Case Document 145-1 Filed 11/22/16 Page 1 of 38 Exhibit 1 Case Document 145-1 Filed'11/22/16 Page20f 38 UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF CALIFORNIA TWITTER, INC, Plaintiff, Docket No. v. LORETTA et al. Defendants. UNCLASSIFIED DECLARATION OF MICHAEL B. STEINBACH I, Michael B. Steinbach, hereby declare as follows, pursuant to 28 U.S.C. 1746: 1. I am the Executive Assistant Director of the National Security Branch of the Federal Bureau of Investigation United States Department of Justice. This declaration is submitted in support of the United States? Motion for Summary Judgment in the above-captioned proceedings. Speci?cally, this declaration sets forth, to the extent possible at an unclassi?ed level, the bases for the Govemment?s determination that the disclosures plaintiff Twitter, Inc. (?Twitter?) seeks to make of \certain data regarding the United States? use of national security process, at issue in this civil action, reasonably could be expected to-result in serious damage to the national security of the United States.1 2. As the Executive Assistant Director of the National Security Branch, I am responsible for, among other things, overseeing the national security operations of the Counterintelligence Division, Counterterrorism Division, High-Value Detainee Interrogation '1 In a separate, classi?ed declaration, I have set forth a more thorough explanation of the bases for the Government?s determination. It is my understanding that counsel for Defendants will make the classi?ed declaration available to the Court solely for its ex parte and in camera review by lodging that declaration with the Cdurt Information Security Officer. For the reasons explained in the classi?ed declaration, disclosure of the information contained therein reasonably could be expected to result in damage to the national security. The FBI does not consent to its disclosure beyond the presiding judge. Case Document 145-1 Filed 11/22/16 Page 3 of 38 Group, Terrorist Screening Center, and Weapons of Mass Destruction Directorate. The National Security Branch is also accountable for the functions carried out by other FBI divisions that support the national security missions, such as training, technology, human resources, security countermeasures, and any other operations that further the mission to defeat national security threats directed against the United States. In this role, I have of?cial supervision over all of the investigations to deter, detect, and disrupt national security threats to the United States.- As the Executive Assistant Director of the National Security Branch, I have also been delegated original classi?cation authority by the Director of the FBI. See Executive Order 13526, 75 FR 707 (Dec. 29, 2009), Section Asia result, I am responsible for the protection of classi?ed national security information within the National Security Branch of the FBI and in matters affecting the national security mission of the FBI, including the sources and methods used by the FBI in the collection of national security and criminal information for national security investigations. To that end, I have been authorized by the Director of the FBI to execute declarations and af?davits in order to protect such information. . The statements contained in this declaration are based upon my personal knowledge, my review and consideration of documents and information available to me in my of?cial capacity, and on information obtained from Special Agents and other FBI employees. I have reached my stated conclusions in accordance with this information. Case Document 145-1 Filed 11/22/16 7 Page 4 of 38 I. SUMMARY As set forth further below, as an original classi?cation authority'l have determined that the information redacted from the draft transparency report prepared by Twitter, at issue in this case, is properly classi?ed and that its unauthorized disclosure reasonably could be expected to result in serious damage to the national security. The disclosures that Twitter seeks to make concerning its receipt of national security process are far more detailed than disclosures regarding national security legal process which are allowed under the United And Strengthening America By Ful?lling Rights And Ensuring Effective Discipline Over Monitoring Act of 201 5 Freedom Act?), Pub. L. No. 114-223, 129 Stat. 268 (2015), which sets forth four reporting options that electronic communicatiOns service providers may lawfully utilize, consistent with a declassi?cation decision by the Director of National Intelligence, to describe the legal process they have received. The Government has provided electronic communication service providers and others who are subject to national security legal-process, and the secrecy requirements that accompany such process, latitude to describe the process they have received in broad terms Without unduly compromising national security interests, as set forth in section'604 of the USA Freedom Act. But at a more granular level of speci?city, this information is properly classi?ed because its diselosure would risk far greater harm to the national security interests of the United States. As explained below (and in further detail in my classi?ed declaration), the disclosure of speci?c information concerning the amount and type of national security legal process received by a particular service provider, such as the kind of information that Twitter seeks to disclose, would provide international terrorists, terrorist organizations, foreign intelligence services, cyber intruders, and other persons or entities who pose a threat Case Document 145-1 Filed 11/22/16 Page 5 of 38 to the national security -- including not only targets of investigation but also those yet undetected by the Government -- (collectively, ?adversarie?s?) with a roadmap to the existence or extent of Government surveillance both at Twitter, and when other companies follow suit -- on any provider or platform.2 7. Such disclosures would provide highly valuable insights into where and how the United States is or is not deploying its investigative and intelligence resources, and would tend to reveal which communications services may or may not be secure, which types of information may or may not have been collected, and thus whether or to what extent the United States is or is not aware of the activities of these adversaries. Moreover, as such informati'onis disclosed in subsequent transparency reports, our adversaries would derive a clear picture?? not only of where the Government?s surveillance efforts are directed, including its current ability (or inability) to conduct surveillance on particular electronic communication service providers or platforms?but also of how its surveillance activities change over time, including when the Government initiates or expands surveillance capabilities or efforts involving providers or services that adversaries previously considered ?safe.? 8. Foreign governments