Monday, September 23, 2019

About National Security Letters

A post at Zerohedge yesterday alerted me to the fact that I've probably been remiss in failing to cover explicitly an important aspect of FBI national security investigations. That aspect is the use of what are called National Security Letters (NSL), in lieu of the Grand Jury Subpoenas that are used in criminal investigations. The Zerohedge post is Secret FBI Subpoenas For Personal Data Go Far Beyond Previously Known, so it's important to keep that distinction in mind. National Security Letters are what are known as administrative subpoenas:

An administrative subpoena under U.S. law is a subpoena issued by a federal agency without prior judicial oversight. Critics say that administrative subpoena authority is a violation of the Fourth Amendment to the United States Constitution, while proponents say that it provides a valuable investigative tool.

Well, the two are not, of course, mutually exclusive. A violation of the Fourth Amendment may well be, almost certainly will be, at the same time a "valuable investigative tool."

An important feature of administrative subpoenas, and especially in the case of NSLs, is that third parties--i.e., the persons and/or entities on the receiving end of these subpoenas--are subject to non-disclosure agreements: the very existence and issuance of these subpoenas or NSLs cannot be revealed to the targets. The validity of these non-disclosure agreements has been upheld in court--by the Ninth Circuit--as recently as 2017.

A second important feature of NSLs is that, like other administrative subpoenas, the issuing agency need only claim that the material or information sought is "relevant" to their investigation. In other words, there are none of the elaborate requirements and oversight schemes associated with that other premier counterintelligence investigative tool: FISA. FISA, as we know, requires probable cause of a crime, an elaborate approval process, and submission to a special court, the FISC. NSLs require essentially none of that--there is some oversight, on paper, but if FISAs are said to be "rubberstamped," you can imagine what the situation is like with NSLs. Basically, "revelant" is good enough and, like beauty, "revelant" is in the eye of the beholding agency: the FBI.

Now, you should be able to see where this is leading. What all this means is that, naturally, the use of NSLs was available for use in Crossfire Hurricane and any of the related investigations involving persons associated with the Trump campaign. And if the technique was readily available you can count on it: it would have been used to the full extent possible. Crossfire Hurricane, as you'll recall, was a Full Investigation. However, the use of NSLs is not confined to Full Investigations--it's available for use in Preliminary Investigations, as well, where the use of FISA is not permitted. That means that if, prior to the opening of Crossfire Hurricane on 7/31/19, any other Preliminary or Full Investigation was open--with or without a FISA--the FBI could have been and almost certainly was using NSLs to obtain vast amounts of information. How vast? Let's turn to Zerohedge:

The [FBI] says the sweeping requests are crucial to counterterrorism efforts - however the new records reveal that the FBI requests go far beyond Silicon Valley; "encompassing scores of banks, credit agencies, cellphone carriers and even universities," according to the report. 
     The demands can scoop up a variety of information, including usernames, locations, IP addresses and records of purchases. They don’t require a judge’s approval and usually come with a gag order, leaving them shrouded in secrecy. Fewer than 20 entities, most of them tech companies, have ever revealed that they’ve received the subpoenas, known as national security letters. -New York Times 
"This is a pretty potent authority for the government," said University of Texas law professor, Stephen Vladeck. "The question is: Do we have a right to know when the government is collecting information on us?" 
According to the documents - which contain information covering about 750 of the subpoenas "representing a small but telling fraction of the half-million issued since 2001" - credit agencies Experian, TransUnion and Equifax received a large number of national security letters. Also included were Western Union and the Federal Reserve Bank of New York.  
     Equifax, Experian and AT&T received the most termination letters: more than 50 each. TransUnion, T-Mobile and Verizon each received more than 40. Yahoo, Google and Microsoft got more than 20 apiece. Over 60 companies received just one. -NYT 
Aside from these new names - we've long known about tech companies receiving national security letters, including Verizon, AT&T, Google and Facebook "which have acknowledged receiving the letters in the past" per the Times.  
     The Federal Bureau of Investigation determined that information on the roughly 750 letters could be disclosed under a 2015 law, the USA Freedom Act, that requires the government to review the secrecy orders “at appropriate intervals.” 
     The Justice Department’s interpretation of those instructions has left many letters secret indefinitely. Department guidelines say the gag orders must be evaluated three years after an investigation starts and also when an investigation is closed. But a federal judge noted “several large loopholes,” suggesting that “a large swath” of gag orders might never be reviewed. 
     According to the new documents, the F.B.I. evaluated 11,874 orders between early 2016, when the rules went into effect, and September 2017, when the Electronic Frontier Foundation, a digital rights group, requested the information. -New York Times 
"We are not sure the F.B.I. is taking its obligations under USA Freedom seriously," said EFF lawyer Andrew Crocker. "There still is a huge problem with permanent gag orders." 
National Security letters have been the subject of controversy for decades. Issued since the 1980s, the agency is required to show "specific and articulable facts" that the target of such letters was an agent of a foreign power. That criterion has since been eroded to a target simple needing to be "relevant" to a terrorism, counterterrorism or a leak investigation.  
"NSLs are an indispensable investigative tool," said the DOJ while replying to the FOIA case - adding that information contained in the letters both helps identify criminals while clearing the innocent of suspicion.

