As we've been saying, the passage of the USA Freedom Act is just a small first step in the long road to real surveillance reform. On Wednesday, the House took another small step, voting overwhelmingly in favor of an amendment to an appropriations bill put forth by Rep. Thomas Massie that blocks funding to the National Institute of Science and Technology (NIST) for working with the NSA or CIA to undermine or backdoor encryption. This appears to be quite similar to part of the similar amendment last year that banned both this kind of NIST coordination, but also the NSA's use of backdoor searches under Section 702. As far as I can tell, this new amendment does not include that latter bit. Either way, this amendment passed 383 to 43.
It appears that another amendment, put forth by Rep. Ted Poe also passed by voice vote and it would block the use of funds from the DOJ/FBI from being used "to mandate or request that a person alter the product or service of the person to permit electronic surveillance of any user or service" except in cases required under existing wiretapping law.
Both of these are very big deals, and the fact that they passed so easily suggests that the House is nowhere near done on pushing for real surveillance reform. Of course, whether or not these actually go anywhere is another story. As you may recall, after passing overwhelmingly last year, under pressure to get a big omnibus bill done at the end of the year, the House leadership agreed to drop those provisions under pressure from the intelligence community.
Also, one other interesting amendment also appears to have passed easily by voice vote, which is an amendment put forth by Jared Polis, and would make it clear that the DEA cannot do bulk collection under its subpoena authority. As was detailed a few weeks ago, for many years, the DEA had been using this authority to collect tons of phone records, and the program only ended once the administration realized that the claims it was using in support of the NSA's bulk collection didn't apply to the DEA's collection, and thus they couldn't really continue it. Polis's amendment means that this particular loophole is closed for good (not that others might still be open...).
Again, all three of these may not survive all the way into law, but it does show that there's still a very strong interest in the House to continue pushing back against surveillance abuse.
Rightscorp (via two music publishers) has dragged Cox into court to test its novel (read: legally unsound) theory that complying with the DMCA means cutting off service to "repeat infringers." The theory itself is largely untested, but far from promising. But that isn't stopping BMG and Round Hill Music (with Rightscorp as a not-so-silent partner) from taking a flyer on a bad legal bet. Certainly, the theory would be advantageous to the shakedown efforts Rightscorp generously refers to as a "business model," but, so far, the only thing being offered as "evidence" of repeat infringement is Rightscorp's own declarations.
Those declarations are highly suspect. Cox has filed an opposition to Rightscorp's Motion to Compel that highlights the anti-piracy company's extortion-esque tactics.
“Rightscorp is in the business of threatening Internet users on behalf of copyright owners. Rightscorp specifically threatens subscribers of ISPs with loss of their Internet service — a punishment that is not within Rightscorp’s control — unless the subscribers pay a settlement demand,” Cox writes (pdf).
Cox has refused to participate in Rightscorp's quasi-legal activities. While the company is not opposed to passing on infringement allegations, it did ask Rightscorp to remove the threatening language (cutting off service, $150,000 per infringement claim) first. Rightscorp refused to do so. This impasse is obviously unacceptable to Rightscorp, which depends on the (very) occasional settlement payment to keep its business barely afloat.
As Cox points out, Rightscorp has decided the best course of action is to maintain its unsteady perch on the edge of legality. In the filing, Cox alleges that Rightscorp tried to make the ISP a "business partner" in its shakedown attempts.
“Rightscorp had a history of interactions with Cox in which Rightscorp offered Cox a share of the settlement revenue stream in return for Cox’s cooperation in transmitting extortionate letters to Cox’s customers. Cox rebuffed Rightscorp’s approach,” Cox informs the court.
But that's not the only legally-dubious tactic the "cutting edge" anti-piracy firm has deployed. It's also attempting to use this lawsuit's discovery process to sidestep subpoena limitations.
The motion lays bare one of Plaintiffs’ primary reasons for bringing this lawsuit. Plaintiffs seek to circumvent the Cable Privacy Act process and instead use discovery in this case to force Cox to reveal, en masse, PII for possibly tens of thousands of Internet subscribers who Plaintiffs speculate might be violating their copyrights. The Cable Privacy Act expressly prohibits Cox from disclosing its subscribers’ PII, for good reason: Internet subscribers have a compelling privacy interest in the confidentiality of their personal information, which can of course be vulnerable to exploitation for myriad improper purposes. If a copyright holder earnestly believes that an unnamed Internet subscriber is infringing upon its copyrights, the proper course is to bring a “John Doe” lawsuit against the subscriber and then to use third-party subpoena power to obtain identifying information from the user’s Internet Service Provider. That legitimate procedure allows notice to the subscriber and an opportunity for the subscriber to act to protect his or her rights. It also relieves the ISP of the unfair responsibility of adjudicating which of the two competing interests (the subscriber’s or the accuser’s) should trump the other.
