Yahoo!'s secret! FBI! orders!

Yahoo! today published three redacted National Security Letters (NSLs) it received from the FBI, which demanded information about the web portal's users.

As is standard, the NSLs [PDF] contained a gagging clause that prevented Yahoo! from warning its customers of the data slurp. The letters were received in April 2013, August 2013, and June 2015, each targeting a single yahoo.com user. Two of the letters forced Yahoo! to hand over "the name, address, and length of service for each of the accounts" requested, while the third yielded no handover because the account requested by the Feds didn't exist.

Thanks to a change in US law last year, the non-disclosure part of the letters has expired, allowing them to be revealed. According to Yahoo!:

As part of our ongoing commitment to transparency, Yahoo is announcing today the public disclosure of three National Security Letters (NSLs) that it received from the Federal Bureau of Investigation (FBI). This marks the first time any company has publicly acknowledged receiving an NSL following the reforms of the USA Freedom Act.

We’re able to disclose details of these NSLs today because, with the enactment of the USA Freedom Act, the FBI is now required to periodically assess whether an NSL’s nondisclosure requirement is still appropriate, and to lift it when not. We believe this is an important step toward enriching a more open and transparent discussion about the legal authorities law enforcement can leverage to access user data.

The letters "have been redacted to protect the identities of the FBI agents involved in the investigations, our own personnel, and the Yahoo users affected by the NSLs." The users who had their info requested have been privately informed. Yahoo! is not alone in receiving NSLs – more tech giants and telcos may soon reveal their letters as the gagging orders expire. ®