WIRED: The owner of an internet service provider who mounted a high-profile court challenge to a secret FBI records demand has finally been partially released from a 6-year-old gag order that forced him to keep his role in the case a secret from even his closest friends and family. He can now identify himself and discuss the case, although he still can’t reveal what information the FBI sought. Nicholas Merrill, 37, was president of New York-based Calyx Internet Access when he received a so-called “national security letter” from the FBI in February 2004 demanding records of one of his customers and filed a lawsuit to challenge it. His company was a combination ISP and security consultancy business that was launched in the mid-90s and had about 200 customers, Merrill said, many of them advertising agencies and non-profit groups.
Despite the fact that the FBI later dropped its demand for the records, Merrill was prohibited from telling his fiancée, friends or family members that he had received the letter or that he was embroiled in a lawsuit challenging its legitimacy. “After six long years of not being able to tell anyone at all what happened to me – not even my family – I’m grateful to finally be able to talk about my experience of being served with a national security letter,” Merrill said in a statement. “Internet users do not give up their privacy rights when they log on, and the FBI should not have the power to secretly demand that ISPs turn over constitutionally protected information about their users without a court order. I hope my successful challenge to the FBI’s NSL gag power will empower others who may have received NSLs to speak out.”
A national security letter is an informal administrative letter the FBI can use to secretly demand customer records from ISPs, financial institutions, libraries, insurance companies, travel agencies, stockbrokers, car dealerships and others. NSLs have been used since the 1980s, but the Patriot Act, passed after the September 11, 2001 terrorist attacks, and a subsequent revision in 2003 expanded the kinds of records that could be obtained with an NSL. The letters come with a life-long gag order, so businesses that receive such letters are prohibited from revealing to anyone, including customers who may be under investigation, that the government has requested records of transactions. Violation of a gag order can be punishable by up to five years in prison. The gag orders raise the possibility for extensive abuse of NSLs, under the cover of secrecy. Indeed, in 2007, a Justice Department Inspector General audit found that the FBI, which issued almost 200,000 NSLs between 2003 and 2006, had abused its authority and misused NSLs.
Although the case helped expose the secrecy around NSLs and resulted in some First Amendment progress for entities receiving such requests — Congress amended the law to allow recipients to challenge NSLs and gag orders, and the FBI must now also prove in court that disclosure of an NSL would harm a national security case — the fight over NSLs is not over. The Obama administration has been seeking to expand the FBI’s power to demand internet activity records of customers without court approval or suspicion of wrongdoing. If granted, the data sought without a court order could expand to include web browser and search history, and Facebook friend requests. MORE