Mail digitization programs that scrutinize prison correspondence raise serious questions around privacy and free speech. Not only do such technologies store searchable copies of letters sent to incarcerated people, but they can also collect information from letter-writers as well, and then may retain that data for years or even indefinitely. So when the Knight Institute learned of a pilot mail digitization program being conducted by the Federal Bureau of Prisons, it sought records on the initiative in mid-2021, then filed suit in August of 2021 to expedite the records request. I spoke with Institute Staff Attorney Stephanie Krent about the lawsuit, Knight Institute v. Federal Bureau of Prisons, and the First Amendment concerns raised by the pilot program.

How do mail digitization and surveillance programs, or for that matter phone surveillance, work in the U.S. penal system? 

Stephanie Krent

With mail digitization, we’re talking about the process of taking an original, physical piece of mail—a letter, a drawing, a greeting card—and creating a lasting digital copy the way you would if you were scanning your own files. But in this instance, it’s digitization that’s being conducted by the prison facility itself, transforming the physical piece of mail into a text-searchable file. Generally, the original mail itself is destroyed and the incarcerated recipient gets a photocopy or a scanned image of the mail rather than the original piece of mail itself.

Phone surveillance is similar, in that it is transforming an audio conversation into a text-searchable digital file. Typically, a facility or a contractor records phone calls as they occur throughout the day and uses software that creates an automated digital transcription, often using natural language processing, that will create a long-lasting digital file memorializing that conversation. 

In general, the constitutional authority of a prison official to listen in on a phone conversation or to read a piece of mail has been well-established. The difference here is that the creation of a digital file, which can live on indefinitely on a facility’s servers, opens up a whole host of new surveillance capabilities. Instead of glancing at a letter in real time, officials could come back to a letter to read it years after it’s sent. They can use keywords to search preexisting files, and in some instances to request a notification any time that a keyword is used in a particular conversation or letter on a forward-looking basis. With stored data on senders and recipients, they can map out networks of communications based on who is writing letters or speaking to whom in those facilities. Essentially, while prisons have a responsibility to keep the people in their facilities safe, mail digitization creates a vast trove of new information that can be used for any purpose within the facility. 

What’s the rationale for using these new technologies or surveillance? 

It varies depending on the facility itself and the type of technology that’s being introduced. For mail digitization, for example, the most common rationale is a fear of contraband being introduced into the facility, for instance by soaking a synthetic drug onto an envelope or a stamp. Facilities have tried to eliminate that risk by denying original mail to people who are incarcerated.

Once a facility has the capability to conduct this surveillance, the mission tends to creep, with officials coming up with more and more supposed benefits to it.  

 

These programs are often announced based on very narrow or particular goals. But once a facility has the capability to conduct this surveillance, the mission tends to creep, with officials coming up with more and more supposed benefits to it, including vague invocations of efficiency. The technology becomes part of the fabric of an institution and can be used in ways that are completely untethered from the original, narrower justification.

Are these technologies already widely in place?

Yes, they are available in many different states and are growing rapidly. There are several local facilities that have been digitizing mail, and, in the last few years, statewide penal systems have also started to adopt these technologies. Pennsylvania was the first state to adopt a mail digitization system through the contractor Smart Communications in 2018. The Federal Bureau of Prisons also began a pilot program with Smart Communications in 2020 that is the target of our FOIA request. In the last year and a half since that pilot began, we’ve seen an increasing number of states move towards adopting mail digitization. North Carolina began digitizing mail. Wisconsin this fall also announced a program to use the same contractor North Carolina uses, Text Behind, for their incoming mail system. Florida and Massachusetts have both had hearings on whether to adopt mail digitization. What we’re seeing is these programs gaining a foothold and becoming more emergent in recent years.

Why has the Institute focused its attention on the federal Bureau of Prisons pilot?

There are two reasons we wanted to target our FOIA request on the federal pilot program with Smart Communications. First, at the time we filed the request this spring, the pilot was actually supposed to have ended. But when we went on the bureau’s website, it appeared it was still ongoing. Yet there was no announcement from the bureau that the pilot was going to be extended, or for how long. There was no real information about what it was doing and how it was using the mail that was part of this pilot program. So we felt that there was a real inflection point, before the program was fully entrenched and adopted within the bureau, when we could help the public understand exactly what the mail digitization at these prisons entailed. 

