathan Freed Wessler, deputy director of the ACLU's Speech, Privacy, and Technology Project, and Fikayo Walter-Johnson, a former paralegal with the project, introduced over 200 documents obtained via public records request and released Wednesday on the civil liberties group's website.
The national ACLU and its Arizona arm sought the records after U.S. Senate Finance Committee Chair Ron Wyden (D-Ore.) revealed last year that "Homeland Security Investigations (HSI), a law enforcement component of the Department of Homeland Security (DHS), was operating an indiscriminate and bulk surveillance program that swept up millions of financial records about Americans."
Following a February 2022 briefing with senior HSI personnel, Wyden wrote a March letter urging DHS Inspector General Joseph Cuffari to launch a probe into the Transaction Record Analysis Center (TRAC)—a nonprofit created as a result of a settlement between the Arizona attorney general's office and Western Union, a financial services company that fought in state court against the AG's attempt to obtain money transfer records.
\u201cThis broad collection of our personal data raised privacy concerns, so we submitted a public records request to learn more.\n\nWhat we found is extremely alarming.\u201d— ACLU (@ACLU) 1674045961
As the ACLU released records about TRAC, Wyden on Wednesday shared a new letter requesting that "the Department of Justice (DOJ) Office of Inspector General (OIG) investigate the Federal Bureau of Investigation (FBI) and Drug Enforcement Administration's (DEA) relationship" with the Arizona-based clearinghouse.
"My oversight activities over the past year have uncovered troubling information, revealing that the scale of this government surveillance program is far greater than was previously reported," Wyden wrote to DOJ Inspector General Michael Horowitz.
"Between October and December of 2022, my office received information from three other money transfer companies—Euronet (RIA Envia), MoneyGram, and Viamericas—which confirmed that they also delivered customer data in bulk to TRAC, in response to legal demands from HSI and other governmental agencies," the senator divulged.
Some customs summonses—a form of subpoena—applied to transfers of $500 or more between any U.S. state and 22 other countries and one U.S. territory. Those summonses were withdrawn "just 10 days after HSI had briefed my staff" in February, Wyden noted, adding that HSI has not yet scheduled his requested follow-up briefing.
\u201c"Hundreds of federal, state and local U.S. law-enforcement agencies have access without court oversight to a database of more than 150M money transfers"\n\nWyden: TRAC is "an all-you-can-eat buffet of Americans\u2019 personal financial data"\n\nhttps://t.co/Z84CnUfnIp\u201d— Alex Gladstein \ud83c\udf0b \u26a1 (@Alex Gladstein \ud83c\udf0b \u26a1) 1674064852
Summarizing the documents acquired by the ACLU, Freed Wessler and Walter-Johnson wrote:
From 2014 to 2021, Arizona attorneys general issued at least 140 administrative subpoenas to money transfer companies, each requesting that the company periodically provide customer transaction records for the next year. Those subpoenas were issued under the same state statute that the Arizona Court of Appeals held in 2006 could not be used for these kinds of indiscriminate requests for money transfer records. This means the Arizona attorney general's office knowingly issued 140 illegal subpoenas to build an invasive data repository.
The documents we obtained reveal the enormous scale of this surveillance program. According to the minutes of TRAC board meetings we obtained, the database of people's money transfer records grew from 75 million records from 14 money service businesses in 2017 to 145 million records from 28 different companies in 2021. By 2021, 12,000 individuals from 600 law enforcement agencies had been provided with direct log-in access to the database. By May 2022, over 700 law enforcement entities had or still have access to the TRAC database, ranging from a sheriff's office in a small Idaho county, to the Los Angeles and New York police departments, to federal law enforcement agencies and military police units.
As Freed Wessler told The Wall Street Journal, which exclusively reported on the materials, "Ordinary people's private financial records are being siphoned indiscriminately into a massive database, with access given to virtually any cop who wants it."
The Journal also spoke with TRAC director Rich Lebel, who "said the program has directly resulted in hundreds of leads and busts involving drug cartels and other criminals seeking to launder money," and "because money services companies don't have the same know-your-customer rules as banks, bulk data needs to be captured to discern patterns of fraud and money laundering."
According to the newspaper:
Mr. Lebel said TRAC has never identified a case in which a law enforcement official has accessed data improperly or the database has been breached by outsiders. The program has seen an increase in use in recent years because of the surging opioid crisis in the U.S., he said.
Law-enforcement agencies use TRAC's data to establish patterns in the flow of funds suspected of being linked to criminal activity, Mr. Lebel said, and the more comprehensive the data, the better the analysis. TRAC manages data that law enforcement provides, he said, and what it is receiving and storing is often in flux.
While declining to discuss TRAC's funding, Mr. Lebel said the nonprofit was originally stood up with money from the Western Union settlement that has since been exhausted. Mr. Wyden and others have said TRAC is federally funded.
Wyden wrote in his letter to Horowitz that "this unorthodox arrangement between state law enforcement, DHS, and DOJ agencies to collect bulk money transfer data raises a number of concerns about surveillance disproportionately affecting low-income, minority, and immigrant communities."
"Members of these communities are more likely to use money transfer services because they are more likely to be unbanked, and therefore unable to send money using electronic checking or international bank wire transfers, which are often cheaper," he explained. "Moreover, money transfer businesses are not subject to the same protections as bank-based transactions under the Right to Financial Privacy Act."
The senator's office said Wednesday that he "is working on legislation to close legal loopholes and ensure people who use money transfer services have the same privacy as those who use banks or money transfer apps."
Freed Wessler and Walter-Johnson also highlighted that "because members of marginalized communities rely heavily on these services rather than traditional banks, the burden of this government surveillance falls disproportionately on those already most vulnerable to law enforcement overreach."
"The government should not be allowed to abuse subpoenas and sweep up millions of records on a huge number of people without any basis for suspicion," the pair argued. "This financial surveillance program is built on repeated violations of the law and must be shut down."