UNITED STATES ff?aF[ FOREIGN INTELLIGENCE SURVEILLANCE 27 3' WASHINGTON, D.C. IN RE MOTION FOR DECLARATORY JUDGMENT OF A FIRST AMENDMENT RIGHT TO PUBLISH AGGREGATE INFORMATION ABOUT FISA ORDERS IN RE MOTION TO DISCLOSE AGGREGATE DATA REGARDING FISA ORDERS IN RE MOTION FOR DECLARATORY JUDGMENT TO DISCLOSE AGGREGATE DATA REGARDING FISA ORDERS AND DIRECTIVES IN RE MOTION FOR DECLARATORY JUDGMENT TO DISCLOSE AGGREGATE DATA REGARDING FISA ORDERS AND DIRECTIVES IN RE MOTION FOR DECLARATORY JUDGMENT TO REPORT AGGREGATED DATA REGARDING FISA ORDERS NOTICE HALL .1 . .1 1. Docket No. Misc. 13-03 Docket No. Misc. 13-04 Docket No. Misc. 13-05 Docket No. Misc. 13-06 Docket No. Misc. 13-07 The Government hereby informs the Court that, pursuant to the terms of the attached letter from the Deputy Attorney General, the Government will permit the petitioners to publish the aggregate data at issue in the above-captioned actions relating to any orders issued pursuant to the Foreign Intelligence Surveillance Act (FISA). The parties are separately stipulating to the dismissal of these actions without prejudice. The Director of National Intelligfince has declassified the aggregate data consistent with the terms of the attached letter from the Deputy Attorney General, in the exercise of the Director of National Intelligence's discretion pursuant to Executive Order 13526, The Government will therefore treat such disclosures as no longer prohibited under any legal provision that would otherwise prohibit the disclosure of classified data, including data relating to FISA surveillance. It is the Government's position that the terms outlined in the Deputy Attorney General's letter define the limits of permissible reporting for the parties and other similarly situated companies. Dated: January 27, 2014 Respectfully submitted, JOHN P. CARLIN Acting Assistant Attorney General for National Security TASHINA GAUHAR Deputy Assistant Attomey General National Security Division J. BRADFORD WIEGMANN Deputy Assistant Attorney General National Security Division CHRISTOPHER HARDEE Chief Counsel for Policy National Security Division Alex Iftimie ALEX IFTIMIE U.S. Department of Justice National Security Division 950 Ave., N.W. Washington, DC 20530 Phone: (202) 514-5600 Fax: (202) 514-8053 Attorneys for the United States of America 2 CERTIFICATE OF SERVICE I hereby certify that a true copy of this Notice was served by the Government via email on this 27th day of January, 2014, addressed to: Albert Gidari Perkins Coie LLP 1201 Third Avenue, Suite 4900 Seattle, WA 98101 Attorney for Google Inc. James Garland David N. agan Alexander A. Berengaut Covington Burling LLP 1201 Avenue, N.W. Washington, DC 20004-2401 Attorneys for Microsoft Corporation Marc J. Zwillinger Jacob A. Sommer ZwillGen PLLC 1705 Street, N.W. Washington, DC 20036 Attorneys for Yahoo! Inc. Carl J. Nichols Wilmer Cutler Pickering Hale and Dorr LLP 1875 Avenue, N.W. Washington, DC 20006 Attorney for Facebook, Inc. I Jerome C. Roth Jonathan H. Blavin Justin P. Raphael Munger, Tolles Olson LLP 560 Mission Street, 27th Floor San Francisco, CA 94105 Attorneys for LinkedIn Corporation Alex Iftimie (R)ffii:e of the Eeputg @2112:-al E.-istfiugian, @111. zussu January 27, 2014 Sent via Email Colin Stretch, Esquire Vice President and General Counsel aceboolc Corporate Office 1601 Willow Road Menlo Park, CA 94025 Kent Walker, Esquire Senior Vice President and General Counsel Google Corporate Oflice Headquarters 1600 Amphitheater Parkway Mountain View, CA 94043 Erika Rottenberg, Esquire Vice President, General Counsel/Secretary Linkedln Corporation 2029 Stierlin Court Mountain View, CA 94043 Brad Smith, Esquire Executive Vice President and General Counsel Microsoft Corporate Office Headquarters One Microsofl Way Redmond, WA 98052-7329 Ronald Bell, Esquire General Counsel Yahoo Inc. Corporate Office and Headquarters 701 First Avenue Sunnyvale, CA 94089 Dear General Counsels: Pursuant to my discussions with you over the last month, this letter memorializes the new and additional ways in which the governmengwill permit your company to report data concerning requests for customer information. We are sending this in connection with the Notice we filed with the Foreign Intelligence Surveillance Court today. In the summer of 201 3, the govemment agreed that providers could report in aggregate the total number of all requests received for customer data, including all criminal process, NSLS, Letter to Colin Stretch, Kent Walker, Erika Rottenberg, Brad Smith and Ronald Bell Page 2 and FISA orders, and the total number of accounts targeted by those requests, in bands of 1000. In the alternative, the provider could separately report precise numbers of criminal process received and number of accounts affected thereby, as well as the number of NSLs received and the number of accounts affected thereby in bands of 1000. Under this latter option, however, a provider could not include in its reporting any data about ISA process received. The government is now providing two alternative ways in which companies may inform their customers about requests for data. Consistent with the President's direction in his speech on January 17, 2014, these new reporting methods enable communications providers to make public more information than ever before about the orders that they have received to provide data to the govemment. Option One. A provider may report aggregate data in the following separate categories: 1. Criminal process, subject to no restrictions. 