Obviously, the use of NSLs can be enormously intrusive with the regard to the life of any person. However, in the context of an "Enterprise Counterintelligence Investigation" focused on a political campaign and on persons with a huge network of contacts, the scope is pretty mind boggling. When that investigation is politically motivated, the potential for abuse is equally mind boggling.

From my own experience I have to agree that "NSLs are an indispensable investigative tool." But the possibility of abuse is always present. While I don't quarrel with the need for oversight of the use of NSLs, tt seems to me that the real focus of oversight--and possibly a more efficient focuse--should be on the legitimacy of the underlying investigation itself. How that can be accomplished in our increasingly corrupted political environment is a tough question.


  1. After what I've seen under the Obama Administration, otherwise known as the Obama Syndicate, I have no doubt that these national security letters have been used for nefarious purposes.

    Let's hope that the 150-plus judges appointed by Trump have a real love and fidelity for the Constitution, and especially, the Bill of Rights.

    The Judiciary needs to clip the wings of the Administrative State, or maybe better said, do some judicious (no pun intended) pruning.

    1. In the setting of a criminal trial, admin subpoenas can be challenged as issued without a showing of relevance. That's obviously a virtual impossibility. In the national security setting the grounds for specifically political abuse by the Deep State would go almost unchecked. Recall that Bongino started out his interview with Levin by saying that his initial reaction upon hearing of the Russia Hoax was: "That's impossible! There's no way the top levels of the FBI would ever do that!" But they did (for my own reasons, I had been somewhat immunized against that trusting attitude, but I fully understand it).

  2. The erosion of the standard for an NSL from "specific and articulable facts" that the target was an agent of a foreign power, to simple relevance to an investigation, is to erase any standard--to set the bar on the floor. One the hunch and curiosity step over.

    Specific and articulable facts is the standard for reasonable suspicion, a bare minimum standard for police conduct. If that can't be met, we're into arbitrary searches. This is Lavrentiy Beria territory, "Show me the man, I'll show you the crime."

    Clearly, the 4th amendment protects against arbitrary searches, where "hunch" and "curiosity" fall.

    1. To be fair, "relevance" is not no standard at all. The key is that it should be relevant to an existing investigation, which is why I say that the focus for oversight should be on proper predication for the investigation in the first place. If that is satisfied, the revelance standard isn't so problematic. But, of course, see my discussion of predication in my new post re McCabe and Rosenstein.

      Protection against terrorist threats isn't easy and requires lots of information to sift through. We don't want to hamper that effort, but we don't want to see the techniques that are useful in that regard being used instead for political persecution.

  3. "Warrant canaries" help to know when a company has been served with a national security letter. It's somewhat common with ISPs and the tech industry, where a company will periodically put on their website a declaration that they have *not* received an order. When they stop declaring, it's a sign to the user community that they've been hit with one. The decision to use canaries is a company by company decision.

    - LM