When the FBI Seizes Your Messages from Big Tech, You May Not Know for Years

When America’s law enforcement investigators serve tech companies with subpoenas or search warrants,”the target of the investigation has no idea their data is being seized,” the Washington Post pointed out this weekend.

It’s becoming surprisingly common in the U.S. “And if investigators obtain a gag order, the records must be handed over without the person’s knowledge or consent — depriving the person of an opportunity to challenge the seizure in court.” Every year, Facebook, Google and other technology companies receive hundreds of thousands of orders from law enforcement agencies seeking data people stash online: private messages, photos, search histories, calendar items — a potentially rich trove for criminal investigators. Often, those requests are accompanied by secrecy orders, also known as nondisclosure or gag orders, that require the tech companies to keep their customers in the dark, potentially for years…

In the last six months of 2020, Facebook received 61,262 government requests for user data in the United States, said spokesman Andy Stone. Most — 69 percent — came with secrecy orders. Meanwhile, Microsoft has received between 2,400 and 3,500 secrecy orders from federal law enforcement each year since 2016 — or seven to 10 per day — according to congressional testimony by vice president of customer security and trust Tom Burt. Google and Apple declined to disclose the number of gag orders they’ve received. But in the first half of 2020, Google said U.S. law enforcement made 39,536 requests for information about 84,662 accounts — with many of the requests targeting multiple accounts. Apple said it received 11,363 requests…

Under the 1986 Electronic Communications Privacy Act, federal prosecutors are required to seek digital information from tech companies, not their customers. Since then, prosecutors have routinely used gag orders to prevent the companies from spilling the beans to suspects who might destroy evidence, go into hiding or threaten someone’s life. But the practice has mushroomed over the past two decades, part of a broader surveillance ramp-up following the Sept. 11, 2001, terrorist attacks, lawyers said. As the orders have proliferated, privacy advocates and the tech companies themselves have become increasingly concerned. Some tech company officials have accused prosecutors of reflexively requesting gag orders for routine investigations, regardless of whether the cases actually require such secrecy. And an array of company officials and legal experts argue that the practice robs tech company customers of their constitutional protections against unreasonable search and seizure.

“Across all the rest of society, it’s understood that government doesn’t get to take your stuff, doesn’t get to come in and into your house, doesn’t get to break into your file folders or your lock box at the bank without a warrant. And you get to know about that warrant and you get to exercise your legal rights,” Microsoft’s Burt said in an interview. “Someone cannot exercise their Fourth Amendment rights when their data has been taken in secret.”
U.S. lawmakers are considering changes, the article points out. One idea? Require tech companies “to preserve digital files that are the subject of court orders and permit customers to challenge the orders in court before the information is turned over to prosecutors.”

Senator Ron Wyden of Oregon points out that’s how wiretaps currently work — and is also drafting a measure that would finally require federal courts to publish statistics on the number of surveillance and secrecy orders they’ve issued.