and adversaries, including terrorist organizations, actively gather information to assess the Government?s capabilities, and seek to exploit any such information that they obtain. For example, if adversaries learn from which platforms and what types of information the Government seeks to collect, they can take'steps to avoid collection. Additionally, they can use such information to engage in deceptive tactics or disinformation campaigns that could undermine lawful intelligence operations of the United States, and to 2 If Twitter were permitted to disclose the granular aggregate data at issue here, the harm to national security would be compounded by the fact that other companies would almost certainly seek to make similar disclosures. As a result, our adversaries could soon obtain a comprehensive picture of the Govemment?s use of national security process._ Case Document 145-1 Filed 11/22/16 Page 6 of 38 carry out hostile actions that expose Government personnel to the risk of physical harm. In sum, and as explained further below, the disclosure of speci?c information about the United States? use of national security legal process will assist adversaries in avoiding detection by and in carrying out hostile actions against the United States and its interests. II. BACKGROUND TO LITIGATION A. Reporting of Aggregate National Security Process by Electronic Communications Service Providers 9. Prior to 2014, some electronic communication service providers (?providers?), including Twitter, publicly disclosed statistics re?ecting their receipt of Government requests for subscriber data pursuant to criminal law enforcement (as opposed to national security) process, including the precise number of each type of request that they received from the Government. These statistics, published in what commonly became known as ?transparency reports,? included, for example, numbers of grand. jury subpoenas and criminal search warrants served on the providers within a particular reporting period, typically on an annual or biannual basis. However, at that time, no provider published data regarding its receipt of requests for information made by the Government in furtherance of national security investigations by means of orders issued by the Foreign Intelligence Surveillance Court under authority of the Foreign Intelligence Surveillance Act 50 U.S.C. 1801, et seq., or national security letters under authority of 18 U.S.C. 2709, 12 U.S.C. 3414, and 15 U.S.C. 1681u and 1681v (collectively ?national security I 3 FISA provides different mechanisms for the Government to obtain foreign intelligence information in support of its national security investigations, including: Title I, for the collection of electronic surveillance within the United States; Title for physical searches in' the United States; Title IV, permitting pen registers and trap and trace devices; Title V, for access to certain business records; and Title VII, permitting collection of data for individuals located outside the United States. 50 U.S.C. 1801, et seq. Collection of data pursuant to Titles I, and VII of FISA includes the ?contents? of communications that would otherwise be subject to the Fourth Amendment (3. ., emails), whereas collection pursuant to Titles IV and of FISA include only ?non-content? data metadata, such as subscriber or transactional information). Case Document 145-1 Filed 11/22/16 Page 7 of 38 10. In June 2013, Edward Snowden, a former National Security Agency contractor, unlawfully leaked documents that purportedly contained classi?ed national security information to the?media, including information regarding US. Government surveillance programs (hereinafter, the ?Snowden leaks?). 11. Following the Snowden leaks, multiple providers expressed to the Government their desires . to correct inaccuracies in press reports and to address public speculation about the nature and scope of their alleged cooperation with the US. Government. At the time, the Government?s position was that the providers could not lawfully publish data reflecting their receipt of different types of national security process, unless the providers aggregated that data with the criminal legal process received, because the unauthorized disclosure of such information reasonably could be expected to result in damage to the national security and was therefore classi?ed. In 2013, ?ve providers ?led lawsuits with the FISC seeking relief from this prohibition. Speci?cally, Google, Microsoft, Facebook, Inc., Yahoo! Inc., and LinkedIn Corp. each sought declaratory judgments from the FISC to allow them to publish detailed . statistics? about the national security legal process served on them.4 12. The Executive'Branch also recognized the need to address the public interest in greater transparency in intelligence activities, consistent with continuing to protect national security. In June 2013, President Obama directed the US. Intelligence Community to declassify and make public as much information as possible about certain sensitive Government surveillance programs, while protecting sensitive classi?ed intelligence and national security information. See ODNI Press Release (Nov. 18, 2013), available at 4 Apple Inc. and Dropbox, Inc. ?led amicus briefs in support of the litigation by the other providers. Twitter was not a party to the ISC litigation. 13. 14. Case Document 145-1 Filed 11/22/16 Page 8 of 38 national security information. See ODNI Press Release (Nov. 18, 2013), availabfe at last visited Nov. 8, 2016). In August 2013, Director of National Intelligence James R. Clapper announced the ?rst new measure to implement this directive and allow for greater transparency by the Government. For each of the following categories of information, the DN1 stated that he would, in the exercise of his discretion, declassify and enable the release of aggregate data concerning the total number of orders issued by the Government and number of targets affected, on an annual basis, beginning with calendar year 2013: FISA Orders based on probable cause; Section 702 FISA Orders; FISA Section 215 Business Records Orders; ISA Pen Register/Trap and Trace Orders; and National Security Letters. See ODNI Press Release (Aug. 30, 2013), availabie at 91 -press-releases-201 3/922-dni- security-authorities (last visited Nov. 8, 2016). A second measure, to allow for greater transparency reporting by individual providers, was announced on January 27, 2014. On that date, DNI Clapper, in the exercise of his discretion, declassified and authorized the public reporting by providers, on a semiannual basis, of certain aggregate data concerning their receipt of national security process. See ODNI Memorandum for Distribution (ES 2014-0052) (copy attached as Exhibit 1). Speci?cally, Case Document 145-1 Filed 11/22/16 Page 9 of 38 individual providers: The number of NSLs received reported in bands of 1000 starting with 0-999; The number of customer accounts affected by