A National Security Letter (NSL) is a type of administrative subpoena used in terrorism and espionage investigations to obtain subscriber and transactional information from communications providers, financial institutions, and consumer credit agencies. Such information might include, for example, a suspect’s name, address, place of employment, telecommunications toll records, financial data, and credit reports, depending on the type of NSL.
It would be legally and logistically impossible for the Intelligence Community (IC) to monitor the content of all communications transmitted by espionage and terrorism suspects. Instead, the IC frequently will focus first on “who is in contact with whom,” rather than on what is being said or transmitted, to determine how to focus investigative resources appropriately. In the case of domestic communications, this approach may include the use of pen registers and trap-and-trace devices, which record the numbers being dialed from a telephone and the numbers of incoming calls (but not the actual content of communications), respectively. The “who is in contact with whom” rubric applies to the Internet as well; investigators may focus first on which IP addresses are in communication with each other rather than the specific content being transmitted. This focus extends to financial commerce, too, because it would be impossible to scrutinize all financial transactions of all terrorism and espionage subjects.
In cases of terrorism or espionage, the FBI utilizes NSLs to acquire basic information about its subjects. It may start with “who is in contact with whom” and, if appropriate and if the required showing can be made, then may transition to “what are they saying and doing?” Results from NSLs provided by communications providers can assist the FBI in identifying who is communicating with whom, but like pen registers and trap and trace devices, NSLs cannot yield the contents of communications.
Many federal agencies use administrative (non-court approved) subpoenas to obtain information relating to their duties; there are more than 300 instances in which the law grants such powers.1 NSLs are a type of administrative subpoena that can be invoked only in terrorism and espionage investigations; they can be issued by the FBI to limited types of third-party records’ custodians; the custodians are responsible for gathering and producing responsive materials to the FBI. The custodian can object if compliance would be burdensome, and the FBI cannot simply take materials from the custodian. For that reason, NSLs should not be confused with search warrants. Search warrants are issued based on a finding of probable cause by a neutral and detached magistrate; the person on whom a search warrant is served has no option to decline to cooperate and the entity serving the search warrant is authorized to seize material from the custodians. Moreover, the scope of a search warrant is set by the specific finding of the magistrate and can be quite broad, depending on the underlying facts. In contrast, NSLs have a strictly defined scope that has been set by Congress.
There are five types of NSLs. The first two were created by Congress in 1986—one under the Electronic Communications Privacy Act (ECPA) and another under the Right to Financial Privacy Act (RFPA)—to assist FBI foreign intelligence investigations.2 These statutes allow the FBI to obtain subscriber information, phone toll records and electronic communication transaction records (from a communications service provider), and financial information and transactions, such as the identity of the owner of a bank account and items deposited to and removed from an account (from a financial institution).
In the mid-1990s, Congress authorized a third type of NSL that can be issued under the Fair Credit Reporting Act (FCRA). Such records allow the FBI to discern which financial institutions are being used by a terrorism or espionage suspect. This information is necessary before an RFPA NSL can be issued to ensure the NSL is being served on the correct institution. To the extent that information is unknown, authority to issue an FCRA NSL facilitated that process by allowing the FBI to compel a consumer credit agency to identify the financial institutions with which a particular person had a relationship.3
Also in the mid-1990s, a fourth type of NSL was authorized via the National Security Act (NSA) for the specific purpose of investigating government employees with security clearance for leaks of classified information resulting in financial gain (i.e., espionage—this was a response to the case of Aldrich Ames).4
Finally, in 2001, a fifth type of NSL was created by the USA PATRIOT Act (USAPA), also under the FCRA. This second type of FCRA NSL, which can be used only in support of a counterterrorism investigation, requires a consumer credit reporting agency to furnish consumer reports and all other information in a consumer’s file. This type of NSL is available to federal agencies authorized to conduct international terrorism investigations.
Changes to NSLs under the USA PATRIOT Act
The pre-USAPA certification requirement for all NSLs provided that an NSL could be issued only if it sought information “relevant to an authorized foreign counterintelligence investigation,” and the requesting agency also certified that there existed “specific and articulable acts that the person or entity to whom the information sought pertained was a foreign power as defined by FISA.” In 2001, the USAPA amended that standard to allow an NSL to be issued if the information sought from the recipient was “relevant to an investigation to protect against international terrorism or clandestine intelligence activities” (Section 505).
The USAPA also expanded the types of information that could be obtained via an ECPA NSL to include the form of payment used by the customer (Section 210). This change helped the FBI obtain information that could be used to confirm that particular communications were those of the person paying for the service, thus appropriately focusing FBI investigative resources. The USAPA also amended the Bank Secrecy Act to allow the Treasury Department to share financial information with intelligence agencies (Section 358). Finally, the USAPA forbade the issuance of an NSL in any investigation predicated solely on the exercise of First Amendment activities (Section 505).
By statute, all NSLs may carry a non-disclosure requirement, preventing the person or entity served with the NSL from telling others they had received it. For example, the ECPA statute read:
No wire or electronic communication service provider, or officer, or employee, or agent thereof, shall disclose to any person that the Federal Bureau of Investigation has sought or obtained access to information or records under this section.5
Although this so-called “gag order” had been in the statutes since they were first passed, subsequent to the USAPA they aroused controversy. Following a series of legal challenges to the non-disclosure requirement, as part of the USAPA Reauthorization of 2005, Congress ultimately clarified the law to make clear that it did not preclude consultation with legal counsel; the changes also created a clear avenue of appeal for those served with an NSL.
In December of 2008, the U.S. Circuit Court for the Second Circuit held that imposing on the recipient of an NSL the obligation to commence a lawsuit to gain relief from the nondisclosure requirement was unconstitutional. The court made clear, however, that if the government was willing to take on that responsibility (i.e., the government would commence an action to enforce the non-disclosure requirement rather than the recipient commencing an action to obtain relief from the non-disclosure requirement), then the legislative regime would be constitutional. Although the FBI promptly modified its NSL practice to comply with the Second Circuit’s decision, the statute has not been amended to conform to that decision regarding its constitutionality.
National Security Letter Statistics, 2004–20106
|Year||Number of NSL Applications||Number of Persons Involved in|
Note: Statistics for the years 2003–2005 are incomplete; they don’t include NSL requests that didn’t identify whether the request was seeking information related to a U.S. person or a non-U.S. person. Also, the statistics do not include NSLs seeking only subscriber information.7
1. Charles Doyle, Administrative Subpoenas and National Security Letters in Criminal and Foreign Intelligence Investigations: Background and Proposed Adjustments, Cong. Research Service (April 15, 2005), available at http://www.law.umaryland.edu/marshall/crsreports/crsdocuments/RL3288004152005.pdf.
2. Charles Doyle, National Security Letters in Foreign Intelligence Investigations: Legal Background and Recent Amendments, Cong. Research Service (Sept. 8, 2009), available at http://www.fas.org/sgp/crs/intel/RL33320.pdf.
6. “Foreign Intelligence Surveillance Act Court Orders: 1979-2010,” Electronic Privacy Information Center (accessed Feb. 18, 2012), http://epic.org/privacy/wiretap/stats/fisa_stats.html.
7. The statistics do not include NSLs seeking subscriber information only due to the reporting format of the annual Attorney General’s FISA Reports. See, e.g., the 2010 FISA Report (http://www.fas.org/irp/agency/doj/fisa/2010rept.pdf):
“In 2010, the FBI made 24,287 NSL requests (excluding requests for subscriber information only) for information concerning United States persons.”