In its bi-annual Transparency Report released on Tuesday, Google for the first time gave information about requests called National Security Letters (NSLs) that it receives from the FBI demanding information about Web users.
Such information includes “the name, address, length of service, and local and long distance toll billing records” of Google users.
Google, as part of its Transparency Report, disclosed information about how many NSLs it receives every year from the FBI.
According to Google, it has received not less that one thousand NSLs per year in the last four years.
Due to legal prohibitions, Google is able to disclose only the ranges of the requests it receives per year. Google’s Transparency Report says that in 2012, it received between zero and 999 requests targeting a total of between 1,000 and 1999 users/accounts, the same as in 2011, but less than in 2010 when it received between zero and 999 requests targeting between 2000 and 2999 user/accounts.
Google said that in the second half of 2012, it received requests for “some data” in relation to 14,791 accounts. More than 10,000 of these were targeted with subpoenas, with 3000 having their information requested with a search warrant, according to Forbes.
The Google report said about 1,249 accounts had their data requested by “other” means.
In a Public Policy blog post by Richard Salgado, Legal Director, Law Enforcement and Information Security, Google said: “The FBI has the authority to prohibit companies from talking about these requests. But we’ve been trying to find a way to provide more information about the NSLs we get—particularly as people have voiced concerns about the increase in their use since 9/11. Starting today, we’re now including data about NSLs in our Transparency Report. We’re thankful to U.S. government officials for working with us to provide greater insight into the use of NSLs.”
Forbes notes that the FBI’s use of NSLs have come under sharp criticism not only because of the secrecy involved but also because of lack of judicial review. Forbes writes that NSLs require far less oversight than a search warrant or a subpoena and they can be issued by any FBI field office.
According to CNET, while the FBI’s authority to issue NSLs predate the 2001 Patriot Act, the act greatly expanded and broadened the scope of their use beyond federal investigations related to espionage and allowed FBI field offices besides the Washington headquarters to issue NSLs that grant warrantless access to records held by “financial institutions, credit agencies, and travel agencies.”
CNET reports that when Nicholas Merrill, an Internet provider, challenged the gag orders in relation to NSLs as unconstitutional, a federal judge ruled that the secrecy demands were an “unconstitutional prior restraint of speech in violation of the First Amendment.” Congress later passed bills that allowed recipients of NSLs to challenge them in court. Merill, assisted by the ACLU and the Electronic Frontier Foundation, was able to fend off the NSL request it received for “any electronic communication transactional records.”
While, according to Forbes, the Electronic Frontier Foundation has described NSLs as “one of the most frightening and invasive of all the dangerous government surveillance powers that were expanded by the USA Patriot Act,” Google, according to CNET, says its understanding of the law is that the FBI cannot use an NSL request to “obtain anything else from Google, such as Gmail content, search queries, YouTube videos or user IP addresses.”
According Google, NSLs can only legally request “the name, address, length of service, and local and long distance toll billing records” of Google users. Forbes comments that this implies that the FBI cannot legally demand “actual content data such as Gmail messages or private YouTube videos. Perhaps surprisingly, even IP addresses are off limits.”
CNET notes, however, that the NSL sent to Merill was sweeping, demanding for “electronic communication transactional records.”
Observers have noted that the use of NSLs, judging from the Google numbers, appears to have been more extensive that previously realized. According to CNET, the Inspector General’s report found that the FBI made 50,000 NSL requests in 2006.
Forbes reports that Julian Sanchez, a research fellow at the Cato Institute, said government’s own figures of NSLs issued in 2011, excluding non-content requests of the type sent to Google, sought information about 7,201 people.