NSLs, reported in bands of 1000 starting with 0-999; The number of FISA orders ordirectives for content, reported in bands of 1000, starting with 0-999; The number of customer selectors5 targeted under FISA orders or directives for content, in bands of 1000, starting with 0-999; The number of FISA orders for non-content, reported in bands of 1000, starting with 0-999; and The number of customer selectors targeted under FISA orders for non?content, in bands of 1000, starting with 0-999. Id. Reporting distinct national security processes in bands of 1000, in this manner, became known as ?Option One.? Director Clapper also declassi?ed the total number of all national security process, including all NSLs and FISA orders and directives, received by a provider within a 6?month period, if reported in bands of 250, beginning with 0-249, as well as the total number of customer selectors. targeted under all national security process, including all NSLs and FISA orders and directives received by a provider within a 6-month period, if reported in bands of 250, beginning with 0-249. Id. Reporting the total quantity Of all national security process received, in this manner, became known as ?Option Two.?6 15. As Director Clapper speci?cally noted, This data was properly classi?ed, and continues to meet classification 5 A ?customer selector? is a customer identi?er, i. 9., a phone number or e-mail address, on which the US. . . Government has or had the ability to collect data from a particular provider under the FISA. It is possible for one FISA order to contain requests for multiple customer selectors. 6 In addition, the declassi?cation only extended to data within a 6-month period ending at least 6 months prior to publication of the report and required a 2-year delay in reporting orders for a platform, product, or service for which the provider had not previously received an order or directive. Id. In other words, data re?ecting national security process received by a provider between January and June of 20 14 could not be published until January of 2015. 8 16. 17. Case Document 145-1 Filed 11/22/16 Page 10 of 38 requirements . . . and would require continued protection. However, under the present circumstances, including the need to facilitate transparency . . . I have determined that this is an exceptional case that outweighs the need to continue to protect this data. Id. (emphasis added).7 Thus, the DNI didinot determine that release of aggregate data concerning providers? receipt of national security process could not reasonably be expected to result in damage to the national security; to the contrary, his determination was only that release of such previously properly classi?ed data by a provider by means of one of the two Options outlined in the Memorandum would serve to diminish the potential harm to national security, in light of the strong public interest in the information. Contemporaneous with Director Clapper?s discretionary declassi?cation, and also on January 27, 2014, Deputy AttorneyGeneral James M. Cole sent a letter to the general counsels of the ?ve providers who had ?led suit in the FISC, further explaining the two new options available to them for reporting aggregate data regarding their receipt of national security process as a result of the declassi?cation. See Letter to General Counsels frOm Deputy Attorney General Cole (Jan. 27, 2014) (Doc. No. 1, Exh. 1.). The Government also ?led a notice with the FISC, informing the Court that the parties were stipulating to the dismissal without prejudice of the ?ve provider actions. In June 2014, consistent with his August 2013 directive and the President?s June 2013 directive, DNI Clapper declassi?ed and directed the public release of the ?rst Government report of aggregate national security process.8 See ODNI Press Release (Jun. 27, 2014), 7 Illustrative of this point, speci?c aggregate data concerning NSLs orders, even in quantities exceeding the ranges allowed under the January 27 framework, are classi?ed as Secret in the Department of Justice semiannual - reports to Congress. 8 The Government is uniquelypositioned to provide a complete picture of the total number of national security process issued and number of targets affected, in aggregate, on an annual basis, in a manner that responds to the public interest in transparency without disclosing .to adversaries .of the United States provider-by?provider speci?c 9. 18. Case Document 145-1 Filed 11/22/16 Page 11 of 38 available at 2014/ 1 1 47-j oint-statement?from-the?o dni-and-the-u-s-do (last visited Nov. 8, 2016). The report, which contains the aggregate number of NSLs and FISA orders (broken down by type of order) issued by the Government during calendar year 2013, was initially classi?ed at theATop Secret level, but subsequently declassi?ed by DNI Clapper on June 23, 2014. See ODNI Statistical Transparency Report Regarding Use of National Security Authorities Annual Statistics for Calendar Year 2013? (Jun. 26, 2014), available at (last visited Nov. 8, 2016). Similar transparency reports were issued by the DN1 for calendar years 2014 and 2015. See Statistical Transparency Reports Regarding Use of National Security Authorities, available at I 14 and 5 (last Visited Nov. 8, 2016). These reports provide the annual numbers of: FISA orders/applications and estimated number of targets affected, broken out by relevant Titles in and (2) NSLs issued, and requests for information within those NSLs, across all relevant statutory authorities. As the Executive Branch implemented the above-described measures to effect greater transparency regarding the Government?s use of national security precess, Congress was'also considering (between 2013 and 2015) various bills related to this issue. The bills were introduced to address developments affecting the Government?s use of national security information that, as described in more detail below and in my classi?ed declaration, could be readily exploited by our adversaries to the determinant of the national security. 