The amount of data held inside Google's archives is almost incomprehensible, yet most online consumers seem fairly comfortable with the degree of data protection the company provides. What some citizens could raise objection with, however, is the extent to which the search engine giant may be facilitating Federal Bureau of Investigation surveillance activities. Wired reported that, in accordance with Obama administration transparency mandates, Google published a report chronicling the number of times it has received requests from intelligence community members seeking access to account holder information without a warrant. This marks the first time that a private company has been allowed to release this information in such detail.
"National Security Letters (NSLs) allow the government to get detailed information on Americans' finances and communications without oversight from a judge," according to the website. "The FBI has issued hundreds of thousands of NSLs and has even been reprimanded for abusing them. The NSLs are written demands from the FBI that compel internet service providers, credit companies, financial institutions and businesses like Google to hand over confidential records about their customers, such as subscriber information, phone numbers and email addresses, websites visited and more as long as the FBI says the information is 'relevant' to an investigation."
For each year between 2009 and 2012, Google received somewhere between 0 and 999 National Security Letters, with as many as 3,000 individual accounts affected in a given year. The exact numbers could not be published, out of concern for national security interests, though the ranges provided were provocative enough in their own right. According to Wired, Congressional releases have confirmed that in 2011, the latest year available, there were 16,511 NSLs filed pertaining to 7,201 people across the United States.
The fact that the ratio of requests filed to accounts affected is suddenly so lopsided in the sample of Google-related cases has raised several eyebrows. The FBI is allowed to obtain the name address, local and long distance records and length of service through these letters, but agents cannot request other information, such as search queries or email content.
"National Security Letters are a powerful tool because they do not require court approval, and they come with a built-in gag order, preventing recipients from disclosing to anyone that they have even received an NSL," Wired reported. "An FBI agent looking into a possible anti-terrorism case can self-issue an NSL to a credit bureau, ISP or phone company with only the sign-off of the special agent in charge of their office."
Previous privacy questions
As previously reported in 2010 by Wired, the FBI and telecommunications companies formerly raised data security concerns when they allegedly collaborated to violate wiretap laws for four years to get access to citizen and reporter phone records by using emergency declarations or even government officials simply just asking for them. The Justice Department Inspector General's internal audit from that year criticized how the FBI used these letters to get carriers to immediately turn over phone records.
"The FBI's use of exigent letters and other informal requests for telephone toll billing records circumvented, and in many cases violated, the requirements of the Electronic Communications Protection Act statute," according to the report, which was referencing a leading federal wiretap law. "We found that a distinct lack of oversight and scrutiny by CAU managers, counterterrorism officials and FBI Office of General Counsel attorneys enabled the improper practice of obtaining ECPA-protected telephone records with the promise of future legal process to expand and proceed virtually unchecked for over four years."
The Wall Street Journal reported last year that the FBI had said it must retain a level of secrecy in sending these letters to avoid tipping off the potential terrorists they say they are watching. Former Acting Assistant Attorney General for National Security Todd Hinnen said the letters are "critical" to helping keep the country safe, but there are certainly some legitimate data security concerns as the amount of information grows higher in volume each year.
According to the website, Stephen Vladeck, a professor and expert on terrorism law at the American University Washington College of Law, said the most important national security letter case happened in 2012 as the FBI sent one to a phone company demanding to have phone records for a customer. The company ended up trying to fight the letter in court, to which the FBI came back with a civil complaint saying the business was getting in the way of "the United States' sovereign interests." The case has a heavy fog of secrecy surrounding it, but Vladeck said it begs the question of how First Amendment law can be protected of those who have these letters sent about them. Letters of this kind may be an important issue in data protection moving into the future.
Data Security News from SimplySecurity.com by Trend Micro