Google, Facebook, Yahoo, rights groups oppose FBI expansion of surveillance powers

Proposed rules would give government access even to browser history and email metadata

Google, Facebook, Yahoo and industry and civil rights groups have opposed legislation that would extend the categories of Internet records that the U.S. government can collect without court approval through administrative orders known as National Security Letters.

The companies and groups have pointed out in a letter to senators that the new provisions would expand the types of records, known as Electronic Communication Transactional Records (ECTRs), which the Federal Bureau of Investigation can obtain using the NSLs.

The ECTRs would include a variety of online information, such as IP addresses, routing and transmission information, session data, a person's browsing history, email metadata, location information, and the exact date and time a person signs in or out of a particular online account.

“The new categories of information that could be collected using an NSL and thus without any oversight from a judge would paint an incredibly intimate picture of an individual's life,” according to the letter on Monday.

The companies and groups are opposed to two pieces of legislation that are being considered by U.S. federal lawmakers. One of these is the 2017 Intelligence Authorization Act that is said to "include provisions to expand warrantless government surveillance and takes aim at a valuable independent oversight board," according to Senator Ron Wyden, a Democrat from Oregon, who last month voted against the bill in the Senate Select Committee on Intelligence.

The bill would allow any FBI field office to demand email records without a court order, besides narrowing the jurisdiction of a Privacy and Civil Liberties Oversight Board, Wyden said in a statement. Under current rules, the FBI can obtain phone records with a NSL, but not the email records.

The other legislation opposed by the groups is a proposed amendment to the Electronic Communications Privacy Act by Senator John Cornyn, a Republican from Texas.

Current rules limit the information that the government can seek using the NSL to the “name, address, and length of service of a person or entity,” in certain investigations, but the amendment would extend the list of details required to be provided by service providers to include other information such as account number, login history, and card or bank account information.

This expansion of the NSL statute has been described by some government officials as merely fixing a “typo” in the law, according to the letter, which refers to Senate testimony by FBI Director James Comey.

The information that could be collected under the expansion of powers “could reveal details about a person’s political affiliation, medical conditions, religion, substance abuse history, sexual orientation, and, in spite of the exclusion of cell tower information in the Cornyn amendment, even his or her movements throughout the day.” according to the letter.

Reform Government Surveillance, which is backed by a number of tech companies, is a signatory to the letter as also the American Civil Liberties Union and the Electronic Frontier Foundation.

The groups are concerned with the expansion of the scope of NSLs because the government already uses them to a great extent, most often accompanied by gag orders prohibiting companies from making public that they have received such requests. Over 300,000 NSLs were issued by the FBI over the last ten years, according to the letter.

Join the CSO newsletter!

Error: Please check your email address.

Tags social media

More about Electronic Frontier FoundationFacebookFBIFederal Bureau of InvestigationGoogleYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John Ribeiro

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place