Google wants you to know about the National Security Letters (NSLs) it receives from the federal government.
“When conducting national security investigations, the U.S. Federal Bureau of Investigation can issue a National Security Letter (NSL) to obtain identifying information about a subscriber from telephone and Internet companies,” Richard Salgado, legal director for Google’s Law Enforcement and Information Security, wrote in a March 5 posting on the Google Public Policy Blog.
NSLs allow the FBI to obtain the name, address, length of service, and billing records of communications-service subscribers. They’re intended solely for national security matters, so the government can’t issue them in the course of criminal, civil or administrative measures. Under current law, the FBI reports on its use of NSLs to Congress on an annual basis.
While the FBI has the authority to prohibit companies from publicly revealing these requests, Salgado wrote, “We’ve been trying to find a way to provide more information about the NSLs we get—particularly as people have voiced concerns about the increase in their use since 9/11.”
Google and U.S. government officials eventually settled on a way of reporting NSLs: as a numerical range, rather than an exact number. “This is to address concerns raised by the FBI, Justice Department and other agencies that releasing exact numbers might reveal information about investigations,” Salgado added. “We plan to update these figures annually.”
But those numerical ranges are rather broad: in 2012, for example, the U.S. government submitted between 0-999 NSLs for between 1,000-1,999 users/accounts. Those are the exact same metrics posted for 2009 and 2011; in 2010 (the only other year on record), the range of National Security Letters stayed the same but the number of users/accounts spiked to 2,000-2,999.
One could debate whether such broad ranges are actually useful in terms of mapping the scope of government requests for data. Certainly governments want more of Google’s data than ever: since 2009, requests for Google user data “of all kinds” have risen 70 percent, according to the search-engine giant.
According to Google’s most recent Transparency Report, governments around the world filed an increasing number of requests for user data in the second half of 2012. Out of a total of 21,389 requests for information about 33,634 users for the July-through-December timeframe, the United States topped the list with 8,438 user data requests, followed by India with 2,431, France with 1,693, Germany with 1,550, and the United Kingdom in fifth with 1,458. In the U.S., roughly 68 percent of those requests came through subpoenas, while 22 percent came through Electronic Communications Privacy Act (ECPA) search warrants.