A district court judge in the Northern District of California recently sided with the Department of Justice in a case against the Freedom of the Press Foundation, who sued the DOJ over its refusal to disclose FBI procedures for issuing national security letters (NSLs). In short, NSLs are used to secretly collect information about people. In its ruling, the court stressed it would not compel disclosure because it could compromise national security. It stated the information was too sensitive and could be used by criminals to evade detection, or convey valuable information to a foreign intelligence agency. The court was satisfied with the DOJ’s response to FPF’s Freedom of Information Act request, writing:
Defendant described with particularity that the withheld documents all contained non-public information about the FBI’s investigative techniques and procedures. These pages not only identified NSLs as an investigative technique, but also described information such as the circumstances under which the techniques should be used, how to analyze the information gathered through these techniques, and the current focus of the FBI’s investigations.
NSLs are issued by the FBI, act like an administrative subpoena, and are used as an investigative tool in the name of national security. They have been controversial for a while, especially since passage of the Patriot Act, one of the four federal statutes that grant NSL authority. They allow the FBI to demand that companies (credit reporting agencies, telecommunications providers, financial institutions, travel agencies) turn over information about their customers, and prevents those companies from even letting those customers know that they’ve sent their information to the FBI. Since the entire process is so secretive and used at the sole discretion of the FBI without any judicial oversight, NSLs can readily be abused.
In June 2016, leaked documents revealed the FBI was using NSLs to collect information about journalists’ phone records, which caused a scandal for the DOJ. Specifically, the DOJ tried to find out the source of a CIA leak that ruined a terrorism operation in Yemen by collecting two months of phone records. As a result, the DOJ released new guidelines about issuing subpoenas to journalists in order to clean up the PR mess, but didn’t actually apply the new rules to NSLs. Essentially, the new rules with the NSL exception made the new rules more or less pointless. The leaked documents revealed some of the secret rules the FBI follow when issuing NSLs, and according to the executive director of the Freedom of the Press Foundation, the rules were “incredibly weak and almost nonexistent.” By the director’s account, an FBI agent can be granted permission to issue an NSL after demonstrating its “relevance” to a national security investigation, and getting a couple signatures, including one from the FBI general counsel.
NSLs can only collect certain kinds of Electronic Communication Transactional Records (ECTRs) under the act, namely, “the name, address, length of service, and local and long distance toll billing records of a person or entity.” However, pending legislation could expand the NSL act by broadening the category of ECTRs to include a person’s internet browsing history and email metadata, which is exactly as frightening as it sounds. Browsing data and email metadata could reveal a person’s most private information, including medical conditions, political affiliations, and sexual orientations. As of December 2016, the bill was introduced and passed by the House Intelligence Committee, and has been received in the Senate.