Google is providing for the first time a look into the world of national security letters -- demands from the Federal Bureau of Investigation to hand over details about account holders and keep quiet about it.
The letters are a part of business for Google and other major internet companies, but traditionally they have been barred from acknowledging the letters' existence. That changed in 2013 when, in light of revelations about Internet surveillance by U.S. intelligence agencies, Google and others started fighting to disclose more about the demands.
That led to the creation of Google's "transparency report," which revealed the company receives thousands of requests for user data each month from law enforcement agencies around the globe. The national security letters remained secret, but on Tuesday, Google published a handful that are no longer covered by nondisclosure rules.
The eight letters cover a period from March 2010 to September 2015 and request information on 21 user accounts.
The precise email addresses have been redacted. All but one of the redactions covers just the user name, showing they are "@gmail.com" accounts. One covers the entire email address, hinting that it could be for a non-Gmail address hosted on Google servers.
The letters are all similar, referencing the law (18 U.S. Code § 2709) and Google's duty to provide the name, address, length of service and electronic communications transactional records associated with the account. They go on to note that the FBI is not seeking the subject line or content of any email messages sent.
"While fulfilling your obligations under this letter, please do not disable, suspend, lock, cancel or interrupt service," the letter notes.
And then the gag order.
"You, any officer, employee, or agent of yours are prohibited from disclosing this letter or disclosing that the FBI has sought or obtained access to information," it said.
Google is allowed to publish some of the national security letters under the USA Freedom Act, which was enacted in response to the Snowden revelations and widespread demands for more transparency in government surveillance. Legally, the FBI allowed Google to publish the identities of the accounts that were sought, but the company chose not to do so. It was asked to redact the name and contact details of the FBI officer making the request, and it complied.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.