White House proposal would ease FBI access to records of Internet activity
By Ellen Nakashima
Washington Post Staff Writer
Thursday, July 29, 2010; A01
The Obama administration is seeking to make it easier for the FBI to compel companies to turn over records of an individual’s Internet activity without a court order if agents deem the information relevant to a terrorism or intelligence investigation.
The administration wants to add just four words — “electronic communication transactional records” — to a list of items that the law says the FBI may demand without a judge’s approval. Government lawyers say this category of information includes the addresses to which an Internet user sends e-mail; the times and dates e-mail was sent and received; and possibly a user’s browser history. It does not include, the lawyers hasten to point out, the “content” of e-mail or other Internet communication.
But what officials portray as a technical clarification designed to remedy a legal ambiguity strikes industry lawyers and privacy advocates as an expansion of the power the government wields through so-called national security letters. These missives, which can be issued by an FBI field office on its own authority, require the recipient to provide the requested information and to keep the request secret. They are the mechanism the government would use to obtain the electronic records.
Stewart A. Baker, a former senior Bush administration Homeland Security official, said the proposed change would broaden the bureau’s authority. “It’ll be faster and easier to get the data,” said Baker, who practices national security and surveillance law. “And for some Internet providers, it’ll mean giving a lot more information to the FBI in response to an NSL.”
Many Internet service providers have resisted the government’s demands to turn over electronic records, arguing that surveillance law as written does not allow them to do so, industry lawyers say. One senior administration government official, who would discuss the proposed change only on condition of anonymity, countered that “most” Internet or e-mail providers do turn over such data.
To critics, the move is another example of an administration retreating from campaign pledges to enhance civil liberties in relation to national security. The proposal is “incredibly bold, given the amount of electronic data the government is already getting,” said Michelle Richardson, American Civil Liberties Union legislative counsel.
The critics say its effect would be to greatly expand the amount and type of personal data the government can obtain without a court order. “You’re bringing a big category of data — records reflecting who someone is communicating with in the digital world, Web browsing history and potentially location information — outside of judicial review,” said Michael Sussmann, a Justice Department lawyer under President Bill Clinton who now represents Internet and other firms.
The use of the national security letters to obtain personal data on Americans has prompted concern. The Justice Department issued 192,500 national security letters from 2003 to 2006, according to a 2008 inspector general report, which did not indicate how many were demands for Internet records. A 2007 IG report found numerous possible violations of FBI regulations, including the issuance of NSLs without having an approved investigation to justify the request. In two cases, the report found, agents used NSLs to request content information “not permitted by the [surveillance] statute.”
One issue with both the proposal and the current law is that the phrase “electronic communication transactional records” is not defined anywhere in statute. “Our biggest concern is that an expanded NSL power might be used to obtain Internet search queries and Web histories detailing every Web site visited and every file downloaded,” said Kevin Bankston, a senior staff attorney with the Electronic Frontier Foundation, which has sued AT&T for assisting the Bush administration’s warrantless surveillance program.
He said he does not object to the government obtaining access to electronic records, provided it has a judge’s approval.
Senior administration officials said the proposal was prompted by a desire to overcome concerns and resistance from Internet and other companies that the existing statute did not allow them to provide such data without a court-approved order. “The statute as written causes confusion and the potential for unnecessary litigation,” Justice Department spokesman Dean Boyd said. “This clarification will not allow the government to obtain or collect new categories of information, but it seeks to clarify what Congress intended when the statute was amended in 1993.”
The administration has asked Congress to amend the statute, the Electronic Communications Privacy Act, in the fiscal year that begins in October.
Administration officials noted that the act specifies in one clause that Internet and other companies have a duty to provide electronic communication transactional records to the FBI in response to a national security letter.
But the next clause specifies only four categories of basic subscriber data that the FBI may seek: name, address, length of service and toll billing records. There is no reference to electronic communication transactional records.
Same as phone records?