Skip to content
???FBI headquarters building. Flickr�??Photo byNate Q.?

The Surprising Amount of Information the FBI Can Request from Your Internet Service Provider

?Anunredacted National Security Letter from the FBI demanding electronic communication data from an Internet Service Provider (ISP) was released to the public yesterday for the first time in history, showing how much data U.S. law enforcement is able to obtain from them.�

The letter, which acts as an administrative subpoena to gather information for national security purposes, was released as part of lawsuit by Nicholas Merrill. He�filed suit�after the FBI sent a National Security Letter to the ISP he owned and operated�the Calyx Internet Access Corporation�to submit anything considered an �electronic communication transactional record,� according toThe Verge.�

The letter�did not clarify exactly what it means by that phrase. It did, however, list some examples of the types of records Merrill could submit, listed below.

DSL account information

Radius log

Subscriber name and related subscriber information

Account number

Date the account opened or closed

Addresses associated with the account

Subscriber day/evening telephone numbers

Screen names or other online names associated with the account

Order forms

Records relating to merchandise orders/shipping information for the last 180 days

All billing related to account

Internet service provider (ISP)

All e-mail addresses associated with the account

Internet Protocol (IP) address assigned to the account

All website information registered to the account

Uniform resource locator (URL) address assigned to the account?Any other information which you consider to be an electronic communication transactional record

�We are not requesting, and you should not provide, information pursuant to this request that would disclose the content of any electronic communication,� as defined under U.S. law, the letter instructed.�

The letter was also accompanied by a gag order, which prohibited Merrill from speaking out about the type of information the FBI was attempting to collect.�

Merrilldirectly challenged this gag orderin his suit, charging that it was a �permanent or effectively permanent ban on speech� prohibited by the First Amendment, that the gag order was unjustified because the government did not have a �good reason� to believe disclosure would result in harm to an investigation, and that he wanted to be able to disclose the letter to contribute to public discussion about the types of electronic communications transactions records the FBI seeks through National Security Letters.�?The U.S. District Court for the Southern District of New York ruled in Merrill�s favor and ordered the National Security Letter sent to him be released in full.

When the Patriot Act was passed, it greatly expanded the F???BI�s ability to demand personal customer records from ISPs, financial institutions, and credit companies without prior court approval, according to the ACLU.�

While it�s unclear exactly how many National Security Letters have been issued, some information has been released through various reports about the practice. For instance, an Office of Inspector General report released in 2007 detailed that between 2003 and 2006, the FBI issued approximately 200,000 letters.

In 2013,President Obama�s Intelligence Review Group? provided more recent figures, saying that the government issued, on average, almost 20 National Security Letters per day.