Court Ruling Solidifies FBI Gag Order in FBI National Security Letters

Posted on July 18, 2017

Ars Technica has reported that the Ninth Circuit Court of Appeals has upheld the legality of a nondisclosure clause in FBI National Security Letters, or NSLs, a type of record request order issued to telecommunication companies, online communication platforms, and other services retaining customers’ personal data which mandates the surrender of user records. In its unanimous ruling, the court rejected the claim that the nondisclosure agreement which often accompanies NSLs violates First Amendment-protected free speech, permitting the FBI to resume its practice issuing the orders unchanged.

Aside from its authority to compel a company to surrender the data of dozens or hundreds of users at a time, NSLs are among the FBI’s most powerful investigative tools because, unlike a traditional search warrant which requires investigators to demonstrate probable cause and seek the approval of a judge, an NSL only requires applicants to show “relevance” to a current investigation and may be issued unilaterally by the FBI, without outside review. Cloudflare and CREDO Mobile, the plaintiffs in the case, argued that the gag order attached to most NSLs prevented them from notifying their users that requests had been made for their data, and even barred a targeted company’s legal team and highest executives from discussing it with other company officials. This line of argument led a federal judge to initially rule against the constitutionality of the nondisclosure component of NSLs.

In the time since this initial ruling, though, the regulations governing the FBI issuance of NSLs were amended to mandate that the agency conduct reviews of NSL gag orders three years after the start of an investigation and at the conclusion of the investigation, and that it must end the gag order if they deem it reasonable to do so. Weighing the nondisclosure clause based on this revised policy, the Ninth Circuit Court ruled that the required review of the clause was sufficient to uphold the plaintiffs’ First Amendment rights, reversing the federal judge’s decision.

The ruling by the Ninth Circuit Court marks a serious setback for privacy advocates’ efforts to force greater FBI transparency in issuing these incredibly invasive user data requests. While Justice Department reform of the FBI’s NSL policy offers a modicum of accountability where none was formerly required, this latest court ruling empowers the FBI to continue serving secretive surveillance orders without any outside oversight, and without having to disclose the existence of an order for at least three years (though likely more).

You can read the full story from Ars Technica here.

Jonathan Terrasi has been a Research Assistant with the Chicago Committee to Defend the Bill of Rights since January 2017. His interests include computer security, encryption, history, and philosophy. In his writing, he regularly covers topics on current affairs and political developments, as well as technical analyses and guides on security issues, published on his blog, Cymatic Scanning, and Linux Insider.