A transparency report released by Google this week broadly reveals the extent of the Federal Bureau of Investigation's use of National Security Letters, a form of surveillance used to obtain information on users.
"The FBI has the authority to prohibit companies from talking about these requests," it says on Google's Public Policy Blog. But starting now the company will include NSL data in their bi-annual report, albeit vaguely.
The report only indicates ranges of requests for personal data via subpoena, search warrant, or NSL, to "address concerns raised by the FBI, Justice Department and other agencies that releasing exact numbers might reveal information about investigations."
Although NSLs have been in use since at least the 1970s, their use has always been restricted to authorized investigations regarding international terrorism or secret intelligence activities; however, they lack judicial review. They require less oversight than a search warrant or subpoena, and can be issued by any FBI field office. The Electronic Frontier Foundation has called NSLs “one of the most frightening and invasive…of all the dangerous government surveillance powers that were expanded by the USA PATRIOT Act.”
But Google's disclosure reveals the use of NSLs is more widespread than previous government reports suggested. In the second half of 2012 alone, Google received 8,438 user data requests targeting 14,791 accounts in addition to "0-999" NSLs.
Google specifies that the letters can only legally request “the name, address, length of service, and local and long distance toll billing records” of a Google user. The FBI shouldn’t be able to get content data such as Gmail messages or private YouTube videos, or even IP addresses.
But Julian Sanchez, a research fellow at the Cato Institute, says that NSLs sent to an Internet service like Google can actually be used to de-anonymize online content when the FBI already knows an IP address but not a name or other identifying details. “These kinds of requests are supposed to to be limited to less sensitive information,” says Sanchez. “But if the point is to de-anonymize anonymous information, it’s not clear that’s less sensitive.”