Security

Microsoft challenged a National Security Letter – and won

A sign at Microsoft's headquarters in Redmond, Washington.

Above:

Image Credit: Dcoetzee/Wikipedia

Has Microsoft been standing up to federal searches more than we’ve known?

That question is appropriate, following news that the tech giant sued the FBI in civil court last year over a National Security Letter (NSL) that sought information from one of its enterprise customers.

The only reason we know this is because court documents were unsealed Thursday.

“It’s unusual to discuss National Security Letters,” GlobalSecurity.org director John Pike told VentureBeat. “One of the most pernicious things about them is that you can’t talk about them.”

NSLs are national security subpoenas made more powerful by the Patriot Act, and they can be issued by any FBI office without a court’s approval. Because of the gag order that accompanies a NSL, a recipient apparently may not even discuss it with their attorney, but the FBI did not enforce that aspect in Microsoft’s case.

In its civil suit, Microsoft challenged the letter’s gag order on the basis of the First Amendment. In October, the challenge was dropped after the FBI got the information directly from the customer, whose named has been redacted, and the NSL was withdrawn.

In a post Thursday on a company blog, Microsoft General Counsel Brad Smith said that, “like all National Security Letters, this one sought only basic subscriber information.”

He noted that the company announced last December it was committed to notifying corporate customers when “legal orders related to their data” were received, and, if a gag order was involved, the company would challenge it in court.

Instead of providing the data directly, Smith noted, Microsoft’s approach these days is to ask the government to get the information directly from the customer, or Microsoft will seek the customer’s permission to provide the data.

NSLs are like “instruments of torture,” Pike told us. “More often than not, simply the threat has been sufficient to [prompt the target] to cough up the information,” because an NSL, like torture, meant they would eventually comply.

In March of 2013, a federal judge ruled that NSLs with gag orders violated free speech – the same reason Microsoft gave in its challenge. That decision is currently stayed and is being appealed by the federal government.

“It’s uncommon to challenge [a NSL] and uncommon [for the government] to yield” and allow the challenge to be made public, Steven Aftergood of the Federation of American Scientists told us. He’s director of that organization’s Government Secrecy program.

We asked if big tech companies appear to be growing backbones in the last few months.

“There’s been a post-Snowden shift in the relationship between tech companies and the government,” he said. “Where [before] they had been complacent and compliant, now they’re skeptical and resistant.”

“It’s part of a larger picture,” Aftergood said, “where these companies feel the need to establish their credibility as independent actors willing and able to defend their customers.”

via