National security letters (NSLs) are legal documents issued by the United States federal government to gather information for national security purposes. They do not require judicial overview, and are almost always accompanied by a gag order. This prevents the recipient from disclosing to customers that the FBI has demanded information from it.
Over the last few years the FBI has relied heavily on NSLs to obtain information from technology, internet, communications, and banking companies about their customers. Because they usually come with secretive gag orders, obtaining information about the extent of NSL use is difficult. The EFF, however, claims that every year the FBI issues “thousands” of NSLs, and that hundreds of thousands of NSLs have been issued since 2001. Some statistics are also available here. The EFF also notes that,
“NSLs are inherently dangerous to civil liberties because their use is rarely subject to judicial review.”
Technically speaking, the information that the FBI can collect using NSLs is quite limited. But in the past, technology companies were generally happy to cooperate with the FBI and to comply with requests for much more detailed information.
Edward Snowden’s revelations, however, revealed to the public the extent of tech companies’ complicity with NSA spying. With public trust in them damaged as a result, tech companies have become much more uncooperative when served an NSL.
Legal wrangles over NSLs
Somewhat unsurprisingly, the FBI is not happy about this. As far as the FBI is concerned, the implied intent of NSLs is to allow it access to a wide range of communications records. It has therefore interpreted its provisions “as more of a loose guideline than an exhaustive list.”
The letter of the law, however, limits the type of records that the FBI can request to name, address, length of service, and local and long distance toll billing records of a customer. It also allows access to “electronic communication transactional records” (ECTRs), but does not say what these actually are.
In 2008 the Justice Department’s Office of Legal Counsel definitively ruled (.pdf) in favor of a narrow interpretation of the law, flat-out contradicting the FBI’s interpretation that it provided loose guidelines.
Tech companies are increasingly insisting on keeping to the letter of the law. This has prompted FBI Director James Comey to lobby Congress for an amendment to the legislation. If passed, it will formalize the FBI’s interpretation that access to citizens’ web browsing history, location data, and some email, is implicitly covered under the statute. This flies in the face of the 2008 ruling.
Yet again the FBI is using what on the surface looks like a minor administrative adjustment to an obscure law in order to greatly expand its powers without any form of judicial oversight or democratic debate. Comey has gone so far as to characterize the proposed changes to the legislation as a mere “typo” in the in the Electronic Communications Privacy Act. The amendment will also effectively allow one FBI agent to issue a warrant to another, as long as the recipient uses it for national security purposes.
As the Washington Post argues, these changes are an assault on the Fourth Amendment of the US constitution. This prohibits unreasonable searches and seizures, and requires any warrant to be judicially sanctioned and supported by probable cause.
“The Fourth Amendment was expressly written to protect our individual right to privacy from the voracious and insatiable appetite of government to assault it. It was also written to ensure that government can seek evidence against bad guys, but it was meant to force the government to target them based on real evidence, not to let it sweep them up in a suspicionless net along with the innocent.”
Needless to say, the FBI has never been a big fan of the Fourth Amendment.
“Since the government obviously does not take its obligation to uphold the Constitution seriously, why bother with requiring one FBI agent to authorize another? Why not let any FBI agent search wherever he or she wants, break down any door, seize any records and invade anyone’s privacy, lest compliance with the Constitution be a pain in the neck?”
It is clear that Comey hoped to slip the changes through quietly, with even Congress perhaps not being fully aware of their import. The tech industry, however, has reacted with alarm. A host of major technology companies have sent Congress a letter warning that they oppose any attempt to amend the existing laws in the FBI’s favor.
“Given the sensitive nature of the information that could be swept up under the proposed expansion, and the documented past abuses of the underlying NSL statute, we urge the Senate to remove this provision from the Intelligence Authorization bill and oppose efforts to include such language in the ECPA reform bill, which has never included the proposed NSL expansion.”
The letter is signed by leading technology companies such Google, Facebook and Yahoo, and by rights organizations such as the American Civil Liberties Union, the EFF, and human Rights Watch.