Searching over 5,500,000 cases.


searching
Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.

In re National Security Letter

United States Court of Appeals, Ninth Circuit

July 17, 2017

In re National Security Letter,
v.
Jefferson B. Sessions III, Attorney General, Respondent-Appellee. Under Seal, Petitioner-Appellant, In re National Security Letter, Under Seal, Petitioner-Appellant,
v.
Jefferson B. Sessions III, Attorney General, Respondent-Appellee. In re National Security Letter, Under Seal, Petitioner-Appellant,
v.
Jefferson B. Sessions III, Attorney General, Respondent-Appellee.

          Argued and Submitted March 22, 2017 San Francisco, California

         Appeal from the United States District Court for the Northern District of California D.C. No. 3:11-cv-02173-SI, 3:13-mc-80089-SI, 3:13-cv-01165-SI Susan Illston, District Judge, Presiding.

          Andrew Crocker (argued), Nathan Cardozo, Lee Tien, Kurt Opsahl, Jennifer Lynch, David Greene, Cindy Cohn, and Aaron Mackey, Electronic Frontier Foundation, San Francisco, California; Richard Wiebe, Law Office of Richard R. Wiebe, San Francisco, California; for Petitioner-Appellants.

          Lewis S. Yelin (argued), Scott R. McIntosh, and Douglas N. Letter, Appellate Staff; Brian Stretch, United States Attorney; Benjamin C. Mizer, Principal Deputy Assistant Attorney General; Civil Division, United States Department of Justice, Washington, D.C.; for Respondent-Appellee.

          Before: Sandra S. Ikuta, N. Randy Smith, and Mary H. Murguia, Circuit Judges.

         SUMMARY[*]

         Civil Rights

         The panel affirmed the district court's orders denying petitions brought by electronic communication service providers pursuant to 18 U.S.C. § 3511(a) to set aside information requests and nondisclosure requirements in National Security Letters issued to them by the Federal Bureau of Investigation.

         A National Security Letter is an administrative subpoena issued by the FBI to a wire or electronic communication service provider requiring the provider to produce specified subscriber information that is relevant to an authorized national security investigation. 18 U.S.C. § 2709(a). By statute, a National Security Letter may include a requirement that the recipient not disclose the fact that it has received such a request. In this case, recipients of National Security Letters alleged that the nondisclosure requirement violates their First Amendment rights.

         The panel held that § 2709(c)'s nondisclosure requirement imposes a content-based restriction that is subject to, and withstands, strict scrutiny. The panel further held that, assuming the nondisclosure requirement was the type of prior restraint for which the procedural safeguards set forth in Freedman v. Maryland, 380 U.S. 51 (1965) were required, the National Security Letters law provided those safeguards. The panel concluded that the nondisclosure requirement does not run afoul of the First Amendment.

          OPINION

          IKUTA, Circuit Judge.

         In this case, we consider challenges to the constitutionality of the law authorizing the Federal Bureau of Investigation (FBI) to prevent a recipient of a national security letter (NSL) from disclosing the fact that it has received such a request. 18 U.S.C. § 2709(c). An NSL is an administrative subpoena issued by the FBI to a wire or electronic communication service provider which requires the provider to produce specified subscriber information that is relevant to an authorized national security investigation. Id. § 2709(a). By statute, the NSL may include a requirement that the recipient not "disclose to any person that the Federal Bureau of Investigation has sought or obtained access to information or records" under the NSL law. Id. § 2709(c)(1)(A). Both the information request and the nondisclosure requirement are subject to judicial review. See id. § 3511. (Because § 2709 and § 3511 work together, we refer to them collectively as "the NSL law.")

         Certain recipients of these NSLs claim that the nondisclosure requirement violates their First Amendment rights. We hold that the nondisclosure requirement in 18 U.S.C. § 2709(c) is a content-based restriction on speech that is subject to strict scrutiny, and that the nondisclosure requirement withstands such scrutiny. Accordingly, we affirm.

         I

         We begin by reviewing the statutory framework under which NSLs are issued. The law authorizing the FBI to send an information request to a wire or electronic communication service provider was originally enacted as part of the Electronic Communications Privacy Act of 1986. Pub. L. No. 99-508, § 201, 100 Stat. 1848, 1867. The law was extensively amended in 2006, as part of the USA Patriot Improvement and Reauthorization Act of 2005. Pub. L. No. 109-177, §§ 115, 116(a), 120 Stat. 192, 211-17 (2006). The letters received by the recipients here were issued under the 2006 version of the NSL law. Subsequently, Congress enacted the USA FREEDOM Act of 2015, Pub. L. No. 114-23, 129 Stat. 268, which further amended the NSL law effective June 2, 2015.[1]

