We’re happy to be able to announce that Cloudflare is the second courageous client in EFF’s long-running lawsuit challenging the government’s unconstitutional national security letter (NSL) authority. Cloudflare, a provider of web performance and security services, just published its new transparency report announcing it has been fighting the NSL statute since 2013.
Like EFF’s other client, CREDO, Cloudflare took a stand against the FBI’s use of unilateral, perpetual NSL gag orders that resulted in a secret court battle stretching several years and counting. The litigation—seeking a ruling that the NSL power is unconstitutional—continues, but we’re pleased that we can at long last publicly applaud Cloudflare for fighting on behalf of its customers. Now more than ever we need the technology community to stand with users in the courts. We hope others will follow Cloudflare’s example.
Late last Friday, the government filed a public notice with the U.S. Circuit Court of Appeals for the Ninth Circuit identifying Cloudflare as an NSL recipient and EFF’s client in the lawsuit. The notice explains that the FBI determined it no longer needed to gag Cloudflare in conjunction with an NSL issued in early 2013.
Under the USA FREEDOM Act of 2015, the FBI is required to periodically review outstanding NSLs and lift gag orders on its own accord if circumstances no longer support a need for secrecy. As we’ve seen, this periodic review process has recently resulted in some very selective transparency by the FBI, which has nearly complete control over the handful of NSL gags it retracts, not to mention the hundreds of thousands it leaves in place. Make no mistake: this process is irredeemably flawed. It fails to place on the FBI the burden of justifying NSL gag orders in a timely fashion to a neutral third party, namely a federal court. Nevertheless, Cloudflare’s fight demonstrates that it is not unreasonable to require the FBI to relinquish some of its customary secrecy in national security cases.
Read more: EFF