10 19. Case Document 145-1 Filed 11/22/16 Page 12 of 38 process, including the public interest in greater transparency following the Snowden leaks, the President?s directive for greater transparency, and the decision of the Second Circuit Court of Appeals in Doe v. Mukas?y, 549 F.3d 861 (2nd Cir. 2008). During this process, Congress invited review and comment by the White House and the USIC in order to ensure appropriate consideration of the United States? national security concerns. These efforts culminated with passage into law of the USA Freedom Act. In Section 603, the USA Freedom Act codi?ed for the ?rst time, at 50 U.S.C. 1874, the manner in which providers may report aggregate data re?ecting their receipt of national security process. This section sets forth two reporting methods that are identical or very similar to the two options that were previously available to providers, see 50 U.S.C. A 1874(a)(1) and (3), as well as two additional reporting methods, see 50 U.S.C. 1874(a)(2) and (4), which allowed for even smaller reporting bands.9 A 9 Under the statute, providers may lawfully choose to publish their receipt of national security process in the following ways: In a semiannual report, in bands of 1000, beginning with 0-999, the- aggregate number of national security process received during a 6-month period, within each of the following categories: - customer selectors targeted by FISA orders or directives for content; customer selectors targeted by FISA orders or directives for content; FISA orders for non-content; and customer selectors targeted by FISA orders for non-content (previously Option One); or In a semiannual report, in bands of 500, beginning with 0-499, the aggregate number of national security process received during a 6-month period, within each of the following categories: customer selectors targeted by FISA-orders or directives for content; customer selectors targeted by FISA orders or directives for content; FISA orders for non-content; and customer selectors targeted?by ISA orders for non?content; or In a semiannual report, in bands of 250, beginning with 0-249, the aggregate number of all national security process, including NSLs and all FISA orders and directives, received during a 6-month period (previously Option Two); or In an annual report, in bands of 100, beginning with 0-99, the aggregate number of all national security process, including NSLs and all FISA orders and directives, received during a 1?year period. 11 20. Case Document 145-1 Filed 11/22/16. Page 13 of 38 On July 2, 2015, Director Clapper, declassi?ed data related to national security process received by providers if publicly reported in a manner consistent with the provisions of the USA Freedom Act. See ODNI Memorandum for Distribution (ES 2015-003 66) (copy attached as Exhibit 2). As with his January 27, 2014 discretionary declassi?cation, Director Clapper noted: While the newly declassi?ed data had been properly classi?ed and indeed continues to meet the classification requirements of Executive Order I 3526 for ongoing protection, I have determined that this data presents an exceptional circumstance that outweighs the need for protection. Exhibit 2 at 1 (emphasis added). Thus, in accordance with the declassi?cation and as provided in the USA Freedom Act, providers may now choose to publicly report information about the quantity of national security process they receive in one of the four ways noted above. 21. 22. B. Twitter?s Draft Transparency Report In May 2013, prior to the discretionary declassi?cations or enactment of the USA Freedom Act, Twitter began expressing to the FBI its desire to report aggregate NSL statistics in Twitter?s transparency reporting. In response, the FBI asked Twitter to provide, in writing, a proposal for the publication of aggregate NSL data. Approximately one year later, on April 1, 2014, Twitter sent a draft proposed transparency report (reacted version attached hereto as Exhibit 3 and previously ?led with the Court, see Doc. No. 21?1) to the FBI, seeking advice from the FBI as to which, if any, parts of the 50 U.S.C. 1874 Similar to the previous allowable reporting options, providers may only issue reports covering a 6-month or 1-year period, depending on which option they choose, the last day of which period must be not less than 6-months, or 1- year, prior to the date of publication.of the report. Further, providers are prohibited from reporting receipt of any national security process relating to a platform, product, or service-for which they had not previously received an order or directive until 540 days (18 months) after the date upon which the order or directive was received. 50 U.S.C. 1874(b). 12 23. 24. 25. 26. Case Document 145-1 Filed 11/22/16 Page 14 of 38 proposed report are classi?ed and which could be lawfully published online. The report contained data re?ecting the speci?c numbers and types of national security legal process that Twitter had receiVed during the preceding six month period, from July 1 through December 31, 2013, in ?gures much smaller and more precise than had been declassi?ed as of that time or today. - By letter dated September 8, 2014, the FBI General Counsel informed counsel for Twitter that, after careful review of Twitter?s proposed transparency report, the FBI had concluded that information contained in the report was classi?ed and could not lawfully be publicly released (attached hereto as Exhibit 4 and previously ?led with the Court, see Doc. No. 1-1). The General Counsel Speci?cally identi?ed the information in question, informing Twitter that its proposed report, ?would disclose speci?c number of orders received, including characterizing the numbers in fractions or percentages, and would break out particular types of process received . . . inconsistent with the January 27 framework? did not fall within Option One or Option Two), and thus, would disclose classi?ed information. On November 17, 2014, the Department of Justice provided Twitter, through counsel, an unclassi?ed version of Twitter?s draft transparency report from which classi?ed information had been redacted. See Notice Regarding Classi?ed Document (Doc. No. 21); Exhibit 3. In its Second Amended Complaint in this civiliaction, Twitter asks this Court to issue an order declaring that the data redacted from its draft report is not properly classi?ed, and that . Twitter may therefore lawfully publish that information in the draft transparency report and similar information in future transparency reports. I CLASSIFICATION AUTHORITY AND DETERMINATION The conduct of national security investigations, and the collection, production, and 13 Case Document 145-1 Filed 11/22/16 Page 15 of 38 dissemination of intelligence to support counterterrorism, counterintelligence, and other US. national security objectives requires the FBI to collect, analyze, and disseminate information eligible for classi?cation under Executive Order 13526. i 27. Section 1.1 of Executive Order 13526 provides that information may be originally classi?ed if: (1) an original classi?cation authority is classifying the information; (2) the information is owned by, produced by or for, or is under the control of the Government; (3) the information falls within one or more of the categories of information listed in section 1.4 of the Executive Order;10 and (4) the original classi?cation authority determines that the unauthorized disclosure of the information reasonably could be expected to result in damage to the national security, and the original classi?cation authority is able to identify or describe the damage. 