Court Lifts Decade Long NSL Non-Disclosure Requirement

Published On September 30, 2015 | By Abby Liebeskind and Brett Weinstein | General

In the latest chapter of a dispute reaching back over a decade, Judge Marrero of the United States District Court for the Southern District of New York lifted the last remaining fragments of a non-disclosure requirement imposed in conjunction with a National Security Letter (NSL) issued to Calyx Internet Access, a now-defunct service provider. The Court held that the government could not meet the burden for requiring continued non-disclosure, in part because the government had already publicly disclosed elsewhere virtually all of the content at issue. Nonetheless, the Court issued a redacted version of the decision and stayed its order for 90 days to allow the government to appeal.

Nicholas Merrill, the former CEO of Internet service provider Calyx, has been persistent in fighting this non-disclosure requirement and had already been successful—to some extent. As a result of one of his earlier challenges, the Second Circuit invalidated certain aspects of both 18 U.S.C. § 2709, which provides authority for the FBI to issue NSLs and require non-disclosure, and § 3511, which provides for judicial review of NSLs. Specifically, in 2008, the Second Circuit invalidated sections of these statutes which placed the burden on the NSL recipient, not the government, to initiate judicial review of an NSL, and which mandated that certifications of risk by the FBI that non-disclosure was necessary be treated as conclusive by the court.1

After Merrill continued to challenge the nondisclosure requirements of the NSL he received under the statutes as interpreted by the Second Circuit, the SDNY ordered portions of the NSL should be disclosed —specifically, material within the scope of what the FBI is statutorily authorized to obtain with an NSL and material that the FBI had publicly acknowledged it had previously requested with NSLs. The government subsequently agreed to remove additional aspects of the non-disclosure edict, which had prohibited Merrill from identifying himself as the recipient of the NSL and from notifying the target. The government, however, continued to prohibit Merrill from disclosing the Attachment to the NSL, which specified the types of records the FBI sought.

In the present case, Merrill sought to disclose the Attachment. The Court found the government “has not satisfied its burden of demonstrating a ‘good reason’ to expect that disclosure of the NSL Attachment in its entirety will risk an enumerated harm” as listed in the NSL statutes, and therefore that the Attachment could be disclosed. The Court compared information already revealed by the government to sections of the Attachment (redacted in this version of the opinion) and found them identical or substantially similar. As a result, the Court agreed with the plaintiff that “the non-disclosure requirement enforced against him was overly broad and could not be supported by a ‘good reason.’”

 If upheld on appeal, the decision could serve as precedent for recipients of NSLs who wish to challenge the requirement that they keep secret the types of information the FBI routinely requests in its NSLs, since that information is now publicly available elsewhere as a result of government disclosures.

Footnote
  1. In June 2015, the NSL statutes were amended by the USA FREEDOM Act, which purported to codify the Second Circuit’s interpretation. As amended, the statutes require the government to initiate judicial review of NSL non-disclosure requirements, and FBI certifications regarding the necessity of non-disclosure are no longer presumptively conclusive.

 

About The Authors

Abby’s practice focuses on the legal issues that companies face related to user data and the obligations that arise under ECPA, FISA, the DMCA, and similar foreign laws; she also has experience with child exploitation matters. She frequently advises clients on how to respond to requests for user data or electronic surveillance from domestic and foreign law enforcement, as well as content take-down requests and third party requests in civil litigation. Abby also assists clients as they establish law enforcement compliance programs and transparency reporting.

Brett works with ZwillGen attorneys on a variety of matters, including law enforcement compliance, FTC investigations, fantasy sports, U.S.-EU Safe Harbor issues, and other data privacy issues. Prior to joining ZwillGen, Brett externed at the ACLU of Missouri from January through May 2015, where he researched and assisted with litigation. During the summer in 2014, Brett interned at the Berkman Center for Internet and Society at Harvard, where he worked on a project to facilitate sharing social science research data while incorporating privacy protections.

Comments