The second reason was that given the bureau’s size and status, its policies can be very influential nationwide. Its decision to digitize mail wouldn’t affect only the more than 150,000 people who are in bureau custody, but would affect the nearly 2 million people who are incarcerated nationwide. By learning more about the bureau program and by striking at this moment, the information we learn might influence the way these technologies are being considered across the country.

What are the primary concerns the Institute has about the prison mail surveillance program? 

There are at least two facets of mail digitization that are disturbing. One is the loss of access to original mail. You could have a system that denies incarcerated people original mail, but that doesn’t incorporate enhanced surveillance or digitization. In fact, some states and carceral facilities have adopted models that involve photocopying without scanning and long-term storage. Even that model has serious implications for expression behind bars, because photocopying can delay the time it takes mail to get delivered. And if copying is done haphazardly, it can make mail and photographs unintelligible. That damages the quality of communication and can weaken individuals’ ties to their community. Those concerns are present in both photocopying and mail digitization regimes. 

Another disturbing aspect of mail digitization is the surveillance effect. Facilities sweep up all of the incoming mail for every incarcerated individual in the facility and retain it indefinitely. We don’t know exactly how those records are being used, and it likely varies from institution to institution, but we have yet to see meaningful limits placed on how prison officials could use this information. What we do know is that the contractors who routinely provide these services explicitly advertise them as surveillance tools, with the ability to store mail long-term, to help facilities come up with search terms that they can use to track and target correspondence, and to create “profiles” on senders and recipients of mail. 

Letter-writing, especially to someone incarcerated, can be very personal, very intimate. Mail digitization ... has a dramatic chilling effect on people who want to communicate with someone behind bars.   

 

Letter-writing, especially to someone incarcerated, can be very personal, very intimate. Mail digitization ratchets up the personal cost of that communication. If you want to send a letter into one of these facilities, you have to open up your thoughts not only to the intended recipient but also to anyone else who is working at the facility, who is a contractor at the facility, or maybe who works at a law enforcement organization that has a data-sharing agreement with that facility. All of those people may be reading your letter as well. They may be able to read or reread or search it years later for any reason. That has a dramatic chilling effect on people who want to communicate with someone behind bars. 

So one concern is that it’s not just the prison officials or the vendor reviewing these digitized mail records, but others at outside law enforcement agencies too?

That’s right. There’s not enough that we know yet about how prison officials are actually using retained mail and how they’re sharing that information. Records released to journalists at Reuters recently revealed that Suffolk County, New York, shared information gleaned from its phone transcription and surveillance system with more than two dozen entities. 

We don’t know yet whether there was some sort of analogous data-sharing agreement in the federal pilot program, or in other states that have adopted similar technologies. That’s something to watch out for because of the concern that, despite public justifications relating to concrete issues within the prison facility, these tools will actually be used as general law enforcement tools, mining sensitive communications for whatever reason a law enforcement officer might think of. When you think about the creep of the surveillance program and the chilling effect that that creates, that’s quite dangerous. 

Are family members, even children, themselves being surveilled?

Yes, and that’s by design. Often, children send letters, cards, and poems that are being scanned and stored. These children and other family members are caught up in long-term carceral surveillance merely because they love someone who is incarcerated, and have sometimes even stopped sending mail as a result.

Certain vendors have actually advertised enhanced surveillance capabilities with respect to senders of mail. As we explained in our FOIA request, Smart Communications has what it calls a Smart Tracker tool that it says creates profiles on and stores details about the senders of mail. For example, if senders log in to the Smart Communications website to see if their letter has been delivered, Smart Communications will log the GPS location and the IP address where that connection occurred and then store it. They’ll also store any email addresses used to track mail. And they’ll store any associated phone numbers or addresses they can find for the sender. Then they’ll create a running list of every incarcerated person the sender has communicated with. 

