Securus

Audio readout of this entry.

Overview

Securus is the principal US prison-telephone-services platform — the product line of Securus Technologies (founded 1986; a subsidiary of Aventiv Technologies following the November 2019 corporate rebrand of the prior Securus Technologies parent corporation under continued Platinum Equity private-equity ownership). The US correctional-phone-services market is functionally a duopoly: Securus and its competitor GTL Communications / ViaPath Technologies operate equivalent infrastructure across substantially every major US correctional jurisdiction.

The broader institutional question Securus raises is how private-sector vendor-deployed surveillance infrastructure interacts with the Fourth Amendment framework. The disclosed pattern of Securus operations has produced ongoing argument that private-sector vendors provided government clients with operational surveillance capabilities the government clients could not have conducted directly without warrant authority — laundering warrant-required collection through a commercial vendor.

Origins and corporate history

Securus Technologies was formed in 2004 through the merger of two predecessor companies: T-Netix (founded 1986 in Englewood, Colorado as Tele-Matic Corp.) and Evercom (a separate corporate line founded in the late 1990s). The combined entity was organised under Securus Holdings and operated under the Securus Technologies brand from 2004.

The corporate history of Securus has included multiple ownership transitions: H.I.G. Capital (2004–2011); Castle Harlan (2011–2013); ABRY Partners (2013–2017); and Platinum Equity from 2017 to the present. In 2018 a proposed Securus acquisition of ICSolutions was withdrawn under US Department of Justice Antitrust Division pressure. In November 2019 the parent corporation rebranded to Aventiv Technologies, retaining Securus Technologies as a subsidiary brand operating the prior infrastructure.

The platform's product line has grown across the post-2010 period from its core prison-phone-recording infrastructure into adjacent operational categories — tablet-deployment programmes for inmates, electronic-monitoring infrastructure for released-offender populations, video-visitation-and-call infrastructure, and additional related products. The disclosed 2018 location-tracking-aggregator scheme represented an expansion into mobile-location-tracking surveillance — a meaningfully broader institutional positioning than the platform's prior correctional-phone-services scope.⁹

Prison-phone recording and monitoring

The platform's core operation is the recording and monitoring of inmate-initiated phone calls. Securus operates the phone system in the deployed correctional facility under contract; inmate-initiated calls traverse the Securus infrastructure; the recorded categories include call content (the audio of the call), call metadata (called number, duration, time and date), and adjacent operational categories.

The asserted institutional position is that the recording-and-monitoring applies to all inmate-initiated calls except attorney-client-privileged calls. The public record has substantially disputed whether Securus has effectively implemented the attorney-client exception. The principal disclosure on this question was the 11 November 2015 reporting by Jordan Smith and Micah Lee in The Intercept — Not So Securus: Massive Hack of 70 Million Prisoner Phone Calls Indicates Violations of Attorney-Client Privilege — based on a Securus database obtained by an Anonymous-affiliated cohort. The database contained approximately 70 million recorded prisoner phone calls across approximately three years, of which approximately 14,000 were attorney-client-privileged calls that Securus had recorded notwithstanding the asserted protection.

Subsequent class-action litigation across the post-2015 period included the 2015 Austin Lawyers Guild and Texas Civil Rights Project civil litigation and adjacent state and federal civil actions. The settled position in the public record is that the platform's deployment of the attorney-client privilege exception has been inadequate to the privilege.²

Pricing and FCC rate-cap framework

The institutional pricing pattern across the 2000s and 2010s significantly elevated per-minute rates for inmate-initiated calls relative to consumer-market rates. The documented pattern across the post-2010 period included per-minute rates in the $0.20 to $0.50 range across major US deployments — against fractional-cent rates in the consumer market — combined with significant connection fees and additional per-call charges, and revenue-sharing arrangements between Securus and the deployed correctional facilities that incentivised the elevated rate structure.

The Federal Communications Commission's regulatory response proceeded across the 2013–present period through successive rate-cap frameworks: the 2013 institutional rate-cap (the first), the 2015 expanded rate-cap framework, and the 2024 framework mandated by the Martha Wright-Reed Just and Reasonable Communications Act. The successive rate-cap frameworks have substantially reduced the elevated per-minute rates that characterised the pre-2015 pattern.⁴

The 2018 location-tracking aggregator scheme

The 2018 disclosure documented an expansion of the Securus product line into mobile-location-tracking surveillance. The operational pattern was that Securus offered to law-enforcement clients the capability to obtain real-time mobile-phone location-tracking information for any targeted phone number on any major US mobile carrier — delivered through the Securus platform interface, with the asserted requirement that the law-enforcement client attest to having lawful authority for the tracking.

The supply chain was: Securus purchased bulk-aggregated mobile-location data through LocationSmart (a direct-contract aggregator, with 3Cinteractive serving as a sub-aggregator reseller between LocationSmart and Securus) and Zumigo; the aggregator firms purchased aggregated location data from the major US mobile carriers (AT&T, Verizon, Sprint, T-Mobile) under prior contractual arrangements that permitted carrier disclosure of aggregated location data to commercial aggregators under specified conditions; Securus resold the real-time location-tracking capability to law-enforcement clients with the attestation requirement. The documented institutional substance was that Securus did not verify the asserted lawful authority. Attestation alone was the only operational control on the deployment.

