The FBI’s Secret Surveillance Letters to Tech Companies

July 1, 2012 by

Just what kind of information can the government get with a so-called “national security letter” – the tool that allows investigators to seek financial, phone and Internet data without a judge’s approval?

It’s a secret.

The letters let the Federal Bureau of Investigation get information without going before a judge or grand jury if it’s relevant to a national security investigation. The letters have been around since the 1980s, but their use grew after the Sept. 11, 2001 terrorist attacks and passage of the USA Patriot Act. Tens of thousands of the requests are sent each year, but they are generally subject to strict secrecy orders.

In response to a Freedom of Information Act request by the American Civil Liberties Union, the Justice Department has revealed for the first time templates for each of the types of national security letters it sends – nine in all. Among other things, the letters show that the FBI is now informing people who receive the letters how they can challenge the documents in court.

But some key elements of the letters remain blocked from view – including lists of material the FBI says companies can send in response to the letter.

The most basic requests outlined in the templates are for name, address and length of service for either phone or Internet accounts. The broadest requests seek things such as entire credit reports, Internet activity logs, phone “billing records,” “financial records” or “electronic communications transactional records.”

What exactly do those terms mean? Well, there’s the rub.

A 2008 opinion from the Justice Department’s legal counsel found that the letters could request “only those categories of information parallel to subscriber information and toll billing records for ordinary telephone service.” What exactly counts as “parallel” could be debated.

In several of the templates, the FBI includes a list of specific items that “may be considered” by the companies to be responsive to the requests. The list for phone billing records includes 15 bullet points; there are 13 points on the list for electronic data. The items associated with financial records appear to stretch on for two pages. But we can’t know for sure what is there because it has been redacted.

Some broad outlines are available: Financial records include “any record held by a financial institution pertaining to a customer’s relationship with the financial institution.”

Electronic records involve “transaction/activity logs” and email “header information,” which includes things such as the “to” and “from” lines of a message.

The letters point out that companies aren’t supposed to tell investigators about the content of their customers’ messages; courts have long held that phone conversations and the texts of recent emails are available only with search warrants. The template to get electronic records specifically warns companies not to provide the subject lines of emails for this reason.

Beyond that, it’s unclear.

“There is a growing divide between the government’s and the public’s understanding of the government’s surveillance authority,” said Alexander Abdo, a staff attorney with the ACLU. “To this day, the government refuses to specify what certain surveillance laws—including ‘national security letters’—allow it to collect.”

The government says it seeks only the information it’s allowed to get and must maintain the secrecy of national security letters to avoid tipping off potential terrorists.

“NSLs are integral to determining whether, how, and by whom our nation is being put at risk,” then Acting Assistant Attorney General for National Security Todd Hinnen told a House Judiciary subcommittee last year in written remarks.

The templates disclosed in the ACLU files show how the FBI has changed the letters in response to court rulings and new laws. The gag order that accompanies most of the letters is no longer an “automatic feature,” the FBI says in instructions to agents. To get a secrecy order, the agent must certify that disclosure “may endanger the national security of the United States, interfere with a criminal, counterterrorism, or counterintelligence investigation, interfere with diplomatic relations, or endanger the life of physical safety of a person.”

In all of the letters, the FBI tells the recipient that it can challenge the letter “if compliance would be unreasonable, oppressive, or otherwise unlawful.” It also outlines a process for fighting the nondisclosure order: The company has 10 days to tell the FBI it wants to challenge the gag order, and the FBI says it will then “initiate judicial proceedings” to get a court order to enforce the gag.

In the first two years after the FBI began including this notice in its letters, only a handful of companies challenged the gag orders, the FBI has said.

Many major technology companies have guidelines for handling national security letters, although they cannot confirm or deny ever having received the letters, under the strict secrecy order that accompanies most of the requests. Mr. Hinnen told the subcommittee last year that a “small number of providers” had concluded that the FBI wasn’t entitled to electronic communications transactional records, because the law wasn’t clear.

Companies are reluctant to disclose their specific policies, though. In responses to questions from The Wall Street Journal, Facebook was the only company to say specifically what data it would give out.

“We interpret the national security letter provision as applied to Facebook to require the production of only two categories of information: name and length of service,” said Fred Wolens, a public policy spokesman for the social networking giant.

Other companies were more vague. Google and Twitter both said their companies comply with “valid legal process” and seek to notify users of requests whenever possible. Verizon and AT&T both said they do not comment on national security matters.

Read more

Filed Under: Featured News Tagged With: , , , , , ,

Cell Phone Location Tracking Request Response – Cell Phone Company Data Retention Chart

October 1, 2011 by

Below is a clean copy of a document comparing the data retention policies of the top five cell phone providers in the U.S. The document, entitled, “Retention Periods of Major Cellular Providers,” was produced in 2010 by the Department of Justice to advise law enforcement agents seeking to obtain cell phone records and was uncovered by the ACLU’s coordinated records request on cell phone location tracking by police. The original was received by the ACLU of North Carolina.

