In a transparency report provided by Google, the search engine giant reveals that the FBI used National Security Letters to seek information on Google users. These letters are authorized by the Electronic Communications Privacy Act (ECPA) and expanded under the Patriot Act, and allow the agency to seek information on a subscriber to a wire or electronic communications service.
Privacy watchdogs consider this form of surveillance as "frightening and invasive." But NSLs aren't meant to be used for digging through emails, search queries, YouTube videos, or obtain IP addresses. Instead the agency can acquire the name, address, length of service, and local and long distance toll billing records.
Typically companies that receive NSLs aren't even allowed to acknowledge the government's request for information. But Google said it will from here on out include data about NSLs in its Transparency Reports.
"We’ve been trying to find a way to provide more information about the NSLs we get—particularly as people have voiced concerns about the increase in their use since 9/11," the company said. "Starting today, we’re now including data about NSLs in our Transparency Report. We’re thankful to U.S. government officials for working with us to provide greater insight into the use of NSLs."
In 2012, Google received up to 999 NSLs regarding 1000 to 1999 user accounts. That's actually been the norm since 2009 save for 2010 where the number of affected accounts ranged from 2000 to 2999. Google says it scrutinizes the NSLs to ensure they satisfy the law and Google's own policies. The company also seeks to narrow down requests that are overly broad.
"It's Google’s practice to notify users about legal demands when appropriate, unless prohibited by law or court order," the company said. "The FBI has the power to prohibit the recipient of an NSL from disclosing the fact that it has received an NSL, by certifying that disclosure may result in 'a danger to the national security of the United States, interference with a criminal, counterterrorism, or counterintelligence investigation, interference with diplomatic relations, or danger to the life or physical safety of any person.'"
Despite what privacy watchdogs claim, Google clearly spells out in the FAQ what the NSLs can actually demand. Based on that info, the government could be acquiring Google Talk information to monitor possible VoIP communication. Hackers and/or terrorists could easily compromise a Google account and charge calling credits to the stored credit card. This method allows the hacker/terrorist to contact comrades overseas undetected.