         The NSL law is best understood as a form of administrative subpoena. Congress may authorize federal agencies to issue administrative subpoenas without court authorization for any purpose within Congress's constitutional power. See Okla. Press Publ'g Co. v. Walling, 327 U.S. 186, 208-09 (1946); see also ICC v. Brimson, 154 U.S. 448, 472-73 (1894), overruled on other grounds by Bloom v. Illinois, 391 U.S. 194, 198-200 (1968). But while an agency may issue a subpoena without prior judicial approval, it must invoke the aid of a federal court to enforce it. See, e.g., United States v. Sec. State Bank & Trust, 473 F.2d 638, 641-42 (5th Cir. 1973); see also Shasta Minerals & Chem. Co. v. SEC, 328 F.2d 285, 286 (10th Cir. 1964). The "power to punish is not generally available to federal administrative agencies, " and so enforcement must be sought "by way of a separate judicial proceeding." Shasta Minerals, 328 F.2d at 286.

         Sections 2709 and 3511 follow the statutory framework typically used to authorize administrative subpoenas. Compare 18 U.S.C. §§ 2709, 3511, with, e.g., 21 U.S.C. § 876(a). Section 2709 authorizes the FBI to make an information request to "[a] wire or electronic communication service provider" for "subscriber information and toll billing records information, or electronic communication transactional records in its custody or possession, " and provides that the recipient "shall comply" with the request. 18 U.S.C. § 2709(a).[2] In order to issue such a request, the FBI Director or a sufficiently high-ranking designee of the Director must "specifically identif[y] a person, entity, telephone number, or account as the basis for a request, " and must certify that the "records sought are relevant to an authorized investigation to protect against international terrorism or clandestine intelligence activities" and that the investigation "is not conducted solely on the basis of activities protected by the first amendment to the Constitution of the United States." Id. § 2709(b)(1)-(2).[3] The NSL must include notice of the availability of judicial review under 18 U.S.C. § 3511. Id. § 2709(d).

         The NSL law contemplates that in some cases, a recipient's disclosure of the fact that it has received an FBI request for specific information may result in one of four enumerated harms: "(i) a danger to the national security of the United States; (ii) interference with a criminal, counterterrorism, or counterintelligence investigation; (iii) interference with diplomatic relations; or (iv) danger to the life or physical safety of any person." Id. § 2709(c)(1)(B).[4] If the FBI Director or a sufficiently high-ranking designee of the Director issues a certification "that the absence of a prohibition of disclosure under this subsection may result" in one of these harms, id., and the government gives the recipient notice of the availability of judicial review pursuant to § 3511, see id. § 2709(d)(2), the government may prohibit the recipient from disclosing that it has received the NSL, see id. § 2709(c)(1)(A), [5] subject to such judicial review.

         There are three statutory exceptions to the nondisclosure requirement. See id. § 2709(c)(2).[6] First, a recipient "may disclose information otherwise subject to any applicable nondisclosure requirement" to "those persons to whom disclosure is necessary in order to comply with the request." Id. § 2709(c)(2)(A)(i). Second, the recipient may disclose such information to "an attorney in order to obtain legal advice or assistance regarding the request." Id. § 2709(c)(2)(A)(ii). Third, if the recipient wants to provide the information to other individuals, it may do so if it obtains the permission of the FBI Director or the designee of the Director. Id. § 2709(c)(2)(A)(iii). The recipient must also inform those persons receiving the information that they are subject to the same nondisclosure requirement applicable to the initial recipient, id. § 2709(c)(2)(C).

         As is typical in the administrative subpoena context, § 2709 does not contain any penalty provision either for failure to comply with the information request or for failure to comply with the nondisclosure requirement. Only a court has authority to enforce the information request or the nondisclosure requirement. See id. § 3511. If a recipient fails to comply with an information request, the government "may invoke the aid" of a district court "to compel compliance with the request." Id. § 3511(c).[7] The court may "issue an order requiring the person or entity to comply with the request, " and "[a]ny failure to obey the order of the court may be punished by the court as contempt thereof." Id. Alternatively, the recipient of an NSL may petition the district court "for an order modifying or setting aside the request, " and the district court may do so "if compliance would be unreasonable, oppressive, or otherwise unlawful." Id. § 3511(a).[8]

         Whenever a nondisclosure requirement under § 2709(c) is imposed on a recipient, the recipient may challenge the requirement in one of two ways. First, the recipient may "file a petition for judicial review in any court described in [§ 3511(a)]." Id. § 3511(b)(1)(A).[9] Second, the recipient "may notify the Government" that it desires judicial review, id., in which case "[n]ot later than 30 days after the date of receipt of a notification [from the recipient], the Government shall apply [to the district court] for an order prohibiting" disclosure, id. § 3511(b)(1)(B). The government's application for a nondisclosure order (or for an extension of such an order), must include a certification from the FBI Director or a sufficiently high-ranking designee "containing a statement of specific facts indicating that the absence of a prohibition of disclosure under [§ 3511(b)] may result in" one of the four harms enumerated in § 2709(c)(1)(B). Id. § 3511(b)(2).[10] The nondisclosure requirement remains in effect while the district court considers the recipient's challenge or the government's application for a nondisclosure order. Id. § 3511(b)(1)(B).

