Google Reveals Some Data About National Security Letters, May Have Exposed DOJ Duplicity

from the transparency... dept

It's illuminating to compare the minimum number of users affected by NSLs each year to the numbers we find in the government's official annual reports. In 2011—the last year for which we have a tally—the Justice Department acknowledged issuing 16,511 NSLs seeking information about U.S. persons, with a total of 7,201 Americans' information thus obtained. That's actually down from a staggering 14,212 Americans whose information DOJ reported obtaining via NSL the previous year. Remember, this total includes National Security Letters issued not just to all telecommunications providers—including online services like Google, broadband Internet companies, and cell phone carriers—but also "financial institutions," which are defined broadly to include a vast array of businesses beyond such obvious candidates as banks and credit card companies. What ought to leap out at you here is the magnitude of Google's tally relative to that total: They got requests affecting at least 1,000 users in a year when DOJ reports just over 7,000 Americans affected by all NSLs—and it seems impossible that Google could account for anywhere remotely near a seventh of all NSL requests. Google, of course, is not limiting their tally to requests for information about Americans, which may explain part of the gap—but we know that, at least of a few years ago, the substantial majority of NSLs targeted Americans, and the proportion of the total targeting Americans was increasing year after year. As of 2006, for instance, 57 percent of NSL requests were for information about U.S. persons. So even if we reduce Google's minimum proportionately, that seems awfully high.

There's a simple enough explanation for this apparent discrepancy: The numbers DOJ reports each year explicitly exclude NSL requests for “basic subscriber information,” meaning the “name, address, and length of service” associated with an account, and only count more expansive requests that also demand more detailed “electronic communications transactional records” that are “parallel to” the “toll billing records” maintained by traditional phone companies.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

We've talked for years about the government's use of "national security letters" or NSLs, which are effectively a way for law enforcement types to seek information with less oversight than a subpoena, and which usually come with a very, very extreme gag order attached. Despite the fact that, by their own admission, law enforcement has regularly and systematically abused this tool, they are still widely used and there has been little effort to block the abuses. Google's latest transparency report is seeking to reveal some data about the NSLs it has received , but without revealing too much. Rather than directly revealing how many NSLs it has received, it is posting ranges (in bunches of 1,000) -- and apparently the company got at least some level of approval from the government to do this ("We're thankful to U.S. government officials for working with us").By itself, the data doesn't seemenlightening.However, there is some useful information you can pick out of there, and who better to pick out that info that Julian Sanchez, who has followed this issue closely. He's found that you can actually tease out some useful info even with those broad ranges.Sanchez wonders if the DOJ is effectively under-counting how many NSLs it uses by pretending thattowards its official tally of NSLs.That would mean that the NSL number that the DOJ reports is not particularly accurate, and that the FBI really issues a hell of a lot more NSLs (not so). Shocking reveal of the day: the DOJ may not be entirely forthright about how often it's spying on Americans using a widely abused process with little oversight.

Filed Under: doj, fbi, national security letters, nsls, privacy, transparency

Companies: google