National Security Letter

from Wikipedia, the free encyclopedia
Example of a National Security Letter dated November 19, 2007.

A National Security Letter ( NSL ; German  " Brief zur Nationalen Sicherheit " ) is a form of criminal legal order under US law . It is used by US government agencies, especially the FBI , in national security investigations .

content

With a National Security Letter, telecommunications providers as well as banks and financial companies can be obliged to release data about their customers. As a rule, a National Security Letter contains a confidentiality order that prohibits the recipient from discussing the content or even just receiving a National Security Letter.

The scope of NSLs is limited to data that is already available, so a company cannot be obliged to collect data about customers first and only metadata may be requested, in particular inventory data , but not communication content. National Security Letters are issued directly by the authorized authorities; they are not subject to judicial reservations . In this they differ from the general subpoena , which is not subject to any restrictions in terms of content but must be signed by a judge.

The recipient of a National Security Letter can call the appropriate United States District Court to verify the legitimacy of the claim or to limit the scope of the order. The government has the final say in judging an NSL to determine whether confidentiality is required. It can make a binding declaration that leakage of the NSL could cause damage to the security of the United States, an investigation, diplomatic relations, or the life or limb of a person. The court may not review or deny this finding. This clause is viewed by critics as a violation of the separation of powers , as findings by a government agency bind a court.

history

Forerunners of the National Security Letters were introduced in principle as early as 1986: According to the Right to Financial Privacy Act and the Electronic Communications Privacy Act , in investigations against foreign agents without judicial authorization, the FBI could demand that data be released and that the fact of the request be kept secret . 1996 was its scope of investigation into the unauthorized disclosure of official secrets and to credit reporting agencies expanded. However, NSLs only came into relevant use after a massive expansion of the content through the USA PATRIOT Act 2001. Since then, National Security Letters can be used in all national security investigations in cases of international terrorism and espionage, including against American citizens and foreigners on American soil. In addition, not only the headquarters of the FBI NSL are allowed to exhibit, but also the individual branch offices. Since then, other US authorities with competencies in the fight against terrorism have been able to issue National Security Letters, but these are limited to financial data. In 2006 the authorizations were extended again, on the other hand the possibilities of a judicial review were clarified.

The FBI issues tens of thousands of National Security Letters every year: from 2003 to 2006 alone, just under 200,000 NSL were delivered. The total number of NSLs from 2000 to early 2013 was estimated by the Electronic Frontier Foundation at 300,000, of which only four or five have been judicially reviewed. As far as is known, only three lawsuits against an NSL had succeeded by mid-2013: Brewster Kahle for the Internet Archive , Internet service provider Calyx Internet Access and four librarians in Connecticut . In these cases, the FBI withdrew the order based on the lawsuit and explained to the court that the information was unnecessary. The plaintiffs in these proceedings also won the right to speak about the National Security Letters they received. Since then, details of the procedure have become public. In May 2014, another success against an NSL became known: Microsoft resisted the confidentiality of a data request that concerned a business customer. The FBI withdrew the NSL here too. In the Calyx case, in August 2015 - eleven years after the NSL was issued - a federal court ruled for the first time that the confidentiality order in the NSL is not necessary and therefore illegal. This allowed the addressee to make public for the first time how the FBI interpreted the electronic communication transactional records clause, which is not further defined in the Patriot Act . The list of requested data comprised 17 items, including the customer's contact details, the complete log files of the RADIUS server and all IP addresses assigned to the account .

In April 2013, at the request of Google Inc. , a federal court declared the practice of the National Security Letter and its legal basis to be incompatible with the 1st Amendment to the United States Constitution and the separation of powers and thus unconstitutional. The judge criticized the fact that the authorities did not have to prove that it was necessary to keep the delivery of an NSL secret in the specific case. The control function of the separation of powers is violated because courts have only limited possibilities to check the secrecy. She ordered the FBI not to issue any more National Security Letters, but suspended the order for an initial 90 days to allow appeal. An appeal was lodged and the order was suspended pending a decision in the next instance. This is still pending (as of June 2016).

In a separate procedure, Google was subject to the application to publish the delivery of an NSL. The applicant in this process was actually supposed to be kept secret, but Google's role was made known through insufficient blackening in the decision. The Electronic Frontier Foundation welcomes the fact that Google, a large telecommunications company, is having the National Security Letter reviewed by a court. Large companies are in the best position to have these regulations examined. According to its own information, Google has received NSLs every year since 2009, which affect over 1000 and under 3000 users.

At the end of 2013, the President's Review Group on Intelligence and Communications Technologies , set up by the US President, stated in its investigation that NSLs were systemic because, after their scope had been expanded, they would affect the same data for which other legal authorizations would require judicial approval . The investigative commission therefore suggested that NSL should also be subject to the judge's reservation. The courts should check whether the legal requirements are met and the respective NSL only concerns data to the extent necessary for the investigation.

statistics

The FBI issues many thousands of National Security Letters every year: between 2003 and 2006 alone, just under 200,000 NSL were delivered. The total number of NSLs from 2000 to early 2013 was estimated by the Electronic Frontier Foundation at 300,000, of which only four or five have been judicially reviewed.

Since 2016, the Director of National Intelligence has published statistics on the previous year's figures. In 2015, 12,870 NSL were issued, which related to 48,642 individual data.

literature

Individual evidence

  1. 18 USC § 2709 - Counterintelligence access to telephone toll and transactional records
  2. a b USA PATRIOT Improvement and Reauthorization Act of 2005: A Legal Analysis (PDF; 373 kB) Congressional Research Service's report for Congress, Brian T. Yeh, Charles Doyle, December 21, 2006.
  3. 18 USC § 3511 (b)
  4. Doe v. Mukasey , 549 F.3d 882-83 (2nd Cir. 2008)
  5. Unless otherwise stated, the story is based on: Congressional Research Service: National Security Letters in Foreign Intelligence Investigations (PDF; 345 kB) Legal Background and Recent Amendments, September 8, 2009 Chapter Background , pages 2–6
  6. Cornell University: 18 USC § 2709 , Notes on Source and Amendments
  7. Washington Post: FBI Found to Misuse Security Letters , March 14, 2008
  8. a b c d Bloomberg: Google Fights US National Security Probe Data Demand , April 4, 2013
  9. ^ A b The New Yorker: What It's Like to Get a National-Security Letter , June 28, 2013
  10. ^ New York Times: Internet Archive Challenges FBI's Secret Records Demand , May 7, 2008
  11. ^ Brad Smith: New success in protecting customer rights unsealed today . Microsoft Technet, May 22, 2014
  12. Calyx Institute: Federal Court Invalidates 11-Year-old FBI gag order on National Security Letter recipient Nicholas Merrill , September 14, 2015 with a link to the judgment
  13. ^ ACLU: Merril v. Lynch - unredacted attachment
  14. ^ Wall Street Journal: Open Secret About Google's Surveillance Case No Longer Secret , August 26, 2013
  15. ^ Google inc .: Transparency Report - United States , accessed August 28, 2013
  16. ^ The President's Review Group on Intelligence and Communications Technologies: Liberty and Security in a Changing World , Dec. 12, 2013, pp. 89-94
  17. Washington Post: FBI Found to Misuse Security Letters , March 14, 2008
  18. Office of the Director of National Intelligence: Annual Statistics for Calendar Year 2015 regarding Use of Certain National Security Legal Authorities , April 30, 2016