         A court receiving a recipient's petition for judicial review of a nondisclosure requirement or the government's application for a nondisclosure order "should rule expeditiously." Id. § 3511(b)(1)(C). The court "shall issue a nondisclosure order or extension thereof . . . if the court determines that there is [good] reason to believe that disclosure of the information subject to the nondisclosure requirement during the applicable time period may result in" one of the four enumerated harms. Id. § 3511(b)(3).[11] In making this determination, "the court shall, upon request of the government, review ex parte and in camera any government submission or portions thereof, which may include classified information." Id. § 3511(e). Any nondisclosure order issued by a reviewing court should "include[] conditions appropriate to the circumstances." Id. § 3511(b)(1)(C).

         In amending the NSL law in 2015, Congress also required the Attorney General to promulgate procedures for periodically reviewing and terminating any nondisclosure requirements issued in connection with an NSL. Pub. L. No. 114-23, Title V, § 502(f), 129 Stat. at 288 (codified at 12 U.S.C. § 3414 note). The Attorney General adopted such procedures in November 2015. See Termination Procedures for National Security Letter Nondisclosure Requirement, Fed. Bureau of Investigation (Nov. 24, 2015), https://www.fbi.gov/file-repository/nsl-ndp-procedures.pdf (hereinafter "Termination Procedures"). Under these procedures, any nondisclosure requirement must terminate when the underlying investigation is closed or "on the three-year anniversary of the initiation" of the investigation, unless "the FBI makes a determination that one of the existing statutory standards for nondisclosure is satisfied." Once the FBI has determined that nondisclosure is no longer required, it must provide written notice to the recipient to that effect. If the FBI does not terminate the nondisclosure requirement at either of these occasions, the recipient retains the right to challenge the requirement in district court. 18 U.S.C. § 3511(a).

         The 2015 legislation amending the NSL law also added 50 U.S.C. § 1874, which allows "[a] person subject to a nondisclosure requirement" to disclose aggregate data regarding the number of NSLs (in specified ranges or "bands") that the person has received. Pub. L. No. 114-23, Title VI, § 603(a), 129 Stat. at 295-96 (codified at 50 U.S.C. § 1874(a)(1)-(4)). For instance, a person may report receiving 0 to 99, 0 to 249, 0 to 499, or 0 to 999 nondisclosure requirements. A person who chooses to report receiving 0 to 99 nondisclosure requirements may make such a disclosure on an annual basis, while a person who chooses to report receipt of a larger range of NSLs may report semiannually. See 50 U.S.C. § 1874(a)(1)-(4).

         II

         We next turn to the facts of these consolidated appeals, which involve five NSLs issued to two recipients between 2011 and 2013 (while the 2006 NSL law remained in effect). Each NSL at issue contained an information request and a nondisclosure requirement, and informed the recipient that it could seek judicial review of the nondisclosure requirement by notifying the FBI and that the FBI would accordingly initiate judicial review within 30 days.

         The first recipient, CREDO Mobile, received three of the NSLs at issue, the first in 2011 and two more in 2013. The second recipient, CloudFlare, received the other two NSLs, both in 2012. Following receipt, CREDO and CloudFlare petitioned the district court to set aside the information requests and nondisclosure requirements contained in each NSL. Each recipient also sought to enjoin the government from issuing additional NSLs and from imposing additional nondisclosure requirements. In response, the government cross-moved in each case to compel compliance with the NSLs.

         In considering the 2011 NSL issued to CREDO, the district court held that the nondisclosure and judicial review provisions in the 2006 NSL law violated the First Amendment and that these provisions were not severable from the remainder of the statute, and accordingly enjoined the government from issuing information requests and from enforcing nondisclosure requirements. See In re Nat'l Sec. Letter, 930 F.Supp.2d 1064, 1081 (N.D. Cal. 2013). The district court stayed its decision pending the resolution of the government's appeal.