The defining disclosed case was that of former Mississippi County, Missouri sheriff Cory Hutcheson, central to the 10 May 2018 New York Times reporting by Jennifer Valentino-DeVries — Service Meant to Monitor Inmates' Calls Could Track You, Too. Hutcheson had used the Securus location-tracking platform across the 2014–17 period to track approximately eleven targeted individuals — including Missouri circuit-court judge David Dolan, state-highway-patrol officers, and other state officials — without warrants. Hutcheson had been federally indicted on computer fraud and adjacent charges in May 2017 in the Eastern District of Missouri, before the 2018 disclosure; the New York Times reporting placed the underlying institutional pattern into the broader public record.¹⁵

Carpenter v. United States and the Fourth Amendment landscape

The 22 June 2018 US Supreme Court decision in Carpenter v. United States, 138 S. Ct. 2206 (2018), decided approximately six weeks after the Securus disclosure, is the defining precedent on the Fourth Amendment status of government collection of cell-site-location-information. The case involved FBI collection of historical cell-site-location-information from cellular-service-provider records pursuant to a 2703(d) court order under the Stored Communications Act. By a 5-4 majority authored by Chief Justice John Roberts, the Court held that historical CSLI collection of the kind at issue constituted a Fourth Amendment search requiring a warrant.

The operational consequence of Carpenter for the Securus pattern was substantial. The location-aggregator scheme had operated on the prior position that aggregated location data was not Fourth Amendment-protected — a position Carpenter substantially undermined. The post-Carpenter institutional landscape shifted the legal context for any continuing commercial-aggregator scheme operating on the prior assumption.³

FCC institutional response

The Federal Communications Commission's response to the disclosed Securus pattern proceeded across the post-2018 period principally through Section 222 of the Communications Act, which governs Customer Proprietary Network Information. The disclosed institutional position was that the carrier-to-aggregator scheme had operated in violation of the Section 222 CPNI framework.

The FCC issued Notices of Apparent Liability totalling approximately $200 million against the major US carriers on 28 February 2020 for the aggregator pattern. The enforcement was finalised through Forfeiture Orders issued on 29 April 2024.⁴

Senator Wyden engagement

Senator Ron Wyden's engagement with the Securus pattern across the post-2018 period has been the principal sustained congressional response. Wyden's actions have included letters to the major US carriers, to the FCC, to the Department of Justice, and to adjacent institutional addressees — establishing the congressional record on the carrier-aggregator pattern and on the broader question of commercial-location-data oversight. The Wyden engagement has been a continuing thread in the broader institutional landscape of government-surveillance oversight across the post-2018 period.⁶

Documented deployments

Confirmed The 3,400-correctional-facility deployment. Securus operates prison-telephone services across approximately 3,400 US correctional facilities, including state correctional infrastructure across substantially most US states.

Confirmed The 2015 Anonymous-affiliated database hack. The 11 November 2015 Intercept disclosure documented an Anonymous-affiliated breach of a Securus database containing approximately 70 million recorded prisoner phone calls across approximately three years, including approximately 14,000 attorney-client-privileged calls — the principal public-record disclosure of Securus's inconsistent implementation of the attorney-client exception.

Confirmed The Cory Hutcheson location-tracking deployment (2014–17). Mississippi County, Missouri sheriff Cory Hutcheson used the Securus location-tracking platform to track approximately eleven targeted individuals — including Missouri circuit-court judge David Dolan, state-highway-patrol officers, and other state officials — without warrants. Hutcheson was federally indicted in May 2017 on computer fraud and adjacent charges; the May 2018 New York Times disclosure brought the institutional pattern into the broader public record.

Confirmed The 2018 location-tracking-aggregator disclosure. The 10 May 2018 New York Times reporting by Jennifer Valentino-DeVries documented the location-tracking-aggregator scheme. The disclosure triggered the subsequent congressional, FCC, and carrier responses, including the announced termination of carrier-aggregator relationships by AT&T, Verizon, Sprint, and T-Mobile across the June-2018-onward period.

Sources and further reading

1. Jennifer Valentino-DeVries, Service Meant to Monitor Inmates' Calls Could Track You, Too, The New York Times, 10 May 2018 — the defining disclosure of the location-tracking-aggregator scheme.
2. Jordan Smith and Micah Lee, Not So Securus: Massive Hack of 70 Million Prisoner Phone Calls Indicates Violations of Attorney-Client Privilege, The Intercept, 11 November 2015 — the principal disclosure of the 2015 database hack.
3. Carpenter v. United States, 585 U.S. ___, 138 S. Ct. 2206 (2018) — the principal Fourth Amendment cell-site-location-information precedent.
4. Federal Communications Commission, FCC Cracks Down on Wireless Carriers for Customer Location Data Practices, FCC Forfeiture Orders, 29 April 2024 (Notices of Apparent Liability issued 28 February 2020) — the principal regulatory response.
5. United States v. Hutcheson, federal indictment, US District Court for the Eastern District of Missouri, May 2017 — the principal Hutcheson federal-prosecution record.
6. Senator Ron Wyden, Letter to FCC Chairman Ajit Pai and the Four Major Carriers Regarding Mobile-Location-Aggregator Practices, 8 May 2018 — the principal Wyden engagement, sent two days before the New York Times disclosure.
7. Electronic Frontier Foundation, Mobile Location Tracking Surveillance, ongoing institutional commentary.
8. Andrew Guthrie Ferguson, The Rise of Big Data Policing: Surveillance, Race, and the Future of Law Enforcement, NYU Press, 2017 — the principal academic-and-policy treatment of the broader pattern.
9. Aventiv Technologies, Annual Reports, ongoing institutional disclosure documentation post-2019 corporate rebrand.
10. Joseph Cox, I Gave a Bounty Hunter $300. Then He Located Our Phone, Motherboard, January 2019 — subsequent investigative reporting on the commercial-location-aggregator landscape adjacent to Securus.