28. The decision whether to classify or declassify FBI information, including but not limited to whether the FBI has conducted or is conducting; an investigation, the amount and nature of intelligence that the FBI may have collected during an investigation, and whereland how that intelligence was collected, is based on a variety of factors and considerations that are weighed by of?cials, such as myself, who have been delegated original classi?cation authority. In weighing such factors, some of which are subtle and complex, I assess whether 10 In addition to the categories listed in section 1.4 of Executive Order 13526, the Federal Bureau of Investigation National Security Information Classi?cation .Guide provides guidance concerning the classi?cation and level of protection afforded to FBI?originated national security information. The NSICG is issued under authority of Executive Order 13526; Information Security Oversight Of?ce Directive Number 1 (32 CFR Section 2001.10); Department of Justice Security Program Operating Manual; the FBI Security Policy Manual; and the designated Original Classi?cation Authority of the Executive Assistant Director, National Security Branch. The NSICG identi?es categories of information frequently obtained in the course of national security investigations and intelligence analysis and provides guidance on whether information in these categories should be designated Unclassi?ed, Con?dential (C), Secret (S), or Top Secret (TS). The guidance regarding these categories re?ects the considered judgment regarding the measure of harm that reasonably could be expected to result from the unauthorized disclosure of the categories of information addressed therein. Under the NSICG, information is classi?ed as SECRET if it pertains to investigative methods or techniques used in counterterrorism or national security investigations, including the use of national security legal process, where disclosure of that method or technique would, if made public, reduce the effectiveness of that technique. 14_ 29. Case Document145-1 Filed 11/22/16 Page 16 of 38 the disclosure of information, at any given time, may lead to an unacceptable risk of compromising the past or ongoing intelligence gathering efforts-with respect to a particular investigation or investigations, and whether disclosure may lead to an unacceptable risk of compromising investigative sources, methods, and/or techniques, and harm the national security of the United States. My assessment and judgment as to the harm to the national security that reasonably could be expected ?om disclosure of information in any given case or time is affected by whether a mosaic of information may be pieced together by adversaries of the United States, both individuals and groups, which could allow them, for example, to better evade ongoing inVestigations and/or more effectively formulate or revise their counter-surveillance efforts, among other things. As anoriginal classi?cation authority, I have determined that public reporting of data re?ecting the quantity and type of national security process served on an individual provider, in a manner that is more detailed or disaggregated than the methods of reporting which have been declassi?ed by the DN1 and allowed under the USA Freedom Act, is properly classi?ed under the criteria speci?ed in Executive Order 13526. Speci?cally, information concerning national security legal process was produced by and for the United States Government during the course of and in furtherance of national security investigations and is under the control of the Government. 13526 section Disclosure of the more detailed and disaggregated information at issue in Twitter?s report reasonably could be expected to result in damage to the national security, and it pertains to intelligence activities, E0 13526 section foreign relations or foreign activities of the United States, EO 13526 section and vulnerabilities or capabilities of systems, installations, infrastructures, project, plans, or protection services relating to the national security, E0 13526 section Accordingly, - 15 30. 31. Case Document 145-1 Filed 11/22/16 Page 17 of 38 and as an original classi?cation authority, I have determined that the information that Twitter seeks to publish data re?ecting its receipt of national security process with a level of speci?city that is far more granular than has been declassi?ed by the DN1 and allowed by the USA Freedom Act was properly classi?ed at the time that Twitter?s draft transparency report was received by the FBI in 2014 and continues to be properly classi?ed at this time. IV. 0F DISCLOSURE The remainder of this declaration addresses why disclosure of the information that Twitter seeks to publish reasonably could be expected to cause serious damage to the national secnrity. I address this topic in more detail in my classi?ed declaration: In unclassi?ed terms, the data Twitter seeks to disclose in its draft transparency report for 2013 and in ?lture transparency reports is far more speci?c, detailed, and disaggregated than the aggregated data that the Government has declassi?ed and the USA Freedom Act allows to be disclosed. As a result, the public disclosure of this data regarding receipt of national security process reportng within the narrow ranges proposed by Twitter, or as numbers representing the speci?c quantity and types of process served on Twitter during a speci?c time period, or whether it has received zero of a particular type of process) would allow our adversaries and targets of investigation to piece together a mosaic of information that would provide them signi?cant insight into the US. Government?s counterterrorism and counterintelligence efforts and capabilities, including the lack thereof, with respect to Twitter and, by extension, any other provider that is permitted _to publish similar classi?ed information concerning national security legal process. I Armed with this information, adversaries can reasonably be expected to take operational security measures to conceal their activities, alter their methods of commUnication to exploit l6 32. 33. Case Document 145-1 Filed 11/22/16 Page 18 of.38 secure channels of communication, or otherwise counter, thwart, or frustrate the ability of the Government to pursue them. These measures would undermine both'current and future efforts by the Government to collect foreign intelligence and to detect, obtain information . about, or prevent or protect against threats to the national security. Moreover, adversaries would be able to use transparency reporting not only to ascertain the direction and focus of past national security investigations, but also to proactively exploit transparency reporting to detect and thwart current and future surveillance by the Government. Furthermore, and as noted previously, the harms from such disclosures would be compounded if other electronic communication service providers were permitted to make similar detailed disclosures regarding their receipt of national security process in the manner that Twitter seeks to make. If the Court were to grant Twitter the relief it seeks in this case, other providers would almost certainly seek to make the same types