It’s time to reform the feds’ ability to surveil Internet users

When the Department of Justice raises “national security” as a defense in a case, should that defense trump any other argument in the case? Should the national security argument trump constitutional protections?

Microsoft and Twitter sued the government regarding its secrecy practices, and both companies recently enjoyed successes in court. The Federal Bureau of Investigation served search warrants on Microsoft and National Security Letters on Twitter. The search warrants and NSLs have one thing in common: the FBI demanded the technology companies keep completely quiet about them. In the case of Microsoft, the search warrants included court orders compelling secrecy. In the case of Twitter, federal NSL law mandates secrecy.

{mosads}Neither Microsoft nor Twitter could tell users the FBI was targeting their electronic communication records. Twitter, and other companies receiving NSLs, cannot even disclose the specific number of requests received.

The distinction between Microsoft’s and Twitter’s cases is important. While both address non-disclosure, the difference between search warrants with gag orders and NSLs is imperative. Warrants must be approved by a court. NSLs are a form of subpoenas. Subpoenas do not need prior approval of a court.

The FBI’s ability to issue NSLs for financial record information has existed since 1978. Congress, at the time, was highly skeptical of providing broad authority to the FBI and strictly limited it by permitting states to prevent banks from cooperating with the FBI.

In 1986, Congress expanded the FBI’s authority. The expansion included provisions providing the FBI access to telephone and other communications records. The 1986 laws also eliminated states’ ability to prevent banks from cooperating with the requests.

Despite expanding the FBI’s authority, Congress remained skeptical of the FBI’s exercise of NSL authority. It kept stringent limitations in place, requiring the FBI to certify the records sought related to counter-intelligence investigations of a foreign power or its agents.

In the 1990s, Congress twice expanded the reach of NSLs. One of these laws permitted use of the letters related to investigations of classified information leaks by government employees.

After the September 11, 2001 terrorist attacks, Congress drastically expanded NSL authority through the USA Patriot Act. At the same time it expanded authority, Congress removed many safeguards designed to prevent misuses of the authority. According to a Congressional Research Service Report, the Patriot Act “eliminated the requirement that the record information sought pertain to a foreign power or [its agent]; required instead that the NSL request be relevant to an investigation to protect against international terrorism or foreign spying” and made NSL’s available to “any government agency investigating or analyzing international terrorism.” 

Congress further revised NSL authority in 2006 by providing some judicial oversight and establishing penalties for companies violating NSL secrecy provisions.

The secrecy provisions have several problems, according to Microsoft and Twitter, but primarily the secrecy provisions violate the companies’ First Amendment rights. The First Amendment prevents the government from imposing “prior restraints” on speech. Prior restraints occur when a law prevents a person or company from speaking before the opportunity to speak occurs.

Both Microsoft and Twitter want to inform consumers as to what types of legal requests they receive. Remember the secrecy laws and orders prevent the companies from listing the specific number of requests received. Additionally, the secrecy orders do not specify how long the companies must keep the demands quiet. The FBI has argued the requests must always be kept secret, even fighting tooth-and-nail to keep all NSLs completely secret.

One of the first NSLs disclosed to the public occurred after a decade-long lawsuit. The owner of a communications company received a NSL in 2004, won the disclose he received it in 2010, and finally won the right to publish the letter in 2015. In 2016, Yahoo mimicked that company, publishing three letters it received. 

Based on these published NSLs, the FBI tends to demand more information than it is permitted by statute. Federal law permits the FBI to compel communications providers to turn over “subscriber information and toll billing records, or electric communication transactional records in its custody or possession.” In addition this electronic transactional record information, the FBI has demanded “records relating to merchandise orders/shipping information,” “Internet Service Provider,” “All website information registered to the account” and much more. 

National security might be an important argument, but it should by no means be a trump card. Companies and courts should evaluate the requests for secrecy, balancing the need to keep investigations quiet with the public’s interest in understanding the specific requests the government is making of communications companies. It is hard to see just how revealing a specific number of subpoenas or warrants received would significant impair national security.

Jonathon Hauenschild, J.D. is a technology policy analyst and the founder and principal of Franklin Adams & Co., LLC.

The views expressed by contributors are their own and are not the views of The Hill.