Following a decade-long court battle between the FBI and a broadband provider, it has come to light that the law enforcement agency has been using secretive letters to compel companies to hand over private user data without a warrant.
Nicholas Merrill, founder of ISP Calyx Internet Access, took the FBI to court (PDF) after he refused to comply with a national security letter (NSL) he received in 2004, which contained a request (PDF) for a subscriber’s personal data, including complete Web browsing history, IP addresses of everyone they corresponded with, and records of online purchases.
The NSL was signed into law as part of the US Patriot Act after the 2001 terror attacks in the country. It only requires an FBI agent’s signature and is usually accompanied by a gag order which bars recipients from disclosing the contents of the agency’s demands.
Merrill explained why he believes the NSLs are a threat to privacy in his remarks:
The FBI has interpreted its NSL authority to encompass the websites we read, the web searches we conduct, the people we contact, and the places we go. This kind of data reveals the most intimate details of our lives, including our political activities, religious affiliations, private relationships, and even our private thoughts and beliefs.
Over 10,000 such letters are issued by the FBI annually, and tech companies including Google have had little luck challenging them.
Merrill’s victory in court is significant not only because it’s the first time a person has succeeded in completely lifting an NSL gag order, but also because it revealed the FBI’s broad-reaching powers to demand data concerning suspects without judicial oversight.
➤ Following major first amendment victory, national security letter recipient Nicholas Merrill able to reveal previously undisclosed scope of FBI warrantless surveillance tool [Yale Law School via ZDNet]