of disaggregated, granular disclosures regarding their receipt of national security process. Each such discloSure would provide an additional ?piece of the puzzle? that adversaries could use to evaluate the Government?s collection capabilities and vulnerabilities, as well as its investigative practices, and enable them to take operational security measures to avoid continued and future investigation and seek secure means of communication. My determination that detailed disclosures of the kind Twitter seeks to make regarding receipt of national security process would be expected to harm national security is informed by the use of social media, including Twitter, by terrorist organizations and other adversaries of the United States to further their illicit aims and efforts to harm the United States. Social I media and the Internet have been used by adversaries for communication among operatives to facilitate and plan terrorist attacks, espionage, and other conduct which threatens the 17 A 34. Case Document 145-1 Filed 11/22/16 Page 19 of 38 national security. For example, with respect to Twitter in particular, the Islamic State in Iraq and the Levant has used Twitter extensively to broadcast videos of beheadings of Western hostages and others. In fact, when Twitter removed such videos from its platforms, ISIL threatened to retaliate by murdering Twitter employees. See, 6. Lizzie Dearden, ?Islamic State: ISIS fanatics threaten terrorist attacks on Twitter employees for shutting accounts down,? The Independent, available at (September 10, 2014) (last visited Nov. 8, 2016). Accordingly, the Government may choose to serve Twitter with national security legal process to obtain information in furtherance of national security investigations into such' conduct or similar activities. My determination that detailed disclosures of the kinds Twitter seeks to make regarding national security process would be expected to harm national security is also informed by efforts that terrorists, hostile foreign intelligence services, and other adversaries undertake to thwart surveillance by. the United States. The FBI has long known that adversaries gather publicly available information to learn about the capabilities, sources, and methods of US. intelligence and law enforcement agencies, in order to take countermeasures to attempt to limit the effectiveness of these capabilities, source, and methods. Numerous open sources have reported regarding extensive use and exploitation of the internet by terrorist organizations. In 2003, for example, then Secretary of Defense Donald Rumsfeld reported that an Al Qaeda training manual recovered in Afghanistan instructed that, ?[u]sing public sources openly and without resorting to illegal means, it is possible to gather at least 80 11 ISIL is sometimes referred to in media reports and elsewhere as the Islamic State or the Islamic State of Iraq and Syria 18 35. 36. Case Document 145-1 Filed 11/22/16 Page 20 of 38 percent of all information required about the enemy.? See, Gabriel Weimann, ?Al- Qa?ida?s Extensive Use of the Internet,? (Jan. 15, 2008), available at (last visited Nov. 11, 2016); Timothy L. Thomas, ?Al Qaeda and the Internet: The Danger of ?Cyberplanning,?? (Spring 2003), available at (last visited Nov. 11, 201 6). In addition, among other documents that US. Government personnel found at Usama Bin Laden?s compound in Bakistan in May 2011 were publicly available criminal complaints ?led against several FBI subjects, and a 2010 letter from Bin Laden directing that certain classi?ed cables made public by Wikileaks concerning Pentagon policy be downloaded from the Internet so that he could analyze the materials. See ?Bin Laden?s Bookshelf,? available at (last visited Nov. 11, 2016). Just as those documents were accessed in an effort to exploit information for use against the United States, we must expect our adversaries to obtain and exploit information regarding national security process contained?within transparency reports. The granularity of the data that Twitter seeks to publish would reveal or tend to reveal information about the extent, scope, and reach of the Government?s national security Collection capabilities and investigative interests including its limitations and vulnerabilities. By contrast, the allowable bands by which providers may report aggregate data regarding their receipt of national security process are far broader and more general. As discussed above in Section both the DNI declassi?cation and the provisions of the USA Freedom Act permit disclosure by recipients of national security process of aggregate 19 37. Case Document 145-1 Filed 11/22/16 Page 21 of 38 numbers of NSLS and FISA process in four different formats. Two of the reporting options allow for separate reporting of NSLs and content and non-content FISA process, in broad bands of 1000 or 500; and two of the options permit reporting in narrower bands of 250 or .100, but require that NSLs and FISA process be reported together. See Section 603(a). The disclosure of data in smaller bands would tend to reveal whether the Government does or does not have a signi?cant presence and investigative focus on communications occurring on a platform, and changes in those numbers Over time would tend to reveal an increase or decrease in collection signaling that the platform is a more or less safe channel of communication. Also, reportng that differentiates between types of collections content or non?content tends to reveal sources and methods regarding whether and to what extent the Government is or is not collecting certain types of information on that platform. And, again, future reporting would reveal contrasts with prior activities that may show additional or different types of information collection, or that certain types of information are no longer being collected. In addition, all of the bands in the USA Freedom Act begin with zero, rather than one (each option is 0?999, 0?499, 0?249, or 0?99, respectively). These bands begin at to mask whether a company has received a particular type of legal process (for example under different titles of FISA) which may re?ect different collection capabilities and focus on that platform, different types of information collected different locations of potential targets (domestic or foreign), and thus would present a more detailed picture of the scope and reach of the Government?s sources and methods of collection on that platform and others that disclose similar granular data. 20 Case Document 145-1 Filed 11/22/16 Page 22 of 38 38. For these reasons, and as explained further in my classi?ed declaration, Twitter?s proposed disclosure of the information redacted from its draft transparency report would harm national security by revealing details regarding the Government?s technical capabilities and investigative interests, or limitations and lack of investigative focus, thereby providing adversaries valuable information that they will likely seek to exploit. V. CONCLUSION 39. In sum, I have determined that the public disclosure of the detailed data that 'l?witter seeks to disclose concerning its receipt of national security legal process could reasonably be expected to cause serious damage to national security and such information therefore is I currently and properly classi?ed. I declare under penalty of perjury that the foregoing is true and correct. Dated: November 2 97- 2016 MJE Michael B. SteinbaCh Executive Assistant Director National Security Branch Federal Bureau of Investigation Washington, DC. 21 Case Document 145-1 Filed 11/22/16 Page 23 of 38 (U) Exhibit 1 Case Document 145-1 Filed :11/22/165Pag?z?461538?; '3 if . To? TllE :3 0' 20511 '1 i. Dist?butio'n 2:.4 .1 United States tO'Telecommunications Companiesgforcustomeri g: fromtheForeignelntelligence . 