EFF Sues DOJ Over National Security Letter Disclosure Rules | Threatpost
The Electronic Frontier Foundation sued the United States Department of Justice Wednesday demanding to know whether the agency is complying with rules that mandate a periodic review of National Security Letter gag orders.
The suit, filed in U.S. District Court for the Northern District of California, claims that the Federal Bureau of Investigation is not complying with 2015 Congressional rules that require a periodic review of National Security Letter (NSL) gag orders and mandate the disclosure of information related to those NSLs that are no longer needed.
“Despite Congress requiring the FBI in 2015 to review and terminate unwarranted gag orders, only a handful of companies and individuals have publicly disclosed receiving an NSL after being notified the FBI terminated the gag orders,” the EFF said in a statement Wednesday regarding its Freedom of Information Act (FOIA) complaint filed with the courts.
The EFF seeks injunctive relief from the court alleging the DOJ is in violation of its FOIA. “Plaintiff seeks the release of records that Plaintiff requested from Defendant United States Department of Justice concerning the review of National Security Letter nondisclosure orders under the Federal Bureau of Investigation’s termination procedure,” according to a copy of the lawsuit.
The roots of Wednesday’s lawsuit stem from a previous ruling also involving an EFF lawsuit against the DOJ in 2015. In that lawsuit, the EFF argued that NSL gags are unconstitutional. As a result, Congress passed NSL reforms requiring the FBI to periodically review whether gag orders were still needed and terminate those that were not.
Only after a NSL gag order is lifted is a company that received one able publicly acknowledge receiving one. They can then tell any customers impacted by the NSL that their data was being sought.
It took Cloudflare nearly four years to disclose a NSL this past January which the company received in February 2013. Google, only after it managed to successfully fight gag provisions in court, disclosed the contents of eight NSLs it received from 2010 to 2015 last December. Last month, Apple revealed that it received a NSL during the last six months of 2016.
“The FBI established procedures under which a record keeping system generates reminders—when an NSL investigation closes or reaches the three-year anniversary of its initiation—that the gag order should be reviewed for possible termination,” the EFF said. The FBI has issued 500,000 NSLs since 2003.
The EFF said it made a FOIA request to the FBI in September that sought records in compliance with the 2015 Congressional rules. It sought a number of NSL insights including the number of NSLs the agency reviewed, the number of NSL termination notices sent out to recipients, and information pertaining to new guidance, directives or memoranda relating to NSLs.
On March 7, the FBI responded to the EFF’s Sept. 7, 2016 FOIA via letter stating it was “unable to identify main file records responsive to the FOIA,” according to the complaint.
“(The) EFF asked a court to order the FBI to disclose the requested records,” the EFF said. “The public has an interest in knowing whether these (2015) procedures are being followed, and our FOIA request seeks to shed light on if the FBI is doing so,” said Andrew Crocker, EFF staff attorney.
“The FBI’s response that it has no such records raises serious questions about whether the bureau is following Congress’ command to review NSL gag orders,” said Aaron Mackey, EFF Frank Stanton Legal Fellow. “Gagging NSL recipients indefinitely is a draconian and overzealous use of surveillance power that prevents discussion and debate about government spying tools,” he said.