Letter to DNI: Disclose Legal Basis for Massive Scan of Yahoo Mail Accounts
By Danielle Kerem
In a letter to Director of National Intelligence James Clapper, Restore the Fourth and a coalition of civil society organizations have called on the government to clarify the legal basis for a classified Foreign Intelligence Surveillance Act (FISA) court order that allegedly compelled Yahoo to scan hundreds of millions of user email accounts for a digital signature associated with a foreign power.
According to the initial Reuters report, Yahoo “secretly built a custom software program to search all of its customers’ incoming emails for specific information provided by U.S. intelligence officials.” According to some surveillance experts, Yahoo’s program may be unprecedented — representing the “first known case of a US internet company agreeing to a spy agency’s demand by searching all arriving messages, as opposed to examining stored messages or scanning a small number of accounts in real time.” In response to these disturbing revelations, Restore the Fourth has demanded the following from the Director of National Intelligence:
- Honor the pledge your office made to “provide timely transparency on matters of public interest” by disclosing publicly the interpretation of law and of the Fourth Amendment that was relied upon to justify this surveillance;
- Release as quickly as possible the FISA Court opinion and order that compelled the surveillance to occur, as is required in the USA FREEDOM Act and as is consistent with the ODNI Principles of Intelligence Transparency Implementation Plan;
- Disclose whether the reported practice involved the scanning of email content;
- Disclose the types of selectors that the government believes are permissible under the authority it used;
- Provide any legal interpretations of FISA that reflect the government’s view of the scope of technical assistance it can compel providers to afford it;
- Indicate the total number of times such an order has been issued to a provider compelling a scan of all incoming email (or a search of comparable scope), as well as the year in which such a surveillance order was first issued.
The news of Yahoo’s bulk scan of customer emails is only the latest example of Silicon Valley’s troublesome enabling of the American intelligence community’s surveillance and collection methods – revealing the duplicity of Yahoo’s “Users First” approach and provoking serious questions regarding the sincerity of providers’ commitment to protecting digital security and client data.