Home » Blogs » Secret Service Deleted Texts

By Matthew Rasmussen and Ryan Frye

If you’ve ever watched a movie in which the actor played the part of the President of the United States, you’ve probably noticed he or she was surrounded by men and women in dark suits wearing sunglasses and earpieces. It is how the Secret Service is portrayed in Hollywood.

Even though they appear impressive in films, a movie does not fully represent the scope of their work. The integrity and security of our nation depend heavily on the Secret Service and its employees. They serve two essential roles: securing the reliability of the US currency and safeguarding the national leaders who make the nation so great.

Secret Service –the name linked to the highest standard of protection. This group protects the interests of the United States with the help of its cadre of police officers and special agents that ensure all visiting dignitaries remain safe and secure while they are in the country.

But a recent Secret Service issue has raised some alarming concerns, suggesting things have gone very wrong.   Text messages sent by agents during the January 6 attack on the Capitol appear to have been erased. This article will explain what the Secret Service is and the controversies the agency faces today.

What is the U.S. Secret Service?

The Secret Service is a United States federal law enforcement agency that protects the United States President, his family, and others engaged in official business on behalf of the nation. Granted authority by Congress on March 1, 1865, the Secret Service has since been involved in combating significant threats to national security, including assassination attempts on leaders worldwide. Originally established as a particular branch of the FBI, it handles everything from simple currency counterfeiting cases to tracking down terrorist groups. The agency has been led by several key figures, including Teddy Roosevelt, John Kennedy, and George H W Bush.

The Secret Service is tasked with protecting the lives of individuals and heads of state worldwide. The agency’s primary role is to investigate any potential threat against the President or his family members and guard against such attacks. Additionally, they protect dignitaries visiting Washington DC, including foreign diplomats and heads of state. The agency also has jurisdiction on overseas U.S. military bases abroad and investigates federal law violations involving protected persons abroad. The Secret Service also provides protective services at presidential retreats when needed.

The Secret Service Disaster: Mysterious — and maybe criminal — disappearance of the Secret Service’s January 6 text messages.

While the Secret Service’s discipline has been praised for its response in the wake of the Capitol attack, questions have been raised about the agency’s recent communication practices.

The Secret Service is supposed to be a professional organization used to protect our nation’s most valuable assets. Unfortunately, its current scandals are discomfiting and raise questions about how well it can defend government officials and other VIPs.

The deleted text messages became increasingly important following the testimony of former White House aide Cassidy Hutchinson, who described an extraordinary scene in which former President Donald Trump attempted to seize control of a Secret Service vehicle to join the Capitol crowd on January 6th. The Committee also heard testimony that then-Vice President Mike Pence refused to board a Secret Service vehicle after rioters stormed the Capitol. According to records obtained, the Secret Service downplayed threats of violence from far-right extremists in the days preceding the Capitol attack.

Furthermore, the texts could shed light on what was happening around Vice President Mike Pence that day. The hearing on this issue featured audio transcripts of Secret Service agents at the Capitol expressing concern that Pence might not be able to escape to a secure location within the Capitol. One anonymous security official also testified that members of Pence’s detail were so worried that they called family members to say goodbye in case they did not survive.

The missing text messages could have revealed more information about the incident, but it is unclear whether people will ever see them. According to the Secret Service, they are unlikely to be found. But what is clear is that the agency needs to be reformed and investigated thoroughly.

Text Retention and Deletion Policies

According to recent news reports, the U.S. Secret Service allowed individual agents to wipe all the data from their phones as part of a hardware replacement policy. The agency failed to preserve text messages as required by federal law and demands from Congress and the USSS’s oversight agency, the DHS Office of the Inspector General.

Employees were already aware of their document retention requirements before implementing the replacement program. Different procedures are provided to restore their old devices to factory settings while preserving the previously contained data. The problem with some is that they already got the memo and purposefully ignored it.

Many government and private organizations have a hardware and data life cycle. Laptops, hard drives, and smartphones are all being upgraded. Emails the company no longer requires are purged, as are outdated documents, files, attachments, etc. Indeed, from a privacy and data security standpoint, it is critical to delete obsolete data and update hardware and software to include the most recent security and privacy protection.

Employees must also be trained on what documents and records must be kept and for how long. These procedures can be complex, and different retention periods may apply to invoices, receipts, correspondence, compliance documents, tax records, etc.

