Today, Yahoo made minor history by becoming the first company to publicly confirm that it has been issued National Security Letters (NSLs) from the FBI. It sounds like a simple story, but it's actually a huge win for transparency: until recently, gag orders kept companies like Yahoo from acknowledging NSLs in all but the vaguest of terms. Now, thanks to the USA Freedom Act, the company is able to divulge the contents of three FBI data requests made since 2013.
The contents of the NSLs themselves don't actually tell us much (though it does specify exactly what Yahoo was to provide: service dates, names, addresses and header information, but absolutely no email content), but the announcement shows us how difficult it still is for companies to tell us how many requests they get per year. Yahoo is allowed to disclose the content of these three NSLs, for instance, but still has to report NSLs in intentionally vague lots of 500 in transparency reports. Bringing that number up to three, however allows Yahoo to list this statistic as between one and 500, rather than between zero and 500. Still pretty vague, but marginally better.
It takes some doing to get permission to acknowledge the receipt of a letter, too -- Yahoo says that the FBI needs to review if the nondisclosure provision is still necessary for each specific NSL before allowing a company to publish it, and even then certain information needs to be redacted before being made available to the public. Still, when companies do get these gag orders lifted, it allows them to notify the investigated parties that the FBI was looking into their data, and it's a big win for transparency overall. Want to see Yahoo's NSL data for yourself? Check it out at the source link below.