(Mint Press) – Google took the extraordinary step this week to disclose how often the government has asked the company for data for national security purposes. Previously, Google has quantified the number of law enforcement requests the company has received for user data, but National Security Letters (NSL) have been excluded from the count.
According to Google’s Transparency Report, the service was hit with 21,389 requests from law enforcement in 2012, with between 1,000 and 1,999 accounts targeted by 0 to 1,000 NSLs.
National Security Letters are government actions authorized under 18 U.S.C. § 2709 — “Counterintelligence access to telephone toll and transactional records” as expanded by the USA PATRIOT Act, Section 505. The letters, which are subject to a gag order that prohibits the served communications service provider from disclosing its existence, requires the served utility to disclose to the Federal Bureau of Investigation (FBI) transactional data — or communicative information about a data connection between end-users — about any user without a warrant.
While, by law, the FBI can only look at the link information and not the actual conversation shared in the link and the FBI cannot request information for communiques within the United States — multiple governmental audits have shown the agency to abuse this power. For 2006, the Department of Justice’s inspector general revealed that 60 percent of the nearly 50,000 security letters issued targeted Americans.
Transparency is key
In light of this, Google’s efforts to bring transparency to the government’s data petitioning program is applauded by the online privacy community. Legal director for Law Enforcement and Information Security for Google Richard Salgado wrote in a blog post Tuesday — “we’ve been trying to find a way to provide more information about the NSLs we get — particularly as people have voiced concerns about the increase in their use since 9/11. Starting today, we’re now including data about NSLs in our Transparency Report. We’re thankful to U.S. government officials for working with us to provide greater insight into the use of NSLs.”
The FBI has agreed to allow Google to disclose how many NSLs it received in a calendar year, but only to the nearest thousand. The FBI fears that the disclosure of actual numbers might reveal essential information in regard to active investigations.
The Electronic Frontier Foundation (EFF) has responded to Google’s actions. “On one hand, kudos to Google. Very few companies publish any kind of transparency report at all, and Google is the first to give any kind of information about National Security Letters,” said Eva Galperin, a global policy advocate for the Electronic Frontier Foundation. “On the other hand, the aggregate data that Google has provided is extraordinarily vague … Using a scale that large, it’s impossible to tell if the number of NSLs has even gone up over the last three years.”
Google’s intentions were to tame the fear that the search portal and social networking hub was being inundated by hundreds of thousands of NSLs each year.
Transactional data contains the name, IP addresses, physical address — if known — and length of enrollment for each of the end-users of a particular conversation. Actually looking into the conversation itself is considered a search that requires a warrant.
In January, Google changed its transparency reporting policy to reflect the number of requests the company receives via an administrative subpoena — a request for information that bears a lower legal standard of proof for approval. In the third and fourth quarters of 2012, Google revealed that more than two-thirds of all law enforcement requests came from an administrative subpoena instead of a warrant.
Google announced at about the same time that it always has and will require a warrant for law enforcement access to email content. This rule is in line with a 2010 6th Circuit Court of Appeals ruling, but is in contrast with federal law that mandates that the government shall have access to certain content under certain conditions without a warrant.
Senate Judiciary Chairman Patrick Leahy (D-Vt.) is pushing through a bill that will make Google’s ban on warrantless email searching a law. Leahy’s House counterpart, Rep. Bob Goodlatte (R-Va.) has promised to also take up the issue.
On NSLs and governmental privacy intrusions
NSLs are troublesome for privacy advocates because they are highly secretive, rarely audited or policed from the outside and are prone to abuse. In a Justice Department investigation, it was revealed that the FBI abused its intelligence-gathering privileges by issuing inadequately documented NSLs from 2003 to 2006.
According to findings by inspector general Glenn Fine, the FBI attempted to circumvent the Foreign Intelligence Surveillance Court — which supervises clandestine spying in the United States — when the court twice rejected FBI requests in 2006 to obtain certain records. The court felt that “the ‘facts’ were too thin” and the “request implicated the target’s First Amendment rights.” The FBI obtained the records anyways, in clear defiance of the court.
FBI’s general counsel, Valerie Caproni, argued that the FBI was within its rights to issue the NSLs as the FBI disagreed with the court’s decision.
From 2003 to 2006, the FBI issued nearly 200,000 NSLs, a third of which constituted all of the FBI’s national security and computer probes at the time. In the investigation into this period, it was revealed that the FBI made numerous violations of the law or internal practices, including improper requests, collection of more data than the FBI was entitled to or not having proper authorization to proceed with the case.
The FBI also used NSLs to gather massive amounts of information outside of the guidelines set by the USA PATRIOT Act or the FBI. For example, the investigators found 11 cases that requested information on about 4,000 telephone numbers.
In 2007, the New York Times reported that the Central Intelligence Agency (CIA) and the Pentagon have been issuing “non-compulsory” NSLs — voluntary disclosures — for their own information gathering purpose. Despite requests from both groups to be given the right to issue compulsory NSLs, Congress has refused to expand NSL-issuing rights, fearing that doing so would invite the military and the CIA to engage in domestic espionage.