Plaintiffs nominally (Rightscorp in reality) claim to have identified “approximately 150,000” infringers, including several hundred “egregious infringers,” among Cox’s subscribers. But Plaintiffs apparently have only IP addresses to go on. (Doc. 72, Corrected Br. at 3.) Plaintiffs have not filed any “John Doe” lawsuits against Cox customers and have not sought information from Cox by subpoena. More importantly, Plaintiffs do not seek, and have not sought, leave to add “John Doe” defendants in this case.
The practical dynamics of this motion are suspect: If there are 150,000 infringers among Cox subscribers, as Plaintiffs claim, why would they limit themselves (at least for now) to just 500 “egregious infringers”? Will Plaintiffs seek to depose or serve Rule 45 subpoenas on those 500? Will Plaintiffs now seek to add those 500 as co-defendants? Why do Plaintiffs want a blank-check “open order” to continually demand that Cox reveal more identities at later stages in this action? When tested in practical terms, Plaintiffs’ motion makes no sense, and their arguments plainly are an obvious pretext for some other motive.
"Pretext for some other motive" basically describes the entirety of Rightscorp's business model. It subpoenas ISPs for subscriber info, under the unspoken pretext that further legal action is in the offing. But instead of suing file sharers, the company instead uses the information to harass subscribers into paying "settlements" for alleged infringement.
Despite the damning claims made by Cox, the court has partially granted the questionable Motion to Compel. The ISP has been ordered to turn over the "Top 250 IP Addresses recorded to have infringed in the six months prior to filing the Complaint." This distinction is important, because as Cox points out in its opposing motion, the plaintiffs' constantly-widening net had managed to drag in alleged infringers whose infringement didn't occur until after the lawsuit was filed.
Plaintiffs’ stated justifications for their extraordinary request do not help Plaintiffs’ cause. Plaintiffs acknowledge that they “must establish direct infringement of the copyrighted works asserted in this case,” and imply that their motion serves that end. (Doc. 72, Corrected Br. at 4.) But that implication is illogical because Plaintiffs seek PII for 500 subscribers of the 150,000 supposedly implicated here. Surely Plaintiffs are not prepared to concede that their claims fail for the works that the other 149,500 subscribers allegedly infringed. Notably, of the 500 allegedly “egregious infringers” the Plaintiffs hand-picked, 250 allegedly infringed after this lawsuit was filed. (Doc. 72, Corrected Br. at 4.) Those subscribers’ alleged infringements, therefore, cannot have formed a basis for Plaintiffs’ claims in this suit. And nowhere do Plaintiffs even assert that Rightscorp sent purported DMCA notices to Cox with respect to those particular subscribers.
Cox has come out swinging in the early going, and its assertions confirm much of what has been written about Rightscorp and its tactics. This aggressive stance should help uncover plenty of damning details, none of which should have a positive effect on Rightscorp's shriveling stock price.
For many years now, we've been writing about the need for ECPA reform. ECPA is the Electronic Communications Privacy Act, written in the mid-1980s, which has some frankly bizarre definitions and rules concerning the privacy of electronic information. There are a lot of weird ones but the one we talk about most is that ECPA defines electronic communications that have been on a server for 180 days or more as "abandoned," allowing them to be examined without a warrant and without probable cause as required under the 4th Amendment. That may have made sense in the 1980s when electronic communications tended to be downloaded to local machines (and deleted), but make little sense in an era of cloud computing when the majority of people store their email forever on servers. For the past few years, Congress has proposed reforming ECPA to require an actual warrant for such emails, and there's tremendous Congressional support for this.
And yet... it never seems to pass. The story that we keep hearing is that two government agencies in particular really like ECPA's outdated system: the IRS and the SEC. Since both only have administrative subpoena power, and not the ability to issue warrants like law enforcement, the lower standards of ECPA make it much easier for them to snoop through your emails without having to show probable cause. Last year, in a Congressional hearing, the SEC's boss, Mary Jo White, was questioned about this by Congressman Kevin Yoder, who has been leading the charge on ECPA reform. As we reported at the time, in the conversation, White clearly said that the SEC needed this ability or it would lose "critical" information in its investigations. You can see the conversation from 2014 below, where White (starting around 2:30) explains how vital this process is to the SEC:
Here's the key line:
"What concerns me, as the head of a... law enforcement agency, is that we not put out of reach of lawful process... what is often, sometimes the only, but critical evidence of a serious securities fraud.... And we use that authority quite judiciously, but it's extremely important to law enforcement."
