FBI client data requests under Patriot Act quietly skyrocket after tech firm resistance

The FBI greatly expanded data sharing requests under the controversial Section 215 of the Patriot Act when tech firms tried to resist the bureau’s better-known National Security Letters. The requests may have blanketed millions of records.

Section 215 allows the FBI to require business records and any
‘tangible things’ for an authorized terrorism or clandestine
foreign intelligence investigation. A subject of hot debate since
the issuing of the act in the wake of the September 2001
terrorist attack, the provision was criticized for the possible
broad interpretation of its wording and the possible impact on
privacy.

The provision came into spotlight recently, after it was revealed
that the US government is involved in a massive domestic
surveillance program. The disclosure to FBI of millions of customer
metadata records by Verizon, which was reported last week, was
done under a secret Foreign Intelligence Surveillance Court
(FISC) order issued in response to a Section 215 request.

Such requests are similar to another controversial practice by
the FBI, the so-called national security letters (NSLs), which
was greatly expanded after the Patriot Act. Both types of
requests go with a ‘gag order’, which bars the targeted business
from disclosing to the public the fact that it was ordered to
share client data with the government.

The FBI dramatically increased the use of Section 215 requests
between 2009 and 2010, reports NBC. In 2009, the Justice
Department told Congress that there had been 21 applications for
business record under the provision, all of which were granted.
In 2010, the number of requests jumped to 205. The latest report
showed that in 2012, there had been 212 Section 215 requests —
again all of them approved.

The tenfold increase drew little public attention because the
number of NSLs issued by the bureau was much higher — 15,229 in
2012. But as the example of Verizon showed, a Section 215 request
may be used to obtain a broad array of records involving millions
of people. The order was later revealed to be part of a broad practice of collecting communication
information stretching back at least seven years.

The expansion of Section 215 requests happened in response to
tech companies’ resistance to the use of NSLs by the bureau, FBI
Director Mueller wrote to the Congress back in 2009.

“Beginning in late 2009, certain electronic communications
service providers no longer honored NSLs to obtain”
records
because of what their lawyers cited as “an ambiguity” in
the law. The FBI move to seek the same data under Section 215.
“This change accounts for a significant increase in the volume
of business records requests,”
Mueller explained.

The NSLs themselves, which are issued by the FBI without any
court warrant, were ruled unconstitutional by a federal judge in
March. The practice was deemed illegal because of the gag order,
which the judge said violates freedom of speech.

The issue of surveillance in the US was further fuelled by the
revelation of a program called PRISM, under
which the FBI and the NSA obtain access to data stored on central
servers of major communication companies. The data includes
photos, videos, emails, documents, audio files, and connection
logs, according to reports. PRISM was exposed by Edward Snowden, a former CIA employee and private
contractor for the NSA, who leaked classified documents on the
surveillance to the press.

Amid the unfolding scandal, some of the tech companies are
seeking more transparency over their
cooperation with the government agencies. The companies including
Microsoft, Facebook and Google want to mitigate the damage to
their public image by proving that the privacy of their clients
was not compromised as much as the media allege.

This article originally appeared on: RT