In August 2011, 35 ACLU affiliates filed 381 requests in 32 states with local law enforcement agencies seeking to uncover when, why and how they are using cell phone location data to track Americans. You can find more information about the effort here.

Filed Under: Featured News Tagged With: , , , , ,

ACLU challenges Illinois eavesdropping act

September 1, 2011 by

Lawsuit cites cases of people charged with breaking the law for making audio recordings of police in action

It’s not unusual or illegal for police officers to flip on a camera as they get out of their squad car to talk to a driver they’ve pulled over.

But in Illinois, a civilian trying to make an audio recording of police in action is breaking the law.

“It’s an unfair and destructive double standard,” said Adam Schwartz, a lawyer with the American Civil Liberties Union of Illinois.

On Wednesday, the ACLU filed a federal lawsuit in Chicago challenging the Illinois Eavesdropping Act, which makes it criminal to record not only private but also public conversations made without consent of all parties.

With cell phones that record audio and video in almost every pocket, the ability to capture public conversations, including those involving the police, is only a click away. That raises the odds any police action could wind up being recorded for posterity.

Opponents of the act say that could be a good thing and certainly shouldn’t lead to criminal charges.

The ACLU argues that the act violates the First Amendment and has been used to thwart people who simply want to monitor police activity.

The head of the Chicago police union counters that such recordings could inhibit officers from doing their jobs.

In its lawsuit, the ACLU pointed to six Illinois residents who have faced felony charges after being accused of violating the state’s eavesdropping law for recording police making arrests in public venues.

Adrian and Fanon Perteet were passengers in a car at a DeKalb McDonald’s drive-through in November when police moved in. Officers suspected that the car’s driver was under the influence, according to the brothers.

Fanon Perteet, 23, said he was scared. Past experiences with police had left him suspicious of the officer’s motives, he said. So he pulled out his cell phone and turned on the video camera, which also records sound.

“I felt obligated to record so nothing happened,” said Perteet, an event planner.

When the officers realized they were being taped, Perteet was arrested and taken to a squad car. Adrian Perteet, 21, a student at Northern Illinois University, then took out his cell phone and started recording his brother’s arrest.

Both brothers were charged with violating the eavesdropping act, a felony, their lawyer Bruce Steinberg said. They pleaded guilty in April to attempted eavesdropping, a misdemeanor, to avoid felony convictions, Steinberg said.

The Perteets were ordered to apologize to the officers. They were given back their cell phones, which had been seized by police, but told to delete the recordings. If they complete the terms of the sentence and stay out of trouble, the charges will be dismissed, Steinberg said.

Nonetheless, the episode was an embarrassing experience, said the brothers, who live in Chicago’s Old Town neighborhood. They welcomed the ACLU’s lawsuit.

“I’ve been waiting for something like this,” Adrian Perteet said. “I don’t want it happening to anyone else.”

Illinois is one of only a few states, including Massachusetts and Oregon, where it is illegal to record audio of conversations that take place in public settings without the permission of everyone involved.

Illinois’ eavesdropping ban was extended in 1994 to include open and obvious audio recording, even if it takes place on a public street where no expectation of privacy exists and in a volume audible to the “unassisted human ear.”

Experts said that although statutes like Illinois’ have been on the books for years, more arrests have occurred in recent years because of the prevalence of cell phone cameras that also record audio.

Robb Harvey, an intellectual property lawyer in Tennessee, said it’s likely there will be more widely disseminated videos with audio that show alleged police misconduct and more efforts by law enforcement to stop such recordings from being made.

Harvey and other attorneys said eavesdropping statutes were not intended to criminalize recording police officers in public.

“It’s a stretch to apply surveillance laws to a situation on the street with an encounter between the police and the public,” said Maryland defense attorney Steven Silverman. “An officer has no expectation of privacy when he makes a traffic stop or arrest in the course of his workday.”

Silverman refers to cases similar to one involving the Perteets — two of which are pending in Maryland, which has a similar eavesdropping law — as “contempt of cop.”

“The backlash is coming from embarrassment,” he said of police reaction to being recorded. “These are archaic statutes, made in a time when technology was different. The laws need to catch up.”

The defendant in the ACLU lawsuit is Cook County State’s Attorney Anita Alvarez, whose office is pursuing an eavesdropping case against Chicago artist Chris Drew.

In December 2009, Drew intentionally set out to break the city’s anti-peddling law by offering handmade, screen-printed patches for $1 on State Street.

Filed Under: Featured News Tagged With: , , , ,