What struck us as interesting last year was White admitting that the SEC appeared to regularly use this process, since she noted that it was "extremely important" and provided "critical evidence."
Fast forward to this week, and the same two players were involved in yet another Congressional hearing. You can
see that conversation here as well, with the critical point being made after about four and a half minutes, where White says some of the same stuff, about the privacy protections, and how even if the SEC used this process it still notifies the subscribers to give them a due process right to protest the subpoena... but also, oddly, seems to claim that the SEC never actually makes use of this process:
Here's the key line this time (the full response is a jumble of half sentences and unfinished thoughts, so it's a bit of a mess):
"While these discussions have been going on, to try to sufficiently balance the privacy and the law enforcement interests, we've not to date to my knowledge proceeded to subpoena the ISPs. But that, I think, is critical authority to be able to maintain -- done in the right way and with sufficient solicitousness and it's very important to the privacy interests which I do think can be balanced.
As I said, if you watch her entire response, it's a complete mess of half-finished thoughts, which seems rather typical of someone trying to sound like they're answering a question but not actually doing so. Later in the same answer, she insists that taking away this authority might take away an important tool.
So, we know that the SEC really wants to keep this tool. But last year it said it was "extremely important" and provided "critical evidence." This year, she's saying that the SEC isn't even using the tool. So, uh, which is it? Is this tool absolutely necessary for critical evidence, or is it not even being used by the SEC?
And, through all of this, the SEC still has not answered the most basic question: why can't it treat email the same way it has to treat paper documents under the 4th Amendment? That is, if it wants the document it can subpoena the end user for those documents. It does not get to route around the end user and subpoena a third party for those documents. So why can't it treat email in the same way?
On Monday, Andy Greenberg over at Wired published a story about how a Homeland Security ICE agent, based in Baltimore, had sent a subpoena to Reddit, demanding info on five users who had been posting to the subreddit r/darkmarkets, which (you guessed it!) is where lots of people discuss dark markets like Silk Road and the recently shut down (and all money taken) Evolution. It appears that the subpoenas were trying to track down more information about who was behind Evolution:
Earlier this month, a Baltimore Department of Homeland Security (DHS) Immigration and Customs Enforcement agent sent a subpoena to Reddit demanding that the site turn over a collection of personal data about five users of the r/darknetmarkets forum. The subpoena appears to be the first hint of a federal investigation of the recently defunct massive online market known as Evolution, which sold drugs, weapons, and stolen financial details. All five targets of the subpoena were involved, to varying degrees, in the Reddit discussion of that black market’s abrupt disappearance two weeks ago, in which two top administrators apparently absconded with millions of dollars worth of bitcoin belonging to Evolution’s buyers and sellers.
According to a copy of the subpoena shared with WIRED by one of the forum’s moderators who was named in the document, the DHS seeks information that includes the names, IP addresses, dates and times of site visits as well as other data that Reddit likely doesn’t possess, including the users’ phone numbers and financial data. (Reddit doesn’t even require an email address to sign up.)
That said, what struck me most was the fact that this request came from Baltimore. Because right about the same time that Greenberg's story came out, the Justice Department was revealing its criminal complaint against two of the key federal agents involved in the investigation of Silk Road, who (according to the complaint) stole a bunch of money from Silk Road, extorted Silk Road's administrator and also engaged in a bunch of other nefarious actions, including issuing a fake subpoena to Venmo, engaging in civil asset forfeiture against Mt. Gox accounts and discussing other similar activities.
And both of those guys were... based in Baltimore. It's not entirely clear if the two allegedly corrupt federal agents -- Carl Force of the DEA and Shaun Bridges of the Secret Service -- were part of this same Homeland Security investigations team, but it wouldn't be entirely surprising to find out that it was the same team. One hopes that whoever is involved in that investigations team now, isn't doing similar corrupt activities as mentioned in the criminal complaint against Force and Bridges. However, given how those two appeared to abuse their position, and given that there's a high likelihood of the subpoena coming from the same team, it certainly raises some additional questions. And that's not even mentioning the concerns about other corrupt individuals in these investigations, including a Homeland Security agent who went by the name "mr. wonderful."