2. The number of NSLs received, reported in bands of 1000 starting with 0-999. 3. The number of customer accounts affected by NSLs, reported in bands of l0O0 starting with 0-999. 4. The number of FISA orders for content, reported in bands of 1000 starting with 0-999. 5. The number of customer selectors targeted under FISA content orders, in bands of 1000 starting with 0-999. 6. The number of FISA orders for non-content, reported in bands of 1000 starting with 0-999. 7. The number of customer selectors targeted under FISA non-content orders, in bands of 1000 starting with 0-999. A provider may publish the FISA and NSL numbers every six months. For FISA information, there will be a six-month delay between the publication date and the period covered As the Director of National Intelligence stated on November 18, 2013, the Government several years ago discontinued a program under which it collected bulk internet metadata, and no longer issues FISA orders for such information in bulk. See intelligence. With regard to the bulk collection of telephone metadata, the President has ordered a transition that will end the Section 215 bulk rnetadata program as it currently exists and has requested recommendations about how the program should be restructured. The result of that transition will determine the manner in which data about any continued collection of that kind is most appropriately reported. Letter to Colin Stretch, Kent Walker, Erika Rottenberg, Brad Smith and Ronald Bell Page 3 by the report. For example, a report published on July 1, 2015, will reflect the FISA data for the period ending December 31, 2014. In addition, there will be a delay of two years for data relating to the first order that is served on a company for a platform, product, or service (whether developed or acquired) for which the company has not previously received such an order, and that is designated by the government as a "New Capability Order" because disclosing it would reveal that the platform, product, or service is subject to previously undisclosed collection through FISA orders. For example, a report published on July 1, 2015, will not reflect data relating to any New Capability Order received during the period ending December 31, 2014. Such data will be reflected in a report published on January 1, 2017. After data about a New Capability Order has been published, that type of order will no longer be considered a New Capability Order, and the ordinary six-month delay will apply. The two-year delay described above does not apply to a FISA order directed at an enhancement to or iteration of an existing, already publicly available platform, product, or service when the company has received previously disclosed FISA orders of the same type for that platform, product, or service. A provider may include in its transparency report general qualifying language. regarding the existence of this additional delay mechamism to ensure the accuracy of its reported data, to the effect that the transparency report may or may not include orders subject to such additional delay (but without specifically confirming or denying that it has received such new capability orders). Option Two. in the altemative, a provider may report aggregate data in the following separate categories: 1. Criminal process, subject to no restrictions. 2. The total number of all national security process received, including all NSLs and ISA orders, reported as a single number in the following bands: 0-249 and thereafter in bands of250. 3. The total number of customer selectors targeted under all national security process, including all NSLs and FISA orders, reported as a single number in the following bands, 0-249, and thereafter in bands of 250. it II II I have appreciated the opportunity to discuss these issues with you, and I am grateful for the time, effort, and input of your companies in reaching a result that we believe strikes an appropriate balance between the competing interests of protecting national security and furthering transparency. We look forward to continuing to discuss with you ways in which the Letter to Colin Stretch, Kent Walker, Erika Rottenberg, Brad Smith and Ronald Bell Page 4 government and industry can similarly find common ground on other issues raised by the surveillance debates of recent months. Sincerely, James M. Cole Deputy Attorney General