Yahoo Becomes First Company To Disclose FBI National Security Letters (tumblr.com) 74
Yahoo has disclosed receipt of three national security letters (FBI requests for data that Yahoo is typically barred from sharing) and published redacted copies of the letters online for anyone to see. The company says that the move "marks the first time any company has publicly acknowledged receiving an NSL following the reforms of the USA Freedom Act." The bill was created last year allowing companies to gag orders relating to National Security Letters. Engadget reports: It takes some doing to get permission to acknowledge the receipt of a letter, too -- Yahoo says that the FBI needs to review if the nondisclosure provision is still necessary for each specific NSL before allowing a company to publish it, and even then certain information needs to be redacted before being made available to the public. Still, when companies do get these gag orders lifted, it allows them to notify the investigated parties that the FBI was looking into their data, and it's a big win for transparency overall.
WTF does this mean? (Score:2, Informative)
"The bill was created last year allowing companies to gag orders relating to National Security Letters."
That sentence in TFS makes absolutely no sense.
Re: (Score:2)
"The bill was created last year allowing companies to gag orders relating to National Security Letters."
That sentence in TFS makes absolutely no sense.
I have to guess that it should say "allowing companies to challenge gag orders" or something like that.
Re: (Score:1)
Challenge accepted.
Re:WTF does this mean? (Score:5, Funny)
That word was redacted by NSL mandate
"big win" (Score:2, Insightful)
Not only is this banal, monosyllabic expression now so diluted as to be meaningless, it's really, really not a "big win" for transparency if individual arbitrarily secret letters secured on the basis of absurd penalty can be exposed to the public long after they have ceased to be relevant.
It's not even a small win.
Re: (Score:2)
let me take 10 of your marbles away.
now, I'll give you 2 of them back.
see, you now have a big win!
(pathetic.)
Looks like somebody is no longer calling the shots (Score:2)
Marissa Mayer must really be on her way out. She rolled over for them often enough. [offthegridnews.com]
AT Least (Score:2)
In her defense... (Score:1)
Yahoo had already lost their lawsuit attempting to defend against it. They were the only company to do so, and if I remember correctly they paid a hefty financial burden in the process (wasn't it millions of dollars in penalties to the US government for attempting to withhold said information?)
It was even mentioned here on slashdot.
Point is Yahoo has shown more respect for privacy than any of the much bigger companies have. And while my usage of them has dwindled, I still trust them more than the alternativ
Re: (Score:2)
Not that it particularly bothers me, but Apple routinely provides information from its servers in response to Government requests. Even in the recent case where Apple didn't have to decrypt the phone, the only reason they couldn't provide iCloud data is because the FBI was stupid enough to change the password themselves. (Why they didn't know the password has been left unsaid.)
Re: (Score:2)
Hardly worth reading (Score:1)
All the letters really say is that we want info on xxxxx@yahoo.com (actual emails are all censored), we want every scrap of info you have, and that you can't tell anyone about this and shouldn't block their account unless you tip them off.
Everything else looks like non-specific boilerplate, so it's amazing it took so long to publish these, when they might as well just have handed out the NSL form template without filling it in.
Re: (Score:2)
Which law would that be?
First Ammendment (Score:3, Insightful)
How is a gag order like this in the first place not a violation of the First Ammendment?
Re: (Score:2)
National security exception, same reason we have FISA (the rubber stamp court).
Re: (Score:1)
The FBI has no jurisdiction over national security. They are a federal police force. By mandate everything they have the authority to do by themselves is purely domestic.
Or in another way, what does the contents of a citizen's search history in regard to a domestic crime have to do with the security of the nation as a whole? Are petty criminals such a dire national security threat worthy of suspending the fundamental rights of third parties?
Re: (Score:3)
The FBI has jurisdiction in several matters that might lead to NSLs. Terrorist acts are federal crimes, as are other things that might involve NSLs such as espionage.
Anything touching classified information can land in their lap as well. In fact, most of it will, as local law enforcement generally will not have clearance.
Re: (Score:2)
Re: (Score:3)
There is no law against slander in the US. It's a civil matter.
While it isn't a criminal matter, it is a civil matter BECAUSE THERE ARE LAWS AGAINST IT!
At the federal level, the law is part of common law, but the definition is in 28 U.S. Code 4101. Also, all but three states have their own defamation laws; for example, Illinois' is 740 ILCS 145, AKA "The Slander and Libel Act".
Re: (Score:2)
Re: (Score:2)
Where in the Illinois law does it say you aren't allowed to slander someone?
Umm, 740 ILCS 145. As I said before.
