What do the ACLU, the former director of the NSA and a tech industry lawyer all have in common (and this is not a joke)? They believe that the government's recent request to let the FBI get Americans' internet use records in national security investigations without going to court, and without any suspicion of wrongdoing, is a huge expansion of authority that would open floodgates of sensitive information to the FBI.
National security letters (NSLs) are rather informal requests for records the FBI can use to obtain people's communication, financial and credit information. These requests are not approved by a court, and the FBI does not have to suspect you of actually being a terrorist, spy or criminal; the only thing they have to do to get your records is certify to themselves (not a court) that you are "relevant" to an investigation. To make matters worse, the FBI has the power to prohibit any internet service provider, bank or credit company from which it demands sensitive customer records from ever disclosing anything about the record demand. (The ACLU has challenged the constitutionality of this "gag" power in three cases). An audit by the Department of Justice Inspector General found that in the mid-2000s, the FBI issued upwards of 50,000 national security letters, often to get information about U.S. citizens, and sometimes to get info on people two or three times removed from an actual suspect. There is currently no information on the total numbers of NSLs issued every year.
The FBI is asking that the statute that allows it to issue NSLs for phone records, and a limited set of email records, be expanded to allow the FBI to demand a wide range of internet activity records as well. The FBI isn't defining what kinds of internet records it wants. But some have pointed out that the FBI's proposal could allow them to get things like all of the websites you visit, your web search history, location information or social network activity.
If you're reading this, you obviously use the internet and know what incredibly sensitive information you put out there each day in an attempt to learn, read, educate yourself and communicate with others. We believe, as you probably do, that internet records are especially sensitive and need to be protected from FBI snooping by a court order and suspicion requirements. Looking at a list of websites a person visits can tell you a lot more about his or her life than a list of phone numbers. It can tell you a huge amount of information that could include a person's illness or mental health issues, his financial situation, the political groups he is involved with and his religious affiliation.
- The lack of authority is due to a long-overlooked typo. The administration says the fact it can't get all sorts of internet activity records under the current statute is a mistake; Congress intended to give them this authority, but a drafting error prevented it from coming true.
But this so-called "mistake" was made in 1993, when the internet was in its infancy, and NSLs were limited to collecting information only about suspected terrorists and spies. Congress could not logically be making an informed decision that the FBI should have easy access to massive amounts of innocent Americans' highly private internet activity records; Congress knew nothing of modern-day internet usage and the NSL statute still required the FBI to have suspicion about someone before it could use an NSL (that didn't change until the Patriot Act). Besides, regardless of intent, Congress wrote a law whose words plainly protect these records. The administration is now asking Congress to affirmatively take those protections away. Instead, Congress should write clear and unambiguous protections for our most sensitive records into the statute.