When the USA FREEDOM Act passed on June 2, we criticized it as weak-tea reform that codified rather than changing surveillance agency practices. It’s still weak-tea reform that codified agency practices, but it has also now led to a new and valuable ruling on the infamous practice of “national security letters” (NSLs).
NSLs are issued by the FBI, mostly to companies, and ask them for information on their users. They originated in the late 1970s, but at that time the FBI couldn’t require compliance; enforcement mechanisms were added only in the late 1990s, after the Aldrich Ames spy scandal. The PATRIOT Act of 2001 loosened the rules, allowing, among other changes, NSLs to be issued without the specific approval of the FBI Director or Assistant Director. NSL use exploded from 8,500 in 2000 to 56,504 in 2004 and still runs at a rate of above 21,000 per year. NSL recipients are barred from discussing whether they have received them or what the NSL asks for. Companies aren’t even allowed under law to state that they have not received any NSLs. The argument the government has repeatedly made is that allowing companies to say this, would encourage terrorists to use those companies and not others; but this attitude also leaves the average privacy-conscious consumer in the same soup as the “terrorist.”
Until now, with a new ruling from the Ninth Circuit.