5- - S?ryeillanc'e Act ?nd-With Nation?l'Secnrity Letter(B) ExeeutiVC . .: ., Na?on?l?e'cfurit?v 1' 1, Consistent with at may :t'a g. - deelaSSify and niake public as informatibn as - I: my statute?ry leig'atipngt?o protect intelligence searees and-metho?s (RefelfenCe-(AD; and References-(Bi) ?ie'deelassi?datiOnof'certain data'telhted? _fto:requeStS by:the Unitedetates tn Communica?enfpro?de?s for .Customei'iinifOrmntion:under ,f orders'frOm- the Ferelgn Intelligence Stirveillande' Aet and with national security letters. I managing data isjaeclyas'si?ga j. I: @1006th report-ediihlbandsj- bf '1000s'tarting with, 05999; I 5' of .33. 1 :t s'tai?ng wim?0r999} bands 'n - The number of customer ?eleCters targeted tinder PISA cententerder'S, in bands'ef 3 I . . 1000 ?startihg-with?O-999; . .. numbeifief-?FISA elders fernonyeentt'?ntgtepefted in if. 'o'f elustoniel; S?el'eetots'tar'geted' under hands; If . 1.000 Starting-With 0?0999. - This dam'may be tequinedin six Inonth intervals, g-The data set t6 PISA 1 .: Orders is_declassi?ed_on1YWhen relen?ed after I - .I -Case Document 145-1, Filed 11/22/16 ipagezs o3f'385, :35, i" I Fer data relating to the ?rst order that is Served on a company forirplatforrn, 5 . serviceiwhether developed-or acquired) for whi?htlie'company has not preViou'31y received. such . - 7 an order, and 'that'is designated by the government'as a "New capability Order? because .dis?19Sins' it would ewes-is?subjec?tm previceuslyi - . . .iiundi'scloised collectionthrough PISA orders, there willibe aidelayoftwo years beforeiithegdatafis; 3- I - declaSsi?ed. After data aboutja New Capability order has- been published; that - no longerlbe considered-NewCapability,-arid the ;ordinary-6-month- delay will'apply-for' I gdeelassig?Cation and release. not ap?lyto af?FISAorder'directedi '3 I I I I ?enhancement to or iteration ofan platform, product, for. 3 {1 'seryice A i Ihaye-declassi?ed-t?hetotal nurnher' "including all N315 and PISA orders, reportedias; a-singlenurnber in the followingbandst?O-249. i 1' - - and thereafter in. bandsrof 250,- and-the 'total- number-of cuSto'mer selectors targeted under all" T. '5 national security process, including orders, repertedasa single number inthei . -- and thereafter in bands Of 3' r' . 'Refer?n96 Continued promotion; Present: Circumstances; including the neCdEtO- I i '5 . providers, I have determined that this is an eXCeptiOnal Case that need to Continue, '7 to protect this data. The declassi?cationre?ects the Executive BranCh?s continuing cemm'itment - This-data ?was continues to meet the classi?cation reguirementsi-?of . to making information about-the Government?-s? intelligenceactivities publicly available where. -t ?5 Tappmp?ats - C'S_t_ates. I __:guides that may be affected are. updated accordineg; an Please?comact Ms. Jennifei'Huds-on, Directbr of infciahnation: i i I 38085, oryia Ermail at'JenniferHudson with any questions". :3 fDate: I 3 Natio?alSecu?ty Staff: I. - ?DitfeCtor', Central} Intelligence. Agency. A '3 Director, Defense? Intelligence Agency'- 3 Dire?tm?a?onal' Gebspatial Intelligence Agency - and sonsist'ent'with ensuring the prdt?ction. of the national S??lirity presumed g" I 1. Debmmen'ts and-Agencies 815811 ensuie? individual- age?c'y'or' Cass Document 145:1" Filed? 11/22/16, ?P?g'ez'a 6138:. 3" Directsr,'Natiqhal Recoilnaissanbetomc? A - .Direct_0r; National Security Agency '4 Under Secretary of D?fe?Sc for Irit,ellig?nc? l' As'sistan'tSeCEt?ry?fOf Intellig?nce'and'Research; D?pa?rimerit ofS.taf? h' for Intelligence Analysis; Departm ?ntOfHd_nie1and Executive Assistant Director, National Security/Branch; Federal Bu?eaufof Investigation; i of of Energy .Chicfof Imeiligencelseniof Of?cer; Agency A for Int'elligenceaUS-Anhy of US MdrineiCoip's.? '3 I Direbtdm 6f NaVal'Inthligehce; US Nays} ji 2' - Deputy Chiejfof Staff.f0r. intelligence; surveinanmgand Emma-133m; migk'?bice" Assistant _'C0nunandant font and Criminal Chas; Guard 3 1' - - Assistant-Attomey?en?ral for National Sedu?tyibeparngehtof-Jpstice . Case Document 145-1 Filed 11/22/16 Page 27 of 38 (U) Exhibit 2 case Docume'ht 1:45-31 Filed 11/22/16 fade-2'8 drag], 7 UNCLASSIFIED .2 i. Nt-xii?mmil {mm ICENCE 2031'] 1138-2915-00366' . - MEMORANDUM mu; 3. Dam-I?m j. ?gf :States . 7 'Inforrttation under Orders Issucd'Pursuant to' the Ferei?gn' . . Intelligence Surveillan?qACt - Actof'1949 I Executive Order- 12,333,; as amended,_United . Activities. . - Izlnfoi?matibnv Persuanttd ReferenceslBahd Cland'eens?istehtiwith p'r'o'tect -i A . intelligence sources and methods-(Reference A), Lam prieertiairt j} d?ta relatedto roguests by the United States to'commUnicatiOn'providers? for chstomer ?in?fbnna'tipn issued pursuant t6 the Ferei'gh ?lhtelligcntie .2. ?unde'r natidnal security letters; As described in' more detail below datav'publicliy :epp?ned in 'a -: II I mannereoh?istent with the-'p'rbyisiens bf Sectioh' 604 Of?the added?by section 603 (if thief?:- USA Freedgm'Act 'of 2015(Attabhmeht to the extent c?rrehtly. claLgSi?ed, is hereby - -. - 1 some of the data eevered Section 603 ofthe USA Freedom 'Actgivas preVimsly" I 3? declassi?ed on 27 anuary 2014 my deClaSsi?eatiOntoday cevers "additional 1? '3 data. declasS?i?ed data had been andzindeed'eontinuesto' . - . meet thejclatSSi?'cation requit?ements 10f Executive Order] 3526b: ongoihg prote?etion, I have -- - - - - ?detennihed that this;dat_a 'pre36nt_$ an exceptional circumStattce that outweighs Ithe'necdzfor' proteCtion?; This dcclassi?czition reflects the-ExecutiVe Branch?s' Continuing commitmentto I. making'infd?rmat?ion about the Government?sint'elligenee activities publicly" available where? ensuring the'protec-tioh of the national security ofthe-United'States."' The data describedbelow is .declasSi?edwhen, acommuniCationgprevider Subject {9 a; I . - nondisclosure requirement accompanying?a-FISA order or_directiVC,30rjanational securityreports the dataz'using .one? of the fe'llgwihggfout? struCtutesz? 