That's not to say that the subpoena to Reddit is problematic. It may be perfectly legit (though it does appear that at least one of the people that the subpoena was digging into is just Gwern Branwen, a well-known security researcher who insists he has never sold any illegal products on dark market sites). Still, the criminal complaint from earlier this week certainly raises serious questions about any of these fishing expeditions, especially by a team coming out of Baltimore.
Why is it always the state Attorneys General? Time and time again we see examples of state AGs who seem to think they're above the law and can abuse their position to attack those they dislike. The latest? Michigan Attorney General Bill Schuette. Apparently, he was none too happy that Huffington Post reporter Dana Liebelson was investigating juvenile prison conditions in the state, and had a representative from his office follow her for two hours across the state to slap her with two separate, but equally questionable, subpoenas, demanding all of her notes:
As Liebelson notes on her Twitter feed, she had had permission to visit the prisons, and agreed not to bring in a recording device. She noted that she followed all the rules that she was given for reporting from the prison -- and yet, she immediately gets slapped with a subpoena demanding her notes.
And she wasn't the only one. Another report notes that Schuette alsosent a subpoena to Michigan Radio, demanding its recording of a prisoner/attorney interview.
Of course, after Liebelson's story started getting social media and press attention, Schuette's office quickly backed down, and promised to rescind the subpoenas. The excuse given by his office, to MLive, is absolutely ridiculous:
A spokesperson for Schuette, responding to a request for comment, issued a statement indicating a civil service attorney had been "doing the department's job of defending the state" from lawsuits.
The attorney "followed a common legal procedure" of subpoenaing information from individuals "entering Michigan prisons to speak to prisoners who are suing state taxpayers," said spokesperson Andrea Bitely.
That makes no sense at all. Defending the state from lawsuits should never involve sending reporters subpoenas demanding all of their notes. It's a clear intimidation technique that violates all basic concepts of a free and open press.
California judge Paul Grewal continues to hold up his end of the "Magistrates' Revolt." Grewal was the magistrate who shot down the government's open-ended request to grab every email in a person's Gmail account and sort through them at its leisure. He was actually the second magistrate to shoot down this request. The government went "judge shopping" after Judge John Facciola told it the scope of the request needed to be narrowed considerably before he would even think about granting it. The government decided it still wanted all the email and traveled across the country to see Judge Grewal… who told them to GTFO without even giving the feds the option to rewrite the request.
Law enforcement cannot indefinitely forbid Yahoo Inc from revealing a grand jury subpoena that seeks subscriber account information, a U.S. judge ruled, because doing so would violate the company’s free speech rights.
U.S. Magistrate Judge Paul Grewal in San Jose, California on Thursday wrote that the government’s request would prohibit Yahoo from disclosing the subpoena, even years after the grand jury concluded its probe. The court order does not disclose the target of the federal investigation.
“In an era of increasing public demand for transparency about the extent of government demands for data from providers like Yahoo!, this cannot stand,” Grewal wrote.
Yahoo has had its fill of government secrecy. It spent a long time fighting both broad subscriber data requests from the NSA and their accompanying 25-year gag orders. Its ardent defense of its subscribers against broad government requests would still be under seal, but thanks to recently declassified documents, it has been able to address the subject publicly -- nearly 18 years before the gag order would have "aged off."
The DOJ again wants to maintain its subpoena secrecy, hoping to keep internet platforms like Yahoo, Twitter and Facebook from discussing grand jury subpoenas until… well, it's not entirely clear there's really an ending date.
Instead of asking that Yahoo be gagged for 60 or 90 days, the government asked that the company be gagged until further order of the court.
Grewal's rejection points out that the government feels entitled to indefinite gag orders, but has yet to offer any reasons why it should have its wishes granted.
The government did not demonstrate why such an indefinite request was necessary, Grewal wrote.
Judge Grewal has sent the government back to perform a rewrite -- either providing justification for its ridiculous demands, or to request something less illogical, like a finite gag order. The government has availed itself of many judicial rubber stamps over the years, but it looks like it's still running into resistance on both coasts: Paul Grewal in California and John Facciola in Washington D.C.
The ACLU has also been engaged in this fight against government secrecy since early last year, bringing more attention and legal expertise to an issue that hasn't achieved the terminal velocity of mainstream media attention. It's a bit more trench warfare, pitting magistrate judges and amicus briefs against the DOJ's assumption that it should have whatever it asks for, because terrorism, drugs, grand juries or whatever.
