Yahoo today unveiled the details of three National Security Letters (NSLs) it received from the FBI that demanded a laundry list of user personal information.
Yahoo said in a statement that the letters were received in April 2013, August 2013 and June 2015, with orders that the company could not reveal to the public or account holder it had received or responded to the letters. Each letter was associated with a specific Yahoo account.
The company was able to release this information due to the USA Freedom Act, which states the FBI must reassess whether an NSL's non-disclosure requirement is still needed and to lift the gag order if they are deemed safe.
Following is some of the information that was requested as stated in one of the NSLs.
- Subscriber names and related information
- Account numbers and date the account opened or closed
- Postal address and all phone numbers associated with the account
- Screen names and other online names associated with the account
- All billing and method of payment related to the account
- Credit cards and billing information
- IP addresses assigned to the account and related email accounts
- URL assigned to the account
- Any hardware-related information relating to the account, such as ISDN or DSL data
However, the web company did, or could not, supply all the information requested.
“Yahoo complied with these three NSLs and, to the extent we had the information requested, we disclosed it as authorized by law,” the company said. "Specifically, we produced the name, address and length of service for each of the accounts identified in two of the NSLs, and no information in response to the third NSL as the specified account did not exist in our system."