- Apr 24, 2013
- 1,200
Yahoo began complying with government directives to provide user data to the National Security Agency on May 12, 2008, four days after the Foreign Intelligence Surveillance Court of Review found it in contempt of court and threatened daily fines of $250,000 for non-compliance, according to U.S. government documents released Thursday.
Among the more than 1,500 pages made public by the Justice Department and the Office of the Director of National Intelligence were legal briefs detailing Yahoo's reasoning for its challenge.
For seven months, the Internet company refuted the government's demands, arguing that handing over user information about non-U.S. citizens outside the U.S. was unconstitutional and violated the Fourth Amendment, which protects Americans against unreasonable search and seizure.
The U.S. government maintained the importance of the data requests and argued that it had safeguards against invading the privacy of U.S. citizens. "Each day that Yahoo does not comply with the directives, we are losing foreign intelligence information that may never be recovered," said then-director of national intelligence J. Michael McConnell in the May 9, 2008, motion that called for the $250,000 daily fines and an order of civil contempt.
The fact that Yahoo had challenged the government's data-gathering process became known last year, but the $250,000 fines and details about data requests were among the new revelations.
"It always helps to put a name on things and to add more concrete detail because … so much is kept secret that it becomes very hard to have an informed public debate," said Alan Butler, senior counsel for the Electronic Privacy Information Center. The government's authority to gather foreign intelligence on terrorist organizations and other foreign powers "all sounds fine in abstract but," he says, "has resulted in the disclosure and sharing of ... private communications of innocent individuals that should not have been collected in the first place."
Even as it began to comply, Yahoo later in May asked for a reversal of the decision. In August, the review court issued a final ruling approving the U.S. government's collection of foreign intelligence data.
The collection of data from Yahoo and several other tech firms including Apple, Google, Facebook and Microsoft went on in secret until former NSA contractor Edward Snowden leaked documents to the London-based Guardian and The Washington Post.
"The released documents underscore how we had to fight every step of the way to challenge the U.S. Government's surveillance efforts," said Yahoo's general counsel Ron Bell, in a statement on Yahoo's Global Public Policy Tumblr page. "We consider this an important win for transparency, and hope that these records help promote informed discussion about the relationship between privacy, due process, and intelligence gathering."
In its May 29, 2008, brief asking for a reversal of the decision, Yahoo said that since the government was asking for data from Yahoo locations in the U.S. that were used by U.S. citizens "privacy intrusion will likely be experienced in the U.S. by a U.S. person."
Government requests that identified targets by user names such as "Johndoe212" could easily be confused and if "one character off could invade Johndoetwo12's privacy," the company said in its legal document. "Without requiring the government to link the intended target with the User ID to be surveilled, there is a significant risk of violating the privacy of innocent users in the U.S."
Requests for user data "can identify an unlimited number of individual targets at any time over the period of one year … and for each target an unlimited number of Yahoo! accounts to surveil," Yahoo said.
As the legal arguments went on, the law was changed to require that a court obtain a warrant or deem a U.S. citizen a foreign power or agent, or employee of a foreign power before he or she can be targeted.
But current targeting procedures of non-U.S. citizens located outside the country could still inadvertently sweep in U.S. citizens because of the nature of the Internet, Butler says. And the processing of gathered data could also result in privacy invasions of citizens, he says. EPIC has pushed for increased transparency from the secret courts.
The newly released documents raise some "pretty substantial questions" about how the intelligence courts are designed, Butler says, "and whether that is really conducive to the kind of oversight and judicial review that is necessary to have a healthy constitutional system and a healthy legal system."