Techdirt has been following the extremely important case where a US magistrate judge ruled that Microsoft had to comply with a warrant asking for data held on servers in Dublin. Clearly, if this stands, it will have big implications for cloud computing -- and a massive negative impact on US businesses trying to sell such services around the world. For that reason, Microsoft has been fighting back in the courts, so far unsuccessfully.
A case involving Microsoft that is currently before the US courts has raised important issues between the respective legal regimes in the European Union and the United States, particularly in relation to the protection of personal data.
The case in question has given rise to a degree of legal uncertainty and the outcome could have potentially serious implications for data protection in the EU.
By seeking direct access to data held in the EU through the US judicial system, existing legal mechanisms for mutual assistance between jurisdictions may be being effectively bypassed. There are fundamental issues at stake here as regards the protection of personal data that is held within the European Union.
"Existing legal mechanisms" presumably means the Mutual Legal Assistance Treaty that would allow the US to request the data it wants from the Irish government. The "fundamental issues at stake" refer to the fact that by trying to take a more direct route, without involving the Irish government, the US authorities are likely to fall foul of European data protection laws, which do not allow personal data to be handed over in this way. The Irish minister is clearly asking the European Commission to support Microsoft in its fight against the US court's decision:
I urge the Commission to consider the arguments that Microsoft are making with respect to this case.
That's an indication that the Irish government -- and doubtless those elsewhere in the EU -- really want Microsoft to win. If it doesn't, there is going to be a clash of jurisdictions that could get very messy as both US and EU insist that their laws must take precedence, with serious consequences if they don't....
from the throwing-a-shoulder-into-the-government dept
It appears Washington, DC magistrate judge John Facciola is still making the government earn everything it asks for. Facciola is the judge who has been sending the government back to its desk to rewrite overly broad warrants seeking electronic data. In one of these cases, the government decided that it would rather go "judge shopping" all the way across the country rather than narrow its request, but was shot down by a California district court judge.
Facciola's orders are the basis for two memorandums recently issued by DC District Court Judge Richard Roberts concerning a case still mostly under seal as part of federal grand jury investigation. (The government also asked for these to be filed under seal, but that has obviously been declined.)
The government challenges two orders issued by Magistrate Judge John Facciola regarding the government's application for an order under 18 U.S.C. The first order invited Twitter, Inc. to intervene as a respondent and file a notice with the court on whether Twitter intended to be heard on the merits of the government's application. The second order instructed the government to file a public, redacted copy of its application and draft order.
Facciola also issued a similar order for Yahoo, the other company being subpoenaed. Both sets of orders invited the companies to challenge both the gag order preventing them from informing their customer(s) of the government's interest in their data. The government understandably wasn't thrilled with these orders and filed an appeal (of sorts) seeking to have Facciola's orders vacated. The District Court notes that the judicial system -- at this level -- doesn't exactly work this way.
On March 27, 2014, the government filed what it styled as an appeal from the magistrate judge's two orders regarding the government's application for an order under 18 U.S.C. The government moved to vacate the orders issued by the magistrate judge and moved for the district court to grant its application for a nondisclosure order. In addition, the government moved to seal the appeal and resulting order.
This faux pas by the government is explained a bit further in a footnote, as is the judge's rationale for treating this as an "objection," rather than an "appeal."
The government styles its challenge as an appeal, but the reference is a misnomer. With the exception of authority granted by Federal Rule of Criminal Procedure 58 concerning misdemeanor proceedings handled by a magistrate judge under 18 U.S.C. 3401, the district court does not exercise appellate power. See, United States v. Choi, 818 F. Supp. 2d 79, 85 (D.D.C. 2011) ("The magistrate judge is not an inferior court, and the district court does not stand in an appellate capacity over the magistrate.") For the reasons explained below, the government's appeal will be considered as an objection to the magistrate judge's two orders.
Several more pages of judicial rationale follow, pointing out that grand jury deliberations are not subject to transparency and that Facciola erred by suggesting Twitter and Yahoo could either challenge the gag order or inform their customers. Judge Roberts points out that there's very little either company can offer in terms of judging the "merit" of the government's gag order, or the subpoena itself. Further discussions also defer to "government knows best" mentality, suggesting that any notification would "jeopardize" ongoing investigations. That this investigation is tied to a grand jury slams the door shut on any appeal of the gag order.
