In October, Laurence Brewer, the chief records officer of the National Archives and Records Administration, told officials at U.S. Customs and Border Protection he was worried about how the agency was using an app called Wickr. The Amazon-owned encrypted messaging platform is known for its ability to automatically delete messages.
Brewer, who is responsible for ensuring that government officials handle records correctly, wrote in a letter that he was “concerned about agencywide deployment of a messaging application that has this functionality without appropriate policies and procedures governing its use.”
Brewer addressed his letter to Eric Hysen, the chief information officer of the Department of Homeland Security. It was uploaded to the National Archives website, and its concerns had not been previously reported. The document offers a rare insight into Customs and Border Protection's use of Wickr, and highlights the broader worries that some officials and watchdogs have about the growing use of messaging apps at all levels of the U.S. government.
Wickr was bought by Amazon’s cloud-computing division last June and has contracts with a number of government agencies. Customs and Border Protection (CBP), which has been criticized by human rights activists and immigration lawyers over what they say are its secretive practices, has spent more than $1.6 million on Wickr since 2020, according to public procurement records.
But little is known about how the agency has deployed the app, which is popular among security-minded people ranging from journalists to criminals. Its auto-deletion feature has made the platform a cause of concern among government record keepers, as well as external watchdogs, who worry that Wickr and other similar apps are creating ways for customs officials to sidestep government transparency requirements.
“CBP, like ICE and other agencies DHS oversees, has an abysmal track record when it comes to complying with record-keeping laws,” said Nikhel Sus, senior counsel for Citizens for Responsibility and Ethics in Washington (CREW), a nonprofit watchdog group, in a statement. “This has had real consequences for accountability by impeding investigations and oversight of the agency’s activities. The agency’s use of Wickr, a messaging app with ‘auto-delete’ features, certainly raises red flags.”
CREW filed a lawsuit against CBP last month after it failed to respond to a Freedom of Information Act request the nonprofit filed seeking records about its implementation of Wickr. CREW is asking CBP to “fully and promptly process CREW’s FOIA request and produce all non-exempt documents immediately.”
Tammy T. Melvin, a spokesperson for CBP, said the agency could not comment on pending litigation. “The distribution/use of Wickr is currently under review,” she said in an email. Since 2019, she said, the agency has only used the app in “several small-scale pilots.”
Melvin said that Customs and Border Protection's contracts are for use of the Enterprise version of Wickr, which is designed for business communications, and allows for organizations to appoint administrators who can control messaging settings on the platform, including those regarding deletion. Theoretically, this feature could give CBP more control over how individual employees use Wickr, and prevent records from being scrapped, but the details of how the agency is using Wickr remain unclear, and Melvin declined to specify them.
Wickr also has another product called Wickr RAM, which is intended for the military — the company advertises it as being accredited by the U.S. Department of Defense. It’s not clear how its features and capability differ from the Enterprise version of the app used by CBP.
Advertising materials for both of Wickr’s professional products say they can be used in ways that allow for record-keeping compliance. But both also let users delete their messages, according to Wickr’s website. In a Wickr RAM training presentation from 2021, the company even touted a feature it called the “Secure Shredder.”
“To reduce the risk of deleted Wickr data being recovered, the Secure Shredder runs whenever your Wickr app is running,” the training read. “The goal is to ‘sanitize’ or overwrite deleted Wickr data, on a best-effort basis.”
Amazon did not respond to two requests for comment about Wickr’s various products and government contracts.
The use of apps that destroy messages has been a growing issue at many levels of government
Other public officials, including Maryland Gov. Larry Hogan, have been criticized for using Wickr’s self-destructing feature (Hogan defended its use as “common practice” and said it was the same as making a phone call). CREW also unsuccessfully sued the White House in 2017, claiming it was violating the Presidential Records Act after The Washington Post reported that staff members had been using another app called Confide, which similarly lets users automatically delete messages.
U.S. Court of Appeals Judge David Tatel wrote in his opinion that while “Richard Nixon could only have dreamed of the technology at issue in this case,” the court “would have no jurisdiction to order the correction of any defects in the White House’s day-to-day compliance” with records rules.
In his letter, Brewer gave Customs and Border Protection 30 days to respond with documentation about its policies, training guidelines and other resources the agency had established “to mitigate the records management risk associated with the improper use of Wickr” and similar apps.
Melvin said Customs and Border Protection provided an initial response to the letter in December, and had been providing quarterly updates to the agency on its progress. But CBP has still not divulged all the information requested of it. The case associated with the letter remains open, according to the National Archives website.
A spokesperson for the National Archives declined to comment.
Customs and Border Protection has run into problems in the past with its record disclosures. In September, the Department of Homeland Security’s Office of the Inspector General (OIG) released a report that found CBP had failed to consistently save WhatsApp messages between U.S. and Mexican officials. The report said that it wasn’t clear whether the agency was allowed to use the app for official business in the first place.
The WhatsApp messages dated to 2018, when a group of migrants from Central America began traveling to the U.S. border in Tijuana, Mexico. Journalists and other U.S. citizens who accompanied the caravan said they had been subjected to intensive screenings and interviews, leading Democratic lawmakers to call for an investigation.
The OIG report found that CBP officials in a number of instances failed to keep WhatsApp messages about the caravan, likely in violation of the agency’s record-keeping policies.
“Numerous CBP officials, across various offices, regularly used WhatsApp to communicate both with individuals and in various WhatsApp groups, some of which contained up to hundreds of U.S. and Mexican officials,” the report said. “Yet, these officials did not consistently retain their. WhatsApp messages or copy or forward them to their official CBP accounts.”
The Inspector General recommended that CBP either end its use of WhatsApp or ensure it was in compliance with record-keeping laws. CBP responded by saying that it was “currently piloting a managed messaging platform to replace WhatsApp.”
In response to questions about what platform was being referred to in the report, Melvin, the CBP spokesperson, said that the agency had been conducting pilots of Wickr for more than two years.
But so far, CBP hasn’t shared the findings of those pilots with the Office of the Inspector General, according to Melvin. A spokesperson for the OIG told NBC News that its recommendation was still open.
“We will close this recommendation when CBP provides documentation showing the results of its pilot to replace WhatsApp and to ensure that messages are retained in compliance with legal and policy requirements including records retention schedules,” the report from the Office of the Inspector General said.