Essentially, it's creating complete surveillance profiles not only of people who are incarcerated but also of people who are not incarcerated, who just want to communicate with those who are behind bars.  

 

Essentially, it’s creating complete surveillance profiles not only of people who are incarcerated but also of people who are not incarcerated, who just want to communicate with those who are behind bars. This surveillance system spreads far beyond the prison walls. And what’s really scary is that, in the Smart Communications proposals I’ve reviewed, there is no mention of a carve-out to protect children from this kind of tracking.

What do we know about the retention policies for these records? 

We know very little about how facilities are retaining these records in practice. Frankly, it wouldn’t surprise me if many of these facilities have no policy on this at all and are just trying to figure it out as they go along. But two of the main contractors who advertise mail digitization systems, Smart Communications and Text Behind, advertise to facilities that they will keep mail for at least seven years. And that includes the time after someone who’s incarcerated has been released, even if they were just incarcerated for a short period of time. 

It’s also possible that the retention is far greater than what these vendors are actually advertising. In 2018, the Smart Communications CEO was asked about this and said that in over 10 years, Smart Communications had never deleted a single record, and that they were all available for investigators. So, in effect, essentially once a facility is able to lay eyes on something, it is able to keep that and use it in any way forever. That’s frightening. It’s extremely concerning that these facilities are given these surveillance capabilities yet have not announced safeguards to ensure that this isn’t just another dragnet scheme. 

But if there are legitimate safety concerns, how do you balance this with concerns about free expression? 

From a constitutional perspective, there’s a balancing test. There is significant discretion given to correctional facilities to enact rules to protect safety and security, but those restrictions really have to be rationally related to legitimate penological goals. 

Many facilities have pointed to the introduction of drugs through the mail as the reason these programs have been put in place. But in certain instances, mail digitization systems have not meaningfully moved the needle on contraband use in prisons and jails. The American Prospect reported this year that in Pennsylvania, the adoption of mail digitization didn’t lead to a concomitant decrease in the drug test positivity rate in statewide facilities. So there may be reason to be skeptical of these claims and to demand that if a facility is digitizing mail, it should justify that by pointing to data that can be analyzed by outsiders and by advocates, to ensure that these programs really are tethered to legitimate goals. And facilities should do so not only when the system is first introduced but at regular intervals, so that advocates can make sure that these systems aren’t being abused.

What is the status of the Institute’s FOIA lawsuit seeking records on the Bureau of Prisons’ pilot? What is the Institute trying to learn?

We filed a FOIA request in June 2021 for records relating to the bureau’s pilot program, and any other instances of mail digitization that facilities within the bureau umbrella have embarked on. Our goal was to understand how these programs work in practice, because vendors are promising the moon and giving facilities significant new surveillance capabilities. 

There’s a great deal we don’t know. We don’t know how facilities within the bureau are actually using the surveillance capabilities at their fingertips. We don’t know how long records are retained. We don’t know whether or not there’s a certain level of suspicion that’s required before records are searched. We don’t know how records are being shared across facilities or with law enforcement who are not part of the Bureau of Prisons. 

We also don’t know whether there are any safeguards in place to prevent abuses of the system or to prevent self-serving activities. For example, we’ve learned of incidents when surveillance technologies were being used to study phone conversations about the facility’s COVID protocols in an attempt to shore up evidence that could protect the prison from any future complaints that it was not doing enough to prevent the spread of COVID behind bars. That anecdote suggests that, at least in those facilities, there aren’t really any limits on how officials can use this technology. 

We had all of these open questions that would impact the way we viewed the pilot program’s impact on free expression. And because the bureau hadn’t answered these questions publicly, we felt the need to file a FOIA request. Then when the government didn’t respond to our FOIA requests within the statutory deadline for responding, we filed a lawsuit. Now, through negotiations with the Bureau of Prisons, we’ve received our first two sets of records. We’re expecting at least one more. There’s still a lot left to be learned about these programs, which we’re hoping to uncover in the next few months.

Visit our case page for the latest updates and more on Knight Institute v. Federal Bureau of Prisons.

Research for this report was contributed by Hye Jin “Jinny” Lee, legal extern at Knight Institute.