4: i Ca?e Documeht 1245-1 dfisgf 137- .3 SUBJECT: DeclaSsi?catiOn; Ccn'ain Data Relat?dto 'chlicsts by lhe'IUhited Stags t6 1 f' 1 Companie?s'foerus'tomdr Information-uner Pursuant .j . :j tothefF?Jr?ignIntelligence ShrircilrlanseiAictjand-imd?r. Nati?nf?l. Setu?iy Lelia-3?. '1 A The stanihg with 04999;: ZB- taigct?d bynatifo?alfs?c??ty ?l?tteirs?'r?p?rl?d?i? I The chbi?ed number of bidersfo: dir?ctiveSrjreceiVed'fof - i: in bands of $130.0 St?ftiDgWiIhZO?999h I . he ?ombined3 numbet bf ?cm-stoma: tai'gated: '61; - directives r'ecgixf/ed chtents, rapqrt?ediin bands of 1,000 slartirig with 0?999; I - The hutnb?lfiof?FISAm?d?r? tcc?ixled goni?ljnt?nf, f?pb?tcd If I . .- The (inlets 7 7 I g} - . fd-a'tailnay b?;r?pcll?ted ?lonlh 'lo FISA orders and directives is declassi?ed only when released-after'a 1,80Lda'y delay between I the i'el?'as??dat? and the peticjd r?l?a'sez big?pt thatWith'f?spp'clliof g1 platform'gg -: - . prbdujci,? o?LService for whichja prdvid?r did: not'previouS'ly rc??iv?e order} I ihcludin'g an enhancement to'or iteration of .?fin "existing- publicly-available 'Qr- service) su?ch'repon shall not includevan'y i?nfon'natiOn relating to such?new' Order or'dircct'ivc? ?.1unti'1549'd'ais ?ft?tir'the h?w;z?rd?rf??dire?tiveiis ?fth: 'fi 5: .ab?ovc' relating to national security letters fonly the :date is l_es$ Ithan i I 180 days from the feccipl {of the hatio?hgl ?eq'urity l?tlg?r." Structure '2 - ?T?e?nurhb??i'oif n?ti?n?l lettefs Starting '5 . 5 .- - With 0?499; bands of 500 Starting With 05-499; 6 humher?of: ?custdm?f selcdors largcigd by nati?nalsbbujrityekillers; C.- "-I?he combinednumber'of-FISA orders??r?gircctiylcg receiyietl for 9 9 ?i 2 .in bandsp'f 500 starling'with 075499; 3 - UNCDASSIFIEDHQ 5 _a,7f3 I g? 1 Relit?didRequests by-?the, United Stagg? to g? Case Document 12151 Filed 11/22/16. *pagje 3'9 . 1 I .Teleeommuhieatiohs Companies Under Orders-Issued Pmsuant ,f -. l' .to ?ie'For?ig?n Intelligence. surveillance Actan'd under. Nait?i?n'?l .Scicurit'y Letters} i The Ic'ombi'nedilnumherI 10f ch?tomet SelecItOrs targeted uhdclefSIA: I: directives receiVed,.IrepoIrted.Iin 500 starting With'04499g HI .I The nnmbetofFISA-btders :received ?for Emma thbahd's 0:501)" :3 . 044991; and 4 . I13 content-reported .I _'I'his;data may only six-menth jhteryais; The data seIIforth' above relating. to FISA orders and directives is declassi?ed on'lywhen released after 17804da'y'dela'y between I'I'theIlreleaSe?dete Ith'e that3W'ith'fespeCt'to'Ia '2 I I I pIr'oduIct, Ifor whieh'a ptdvid?r did; nqtipneviOQS'ly receive. order .01- Edirc'citivei (not i .- . including enhancement to or itcfati'oh of an existing publicly-available service) such'report shall not include any information re'lzitin'gt?o such'?ew erdef or'direcfive? 'e numbergo'f customer" Selectors targeted under-FTSA' erdefs nod: 7 l' . _unt115?4p'days after me ?date on whiI'thsp'ch re??1v?a. ma, data: set forth: jg: I . above-relating to national see?urity letters-is theirelease {dime less! I 3- I I If. 180 days-frem the national-swam); letter. - - I I ~Slruetu're3. The-total. ??niber of all includihgial'l- n?iio'nah '5 . '1 . - security Ietters, orders and directives; reported iIn'band? of 250 gaming I I. -, .1 The total-number of IcuStomte seleQIOfS targdeid Utildcf natignalts?cmity-I .1 1 process received, including all national Security and FISA'Zor'd?ers? and: 3' I directives, 'r?eperted'in. b??ridsof 250 I I I - 3" This-data may Thi? f' . I - declasSi?e'd?only when the releasedate less than '180 days from :lhe' receipt of the national I. '-_securityletter'S-trh?cturel4 .l A. The tetal-v?umber of all hhtiOnal-Secur'ity proceSSI'rccreived, including-all national - - security letters, and FISA orders and difeetivcs,?Ifcported Iin? bands Ide .100. starting; -: E. B. The'totzil number under allnatiOHal geeu?tyi I '3 I. I I A process received, including an: national 'anId FISA?oIrdersand- . 'v directives," rIepo'ned ir_1 bands-:Qf 1.00 with 07-99 Ca's'e Docum?ht 1454]- 6f383'1f 3' ?Deelassi?c?a?eni' CertziinjDatla ?nited ?sfatgjg'm; .TelecommunicatipnsCompanies for customer-Infomation, und?r Orders issued PurSgamf' - 3: . to-the; Foreign Intelligc'xicc SurVeillahcc' Act and?under? National S?cilrity Letters 7 date may only be repe?cdjh :Th??id?ta: - i when released afte; a enefyear?delayibctwee? date and the period- IA - . - jnepmemand . j'Ple?se cdnfact?MSe'Ehnjfetr'. fat (703) 87448085 or via any questions. . - 311;.7 v? i: @755? {1:7 Date7.1; Act of?2 :15, Section 603 . 2;.Directjor of National -: - - - -- Dem-Related to. Reqy?gts by {he Spare; IQ 3 Customer Information under Orders from the Surveillanbe-Ac?tland with; Nariont?zzsemri'tyLehers:Cas?e Decuineht 14.5411 hiss}. 7 7 . $03113ch?Deciassi?Caticha-cmm Data Rented -. g'f' TelecommunicationsCompanies for Customerlnformatim under Orders Issued Pursuant . "to-the-Foreign Intelligence Surveillance Act' and 'under?Nat'ional' Security notich - 'Distributio'n: 'National. Security Council'Stziff Director; Central Intelligence Agcne'yj Director, Defense Intelligence Agency: IntelligeriCe'Agency - Of?cer ?j Director, NatiOnal Security Agency 7 . Under Secretary of Defense'for IntelligenCe - - AsgistaintS?crctary for Intelligence andResearcha Departmenth State? - Under Secretaryr forIntellig'enCe and Analysis, Department of Homeland, Security 1: i Executive AssistantDirectbr;National security BureauoflnveStigationi? Intelligence and Counte?ntelligence; Department?of?EnergyV . .- Chief Agency. Assistant seereta'ry ?fo'r Inte_1ligence?_alid_ Director of Naval Intelligen?eg US Navy - - ?Director of Intelligence,"Headquarters US Marine corps' I . - Deputy Chief-of Staff for Intelligence?, Surveillance: and'Reconnaissance, US-AirForcc-t 'AsSista'nt Cemmandant-for Intelligence and?Critriinal Investigations, US?Co?ast Guard 1_ AssiStzint Att?i?ncy Genet-:11. for National Security, Depa?me'nt'ofjlus?tice '3 ?3 Case Document 145-1 Filed 11/22/16 Page 33 of 38 (U) Exhibit 3 Case Document 145-; Filed 41/22/16 Page 3:4:ozf138LZI- 35? ch- '5 Empowering user's surveillance,? . . 2014 By I . .I [title] [time], - "'TWitter is a unique globalplatform.? 3"lt provides a public voice to people all over the -- world?people who inform and educate others. express their individuality, and seek. - positive change. Because we are committed. to free expression, - our users? Iright to know when others threaten their privacy and their freedom to? 2' communicate by trying to. unmask them or seeking other information about them. Like all companies, Twitter-can be compelled by. court ordersan'd other'm?eans' ?2 ?3 a to release user information to the government: unless our users understandhow? - much, how often, and what kinds of information Twitter'is forced todiSclose, our users cannot make-informed decisions when posting their oftencourageous - - . Tweets. Therefore, it is vital that Twitter be transparent with its users and?be able to_- I .- I communicate this information in a manner thatIis relevIa?nt,I understandable and useful, I- For the pasttwo years. Twitter has published'a Transparency Reportr'which includes 