Documents Show The FBI Is Targeting Financial Institutions, Credit Reporting Agencies, And Universities With NSLs

from the third-parties-are-the-best-parties dept

We've written several times before about the FBI and its unnatural love for National Security Letters. NSLs make the FBI tick. They're super handy, too. The FBI issues them to itself and then hands them to a variety of third parties, eliminating any judicial oversight. The fact that third parties are recipients make the Fourth Amendment (mostly) irrelevant. These work so well the FBI has used NSLs to get info the FISA court has already said it can't have.

Thanks to some modifications to NSLs by the USA Freedom Act, we're finally seeing recipients posting NSLs they've received. NSLs used to come with "forever" gag orders, preventing recipients from discussing them, much less posting the documents themselves. The new law, along with a decision from the DC Circuit Court, requires the FBI to periodically review its NSLs and decide whether the gag orders are still justified. Companies are also now allowed to demand gag order reviews themselves, rather than wait three years for the FBI to get around to it.

The end result has been the release of several un-gagged NSLs by tech companies like Facebook, Google, Yahoo, and Automattic. A FOIA lawsuit by the EFF has resulted in the largest NSL document dump to date. The released files were shared with the New York Times (which, in turn, is sharing the documents with everyone else), showing that NSLs are not just limited to tech companies and service providers. They also target any entity that might conceivably have third-party records on hand.

The F.B.I. has used secret subpoenas to obtain personal data from far more companies than previously disclosed, newly released documents show.

The requests, which the F.B.I. says are critical to its counterterrorism efforts, have raised privacy concerns for years but have been associated mainly with tech companies. Now, records show how far beyond Silicon Valley the practice extends — encompassing scores of banks, credit agencies, cellphone carriers and even universities.

While many tech companies are proactively posting un-gagged NSLs, most of the other recipients listed here haven't felt obligated to engage in transparency. Banks, credit agencies (Equifax, TransUnion, etc.), universities, and cable providers have not been publishing the NSLs green-lighted by the FBI's review process. What's included in the 1,000+ pages released to the EFF is hundreds of letters from the FBI to third party NSL recipients informing them they can publish the cleared NSLs. Many of these entities haven't.

What isn't in this stack of PDF pages are the NSLs themselves. The FBI may have cleared them for publication, but it's up to the recipients to actually publish them. If these entities aren't going to take this step, it really doesn't matter that gag orders have been lifted. Maybe the targeted customers have been informed of the FBI's interest in them. Maybe not. But the general public isn't being served by entities that are more than happy to gather voluminous amounts of information about their customers (and students) but unwilling to discuss how often they turn over that information to the federal government.

The documents also show that the FBI's review process isn't really resulting in that much more transparency. Roughly 750 letters were released to the EFF. That's a very small percentage of the NSLs whose gag orders were reviewed by the agency.

According to the new documents, the F.B.I. evaluated 11,874 orders between early 2016, when the rules went into effect, and September 2017, when the Electronic Frontier Foundation, a digital rights group, requested the information.

The release looks like a generous document dump by the FBI, but only if all context is removed. That's some of it right there: the 6% rate of return. The letters stating the FBI is fine with recipients discussing NSLs was only turned over to the EFF after a FOIA lawsuit. Finally, the NSLs we've seen published to date are the result of law that was passed in response to leaked documents that exposed the NSA and FBI's incredible surveillance powers… and how often they've abused these authorities. The government isn't being any more transparent. It's just unable to avail itself of as much opacity as it used to.

Filed Under: credit agencies, fbi, financial firms, gag order, national security letters, nsl, secrecy, universities

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. icon
    That Anonymous Coward (profile), 2 Oct 2019 @ 3:00am

    If you are against this you hate America...
    1 soundbite from 1 talking head and every single Congresscritter tells us to bend over and accept it.

    For all of the expansive, costly, and mostly useless projects & programs we have nothing to show for it beyond demands for more overreach.

    We deserve better.
    We deserve laws & rules based on solid science & solid evidence.
    We deserve to have all of the rights they claim citizens have, not having them chipped away.
    We deserve that those defending us play by the rules & not be enabled by courts deciding that the target was "bad" enough to not deserve protection from existing laws.

    We can't comment on these ongoing investigations, blah blah blah.
    How about a list of actual terror plots stopped, that were NOT driven by a CI roping some morons into a trap.
    We fear all of these outside threats while they are STILL trying to figure out if these 12 burned houses of worship might be a pattern as they walk past the burned wooden crosses put on the lawn & the swastikas spray painted everywhere.

    We can no longer stay the course & keep assuming 1 more round of rights limited/removed will FINALLY keep us safe, there is more then enough evidence everything they have done in the name of our safety haven't resulted in reasonable returns on the investment.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: I Invented Email
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.