Microsoft Latest Service Provider To Pry A National Security Letter Free From Its Gag Order

from the slow-drip-transparency dept

Microsoft is the latest to publish a National Security Letter, following Google, Yahoo, Twitter, Calyx, Cloudflare, and… the Internet Archive. Microsoft's NSL [PDF] was issued by the FBI (of course) and demanded the usual subscriber info.

In the post accompanying the disclosure, Microsoft points out the USA Freedom Act is the only reason it's been able to release the NSL. This is one of the benefits of the recent law: a better, faster way to compel review of NSL gag orders, which used to take place almost never.

In addition, Microsoft notes FISA orders are on the rise. Of course, its reporting is limited to useless "bands," so the only thing that can definitely be determined is Microsoft's FISA interactions have at least doubled.

For the latest Foreign Intelligence Surveillance Act (FISA) data reported, Microsoft received 1,000-1,499 FISA orders seeking content disclosures affecting 12,000-12,499 accounts, compared to the 0-499 FISA orders seeking disclosure of content impacting 17,500-17,999 accounts reported for the previous period.

What's included in the NSL is more of the same: demands for subscriber info backed solely by the authority of the FBI agent who typed it up. No judicial approval needed. What isn't in there are demands for a bunch of info the FBI has no business asking for, like in those served to Yahoo. In one of Yahoo's NSLs, the government demanded the service provider go above and beyond statutory requirements and hand over everything from subscriber phone numbers to "upstream providers" associated with the named account.

It also contains the old, pre-USA Freedom Act boilerplate about challenging the gag order -- something the FBI continued to append to post-USA Freedom Act NSLs until the Internet Archive shamed it into admitting it was using outdated language.

Going forward, the government should expect the challenges to continue. Microsoft notes it's currently in court contesting the feds' increasing use of gag orders -- something it justifies using a law meant to protect the privacy of electronic communications: the ECPA.

The trickle of un-gagged NSLs is encouraging. Even if the releases trail far behind issuances (both in number and elapsed time), the fact that we're seeing any at all remains a small miracle. If service providers are enjoying these very occasional forays out from under gag orders, they might want to consider sending a few fruit baskets Snowden's way.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: gag order, national security letter, nsl

Companies: microsoft