Because the express terms of 18 U.S.C. 2705(b) and applicable legal precedent governing public access to grand jury proceedings and materials do not support the first order inviting Twitter [and Yahoo] to intervene or the second order instructing the government to file a public, redacted copy of the non-disclosure application, the orders will be vacated.
So, the government gets its win, but it had to put in a little extra paperwork. It hoped these documents would be sealed as well, but you can't win them all, especially when memos in question contain only one redactable sentence each. If this is how the last few months have gone in Facciola's court, it's little wonder the government has been making road trips to other venues.
Google already routinely notified users of government data requests but adopted an updated policy this week detailing the few situations in which notification is withheld, such as when there is imminent risk of physical harm to a potential crime victim. “We notify users about legal demands when appropriate, unless prohibited by law or court order,” the company said in a statement.
Lawyers at Apple, Facebook and Microsoft are working on their own revisions, company officials said, although the details have not been released. All are moving toward more routinely notifying users, said the companies, which had not previously disclosed these changes.
“Later this month, Apple will update its policies so that in most cases when law enforcement requests personal information about a customer, the customer will receive a notification from Apple,” company spokeswoman Kristin Huguet said.
If you're looking for who to thank about this turn of events, there are two places to point. First: the good folks at EFF. For the past few years, it's been publishing its Who Has Your Back? chart looking at how companies respond to government requests for data. Each year, this list has convinced more and more companies to improve how they protect their users, and how they push back on government requests. And, the reason why so many companies are rushing to change their policies is because the EFF is about to release its latest version. Yet another reason to be happy the EFF exists.
Second, of course, is Ed Snowden. While not entirely directly at issue here -- since things like FISA Court Orders and National Security Letters are subject to gag orders barring companies from telling their users -- the generally heightened interest in government access to information provided to internet services has certainly created a culture where these companies can't get away with just rolling over for the government any more.
Of course, you could argue that it's taken these companies too long to get here -- and that's absolutely true -- but better late than never.
Oh yeah. Guess who's really upset about all of this:
The Justice Department disagrees, saying in a statement that new industry policies threaten investigations and put potential crime victims in greater peril.
“These risks of endangering life, risking destruction of evidence, or allowing suspects to flee or intimidate witnesses are not merely hypothetical, but unfortunately routine,” department spokesman Peter Carr said, citing a case in which early disclosure put at risk a cooperative witness in a case. He declined to offer details because the case was under seal.
Once again, it seems like the DOJ and others think that anything that makes their job harder is somehow wrong. But that's incorrect. The whole point of protecting freedom is that it's supposed to be hard for law enforcement to spy on people and arrest them. That's how it's supposed to work.
The ACLU has jumped into a troubling legal fight, in which it appears that the DOJ has issued gag orders against Twitter and Yahoo concerning grand jury subpoenas that have been sent to both companies. This case is one we mentioned last week where magistrate judge John Facciola asked the two companies to weigh in, as he appears unconvinced that the government's request is sound. However, the whole thing is happening under seal, which the ACLU feels is inappropriate, given the importance of allowing companies to respond freely to such requests, without being gagged.
The ACLU filed a motion last night seeking to represent the public's interest in open court proceedings when the government seeks gag orders on Internet companies. We know about the three cases only because the magistrate judge pushed back on the government, inviting Yahoo and Twitter to weigh in and ordering the government to make its legal arguments public. The government appealed those orders to a district court, where the judge ordered the appeals sealed. The ACLU is now moving to intervene in the district court for the purpose of opening these gag order proceedings to public scrutiny. In a democracy, if your government is going to gag someone from speaking, it should publicly explain why.
The federal government has an awesome array of tools and technologies in its investigative arsenal, and it often goes to great lengths to shield its tactics from outside scrutiny. Not only does this secrecy prevent people from challenging surveillance used against them, but it also means that elected officials can't openly debate the underlying policies, and communities can't discuss their government's actions.
Traditionally, gag order applications are considered ex parte – meaning with only the government's argument on the record before the court. However, Magistrate Judge Facciola noted that the government's request in this case raised controversial legal questions, and so invited Twitter and Yahoo to respond. (In one case, the government withdrew its gag order application after Judge Facciola invited Twitter's participation.) He also ordered the government file public copies of its gag order applications with limited redactions.
It's good to see at least some pushback on the feds' attempt to get information and to silence companies from saying anything about it. But it's still quite troubling that they seem to assume they have near free rein to do so in the first place. Kudos to the ACLU for stepping in as well, and representing the public interest.