The FBI may have overstepped its boundaries to obtain user data, requesting Twitter to hand over data without a legal warrant.
The company had a gag order that prevented it from speaking out so far, but has now disclosed the affair. According to Twitter, the U.S. government slapped it with gag orders that kept it quiet in 2015 and 2016, which is why it was not able to publicly reveal the matter.
Surveillance Orders Without Warrants
As the secretive orders have expired, Twitter has now published two surveillance orders without warrants. Legal experts say the FBI seems to have overstepped legal guidance in seeking those internet records.
"Today, we're able to speak openly about two national security requests for the first time, specifically two national security letters (NSLs). These NSLs were accompanied by gag orders when they were served (one in 2015, one in 2016), preventing us from notifying the impacted account holders or publicly disclosing their existence," says Twitter. "The FBI recently informed us that the gag orders have been lifted and that we may notify the account holders."
Fighting Gag Orders
Twitter's disclosure follows similar reveals that other major technology companies, including Yahoo and Google, made in recent months. As soon as the gag orders were lifted, Twitter contacted the holders of the accounts in question and gave them copies of the NSLs (redacted), as well as the account data it was prompted to hand over.
The company adds that the NSLs typically ask for a lot of data, but Twitter only hands over a very limited set of data when compelled by NSLs that comply with federal law and the U.S. Justice Department's interpretative guidance.
Twitter further points out that it "remains unsatisfied" with the gag orders that prevent it from being more transparent in regard to the national security requests it may receive.
The company keeps pushing to make it legal to speak more freely in such cases, arguing its position in court in a Twitter v. Lynch lawsuit against the U.S. government. Microsoft has also sued the Department of Justice over gag orders back in April 2016.
FBI NSLs For Twitter Data
Each of the two NSLs issues to Twitter specifically requested a type of information called electronic communication transaction records, which can include data browsing history, email header data and other information.
Privacy advocates believe that the FBI has frequently used NSLs to request internet records beyond legal guidance, overstepping the limitations that the Justice Department set back in 2008. The Department of Justice says that such orders should be limited to phone billing records, but the FBI seems to have gone far past that.
The identity of the accounts the FBI was interested in is redacted in both NSLs, so it remains unclear what it was all about. Nevertheless, NSLs are typically accompanied by a gag order, compelling service providers to hand over data without saying anything. This means the target is usually unaware that their records are being accessed by the government. NSLs don't require a warrant, but the practice is controversial and companies such as Twitter, Facebook, Microsoft, Google and others continue to argue that it's unconstitutional.
Andrew Crocker, an Electronic Frontier Foundation staff attorney, says the FBI keeps requesting internet records despite the Justice Department's guidance.
"This is an ongoing practice and it is significantly beyond the scope of what is intended," says Crocker.
The EFF is also questioning the constitutionality of NSLs in the Ninth U.S. Circuit Court of Appeals.