Yahoo First Company To Publicly Acknowledge It Has Received National Security Letters

from the doxing-the-feds dept

Given its history of battling gag orders from the government, there's some cosmic justice contained in the fact that Yahoo is the first company to publicly disclose the contents of National Security Letters it has received. Before the passage of the USA Freedom Act, NSLs came bundled with a presumptive lifetime ban on disclosure. This wasn't statutorily-required. It's just the way things worked out when the FBI was allowed to decide if and when it was going to allow NSL recipients to publicly discuss them.

The surveillance reform law requires the FBI to "periodically" assess its NSL nondisclosure demands, which appears to have led directly to the first publication of these letters by any company. Yahoo's accompanying statement notes it will continue to publicly disclose whatever it's allowed to in the future.

Yahoo has always maintained a strong commitment to protecting our users’ safety, security and privacy. The release of these documents and information regarding NSLs today is consistent with our commitment to sharing as much information as we legally can regarding government data requests. We believe there is value in making these documents available to the public to promote an informed discussion about the legal authorities available to law enforcement. They also demonstrate the importance of hard-fought reforms to surveillance law achieved with passage of the USA Freedom Act.

The letters [PDF] are redacted but some information had still managed to seep out between the black bars. For one, it appears the FBI asks for everything Yahoo could possibly have collected about targeted users, tracing all the way back to the creation of the accounts.

In preparing your response to this National Security Letter, you should determine whether your company maintains the following types of information which may be considered by you to be an electronic communications transactional record in accordance with Title 18 United States Code § 2709.

Subscriber name and related subscriber information

Account number(s)

Date the account opened or closed

Physical and or postal addresses associated with the account

Subscriber day/evening telephone numbers

Screen names or other on-line names associated with the account

All billing and method of payment related to the account including alternative billed numbers or calling cards

All e-mail addresses associated with the account to include any and all of the above information for any secondary or additional e-mail addresses and or user names identified by you as belonging to the targeted account in this letter

Internet Protocol (IP) addresses assigned to this account and related e-mail accounts

Uniform Resource Locator (URL) assigned to the account

Plain old telephone{s) (POTS), ISDN circuit(s), Voice over internet protocol (VOIP), Cable modem service, Internet cable service, Digital Subscriber Line (DSL) asymmetrical/symmetrical relating to this account

The names of any and all upstream and providers facilitating this account's communications

The above-listed information from "inception of the targeted account to the present" if this request cannot be processed as presently written

And, while the FBI requests this information to be sent to it in electronic form, it demands any challenges to its gag orders be handled via fax machines or snail mail.

This disclosure allows Yahoo to update its previous transparency reports with real numbers, rather than the fake numbers demanded by the government.

Prior to this, Yahoo hadn't even been allowed to disclose the fact that it had received NSLs, even under the very broad disclosure range of 1-499. This is a small step towards government transparency -- one that will hopefully continue to undermine its secrecy-by-default stance.

Reader Comments

Subscribe: RSS

View by: Time | Thread

  • identicon
    Anonymous Coward, 2 Jun 2016 @ 12:21pm


    Wow, it looks like the FBI sends Yahoo possibly *thousands* of NSL's each year. No wonder they don't want the public to know.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 2 Jun 2016 @ 3:30pm

    Well, good for you, Yahoo. You're still a basically shit company, but you could turn this into a reinvigoration if you're smart about it.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 2 Jun 2016 @ 7:46pm

      "Privacy" is for olds

      Far from being concerned about constant surveillance, today's users will soon actively seek to friend the FBI.

      "Hey FBI, I took another selfie! Look at me! Look at me!"

      reply to this | link to this | view in chronology ]

  • icon
    Ninja (profile), 3 Jun 2016 @ 8:23am

    Well, this is amazing. For me these NSLs are so wrong that it doesn't matter if you received 1 or 2000, the number should always be zero.

    reply to this | link to this | view in chronology ]

  • identicon
    katewillson, 2 Feb 2017 @ 10:21pm

    I appreciate your hard work to explain step by step all changes.thanks for such post.

    reply to this | link to this | view in chronology ]

  • icon
    Austin walker (profile), 19 Feb 2017 @ 2:11am

    To block Spamming

    Being a multinational organization, its yahoo responsibility to secure its user's confidential information, if any misfunction occurred in this situation watch head regulatory from govt aware about the same to organizations with strong warning, it is good thing that yahoo admit that its services loopholes

    reply to this | link to this | view in chronology ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Special Affiliate Offer

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.