In California it is in Cal. Civil Code 44 through 46. In Florida it is in Flor. Stat. 836.04. In most states though it is carried as part of Common Law.
I can slander all I want and the government can't (legally) do anything about it.
Partially true. It is against Illinois and federal law and grants the injured a private right of action. It isn't a criminal offense in those jurisdictions, it is a tort.
In some states though, like in Virginia, there are criminal laws that cover some forms of slander, such as Code of Virginia 18.2-417:
Any person who
Re: (Score:3)
Freedom of Expression is not the same as Freedom from Consequences.
Re: (Score:2)
The constitution is just a piece of paper.
Only redacted most? (Score:2)
Re: (Score:2)
Re: (Score:2)
According to the redacted NSLs, the FBI field office is actually located at 7915 Microsoft Way.
Tomorrow on slashdot... (Score:2)
Yahoo the first company to get completely destroyed by "terrorists" in an overnight terrorist attack.
FBI issued a response moments after, "If you tell anyone about our requests, the terrorists win. We Warned them against this.
Look at what happened to yahoo..... Anyone else interested in telling others what we asked for?"
The FBI director when questioned was quoted as saying "fugeddaboutit" and called for his man Vinnie.
Re: (Score:2)
Re: (Score:2)
Yeah, that's the most generic and uninteresting paranoia I've seen lately. The FBI doesn't assassinate people for taking them to court.
It is vastly more likely that she received some personal threats. With the company being broken up and sold off, there are probably a lot of disgruntled employees.
Especially with her $160M golden parachute, plus a potential bonus from the sale.
Internet Archive did it first! (Score:2)
Yahoo may be the first since "the reforms of the USA Freedom Act", but the Internet Archive fought and won back in '08. [wired.com] I'm pretty sure Slashdot covered it when it happened, but I'm too lazy to hunt down the link.
It's not clear to me if the USA Freedom Act made this harder (in which case, why are we calling them "reforms"?) or easier. That would make this story a lot more interesting.
(The EFF has the Archive's slightly-redacted NSL [eff.org] on file, for anyone who's interested in comparisons.)
Number of letters sent... (Score:1)
The 1st letter is dated March 29th 2013 is NSL 13-371110, the 2nd letter is dated August 1 2013 and is NSL 13-365658. Assuming the letters are produced sequentially 5452 letters were sent in the 126 days between the two 2013 Yahoo letters at the rate of ~43 letters/day. If the sequence continues through to 2015, an additional 49412 letters were sent during the 667 days between August 2013 and May 2015 at the rate of ~74 letters/day.
Data vs metadata (Score:2)
I was pleased to note that they do consider subject lines as data ("content"), but the status of email addresses isn't so clear.
Envelope addresses are clearly metadata, but there are also addresses in the data part of an smtp transaction. RFC 5321 vs RFC 2822, I think.
All NSL letters should be released ... (Score:4, Interesting)
after some period. As I understand it the whole point of keeping the existence of a NSL secret is to stop the crook/whoever from being alerted to the police/whatever investigation into him. So: once the crook is locked up there is little reason to keep it secret. There is also an argument that the NSLs should be disclosed at the crook's trial.
I do understand that matters are more complex, a crook could be part of a gang and investigations into other gangsters could be hampered by disclosure that is too early.
There should be an assumption in law that all NSLs should be disclosed after some time, eg 10 or 30 years. It would be up to the police to argue that disclosure should be delayed in particular cases.
Above I talk of crooks, much the same arguments apply about terrorists, paedophiles, etc. Ditto: police to be FBI, NSA, etc
Re: (Score:3)
There should be an assumption in law that all NSLs should be disclosed after some time, eg 10 or 30 years.
The rights of the people to know have to be balanced against the need for security, but 10 to 30 years is way too long. Five years might be a good upper bound. If you can't move a problem forward in five years such that we can talk about it, we probably need to talk about it.
Re: (Score:2)
If you do not have a trial, how do you know if they are guilty or not ?
A GREAT VICTORY (Score:1)
This TOTALLY makes up for the all-encompassing digital surveillance throughout the western world that is a pneumatic nail gun hammering our coffin shut forever
Here's what they asked for... (Score:5, Informative)
Here's what the letters [umblr.com] asked Yahoo! to hand over:
We are not directing you to provide, nor should you provide, information pursuant to this letter that would disclose the content of any electronic communication. Title 18 United States Code 2510(8) defines content as "any information concerning the substance, purport, or meaning of" a communication. Subject lines of e-mails are content information and should not be provided pursuant to this letter.