Laws requiring government records to be maintained and archived include the Presidential Records Act and the Federal Records Act, to name a few. FOIA laws also govern when documents must be made public and accessible. Data policies require permitting data to avoid violating the law.

Can Deleted Messages be Recovered?

One crucial question is whether the lost text messages can be recovered. The answer is possibly, but probably not – especially for messages between agents.

A document is any piece of written, printed, or electronic matter that provides important information or serves as an official record. Documents can establish legal rights and are common forms of evidence brought at trials. Document retention policies are generally based on the “island/moat” model. Data is generated on the corporate device, transmitted, and received via the corporate network. Routers, hubs, and switches can send this data for backup, which the company controls.

With cloud and BYOD, things are different. The text messages USSS agents send from their Apple or Android devices via a network owned by AT&T, Sprint/T-Mobile, or Verizon will likely never pass through the DHS network. Unless DHS implements a mobile device management (MDM) solution, the text messages will never go through USSS.

If this is the case several problems arise. Text message retention and deletion schedules are set by the individual agent or telco provider. The policy cannot be implemented by USSS, DHS OIG, or congressional oversight committees. If the SMS and MMS messages were sent from an unmanaged device via a third-party network, they would be saved in three places:

  • on the device of the sender,
  • on the device of the recipient, or
  • on any intermediary’s network incidental to message transmission

Sprint/T-Mobile, AT&T, and Verizon would keep a copy of the message content for set periods of time, whereas iMessages from Apple devices can be encrypted against access from users other than the account holder. The period of retention varies by providers. Verizon would hold texts for up to five days, for example, but Virgin Mobile keeps MMS and SMS data for up to three months. The issue in the Alex Jones case is that this period of time is uncertain. Telecommunications companies are notoriously secretive about their data collection and retention practices. The FCC notified the big three telcos that they needed information about their geolocation data retention and use practices—what they collect, how they use the data, and how long they keep it. Similarly, the USSS did not have a consistent approach or requirement that required whole device backup.

Conclusion

For information security professionals, this USSS deleted texts incident is instructive for several reasons. First of all, you can never be too careful with documentation – even if that documentation is as simple as a series of text messages. Secret Service investigators are now using stored metadata to uncover more information about texts that were deleted from several agents’ phones, which is raising concerns regarding evidence tampering and destruction.

First and foremost, document retention and destruction policies are security policies. If you have data, but it’s sensitive data that you don’t need, it creates a vulnerability. On the other hand, liability also arises if you fail to retain data you’re required to. Robust and thoroughly reviewed document retention and destruction policies and the technology to enforce them can be of great assistance. Determine what should be deleted and what should be kept. Then, implement training and awareness so people understand what data they can and cannot keep. Finally, have a centralized control that allows you to deploy this policy across the organization.

The message to security-conscious individuals is that having a mobile workforce implies using a mobile device management solution. Mobile devices sit at the core of both personal and professional lives. Infosec professionals are aware of the risks posed by mobile devices and are always actively looking for solutions to help them manage effectively.

Security-related issues are not limited to employees leaving devices unlocked in their cars or on tables, nor do they occur when employees have their laptops open in public places like coffee shops or airports. The potential for compromise is always present, regardless of whether employees have malicious intent.

Mobile device management solutions effectively keep track of users’ activities, restrict access to sensitive data and provide secure access to applications and remote devices.

REFERENCES:

1. https://www.citizensforethics.org/legal-action/legal-complaints/secret-service-likely-broke-the-law-by-deleting-texts/

2. https://www.theatlantic.com/newsletters/A/2022/07/the-shame-of-the-secret-service/670550/

3. https://edition.cnn.com/2022/08/11/politics/secret-service-memo-investigation-efforts-to-impede/index.html

4. https://www.cnbc.com/2022/07/20/secret-service-gave-one-text-message-thread-to-jan-6-probe-in-subpoena-response.html

5. https://www.vox.com/23274533/secret-service-text-messages-january-6

6. https://post.edu/blog/how-to-become-a-secret-service-agent/

7. https://wrightusa.com/en/Articles/12-Fast-Facts-About-the-Secret-Service

8. https://www.npr.org/2022/07/15/1111778878/secret-service-deleted-messages-january-6-is-that-data-really-gone

9. https://abcnews.go.com/Politics/secret-service-deleted-texts-jan-2021-watchdog-sought/story?id=86843614

10. https://www.usatoday.com/story/news/politics/2022/07/21/deleted-secret-service-texts-criminal-investigation/10122768002/