Google revealed this week that the Federal Bureau of investigation has actively monitored the activities of thousands of Google users through the use of National Security Letters (NSLs). This is the first time Google has made the FBI’s use of NSLs public.
NSLs were created in the 1970s as a way for the feds to secretly obtain information about potential foreign spies. Since the 9/11 attack, however, their purpose was extended via the Patriot Act for use against potential terrorists – including American citizens. Any person or company that has been issued NSLs is prohibited from talking about it. Those who do face possible jail time. (Tell anyone, and the terrorists win – or so the theory goes.) But Google has worked out a deal with the FBI that allows the Internet giant to disclose vague details about the extent to which the FBI has used NSLs to obtain user data.
As you can see above, Google lists the number of NSLs it received each year as a broad range, from zero to 999. The number of users accounts affected by the NSLs is also a range. According to the table above, NSLs were submitted to obtain between 2,000 and 2,999 user accounts in 2010, the highest of any year Google has disclosed thus far.
“You’ll notice that we’re reporting numerical ranges rather than exact numbers,” wrote Google Legal Director Richard Salgado in a recent post on the company blog. “This is to address concerns raised by the FBI, Justice Department, and other agencies that releasing exact numbers might reveal information about investigations.”
Salgado says Google will include the FBI’s use of NSLs in the Google Transparency Report, and will “update these figures annually.”
The thought of NSLs being issued to Google scares civil rights groups like the Electronic Frontier Foundation, which called the use of NSLs “frightening and invasive” because they allow the feds to bypass courts. FBI field agents must only have permission from their superior officer to send an NSL – no judge needed. User information that the FBI can access through NSLs includes names, addresses, and billing records. Thankfully, NSLs can’t be used to obtain email content or IP addresses.
Image via tankist276/Shutterstock