The Wall Street Journal published an interesting blog post yesterday on so-called National Security Letters, documents used by the FBI to request sensitive user information from technology companies over matters of national security. A recent Freedom of Information Act request by the American Civil Liberties Union (ACLU) revealed the templates used by the FBI to draft the letters, which don't require any sort of court order, including a section advising recipients on how to fight the request if they believe it to be "unreasonable, oppressive, or otherwise unlawful." Here's the beginning of a typical template:
Under the authority of Executive Order 12333, dated December 4, 1981, and pursuant to Title 18, United States Code (U.S.C.), Section 2709 (Section 201 of the Electronic Communications Privacy Act of 1986) (as amended), you are hereby directed to provide to the Federal Bureau of Investigation (FBI) all subscriber information, limited to name, address, and length of service, for all services provided to or accounts held by the named subscriber and/or the subscriber of the named account.
The categories of information that can be requested from tech companies such as Google or Apple must be "parallel to subscriber information and toll billing records for ordinary telephone service," according to a 2008 legal opinion, but it's not entirely clear what is covered by this broad definition. A full list of user data requests was published by Google in its bi-annual Transparency Report earlier this month — the US tops the list comfortably, with 6,321 requests between July and December 2011.