         Notwithstanding its conclusion that the 2006 NSL law was constitutionally deficient, the district court denied the petitions to set aside the information requests and nondisclosure requirements in the 2013 NSLs issued to CREDO and the 2012 NSLs issued to CloudFlare. The district court reasoned that those NSLs were issued in full compliance with the procedural and substantive requirements suggested by the Second Circuit in John Doe, Inc. v. Mukasey, 549 F.3d 861 (2d Cir. 2008), which had held that the 2006 NSL law could be constitutionally applied if certain additional safeguards were provided. CREDO and CloudFlare appealed.

         While we considered these appeals, Congress enacted the USA FREEDOM Act, effective June 2, 2015. Recognizing the extensive changes to the NSL law made by this enactment, we vacated the district court's judgments and remanded to allow the district court to consider in the first instance the constitutionality of the 2015 NSL law.

         On remand, CREDO and CloudFlare submitted renewed petitions under § 3511(a) to set aside the information requests and nondisclosure requirements contained in each NSL and the government cross-petitioned to enforce both components of the NSLs. This time, the district court held that the NSL law, as amended, was constitutional. It also determined that the government had carried its burden of showing that there was good reason to believe that disclosure of the 2011 NSL to CREDO and of the 2012 NSLs to CloudFlare might result in one of the four enumerated harms. Accordingly, it granted the government's cross-petitions to enforce those three NSLs in their entirety. However, with respect to the 2013 NSLs to CREDO, the district court held that the government's certification that one of the four enumerated harms would result absent nondisclosure was insufficient. Accordingly, it granted CREDO's petition to set aside the nondisclosure requirement in the 2013 NSLs.

         CREDO and CloudFlare appealed the denial of their petitions to set aside the information requests and nondisclosure requirements in the 2011 and 2012 NSLs. The government cross-appealed the district court's decision to set aside the nondisclosure requirements in the 2013 NSLs to CREDO, but has since voluntarily dismissed its cross-appeal.[12]

         While this appeal was pending, the FBI closed the investigation underlying the 2011 NSL to CREDO. Following the Termination Procedures adopted as required by the 2015 amendments, the FBI determined that continued nondisclosure was no longer necessary and so notified CREDO in writing. According to the FBI's letter to CREDO, CREDO may now disclose "[t]he fact that [CREDO] received the NSL on a certain date" and "[w]hether or not [CREDO] provided responsive information to the FBI pursuant to the NSL." However, "the nondisclosure requirement remains in place for any information regarding the customer account(s) for which information was sought, as well as any other information that could be used to identify the subscriber(s) for the customer account(s)."[13]

         The FBI also closed the investigation underlying one of the 2012 NSLs issued to CloudFlare. Following the Termination Procedures, the FBI determined that continued nondisclosure was no longer necessary and provided CloudFlare written notice to that effect. According to the FBI's letter to CloudFlare, CloudFlare may now disclose the "[t]he fact that [CloudFlare] received the NSL on a certain date"; "[t]he customer account(s) for which information was sought"; and "[w]hether or not [CloudFlare] provided responsive information to the FBI pursuant to the NSL."[14]The nondisclosure requirement contained in the second 2012 NSL to CloudFlare remains in full effect.[15]

         In sum, CREDO is now subject to a nondisclosure requirement "for any information regarding the customer account(s) for which information was sought, as well as any other information that could be used to identify the subscriber(s) for the customer account(s)" under the 2011 NSL. CloudFlare is subject to a nondisclosure requirement only as to one of the 2012 NSLs.[16]

         III

         We begin our constitutional analysis by analyzing whether this appeal raises a facial challenge or an as-applied challenge to the NSL law. "A facial challenge is an attack on a statute itself as opposed to a particular application." City of Los Angeles v. Patel, 135 S.Ct. 2443, 2449 (2015). By contrast, "[a]n as-applied challenge contends that the law is unconstitutional as applied to the litigant's particular speech activity, even though the law may be capable of valid application to others." Foti v. City of Menlo Park, 146 F.3d 629, 635 (9th Cir. 1998). The recipients assert that the nondisclosure requirement of § 2709(c) prevents them from speaking about matters of public policy and engaging in the political process, but do not argue that the NSL law can never be constitutionally applied in any context. Accordingly, we analyze the recipients' challenge as a facial challenge. Cf. Members of the City Council v. Taxpayers for Vincent, 466 U.S. 789, 802-03 (1984) (concluding that the plaintiff's challenge to an ordinance was an as-applied challenge because the plaintiffs acknowledged that the statute could be validly applied in other cases).

         "[C]onstitutional questions of fact (such as whether certain restrictions create a 'severe burden' on an individual's First Amendment rights) are reviewed de novo." Prete v. Bradbury, 438 F.3d 949, 960 (9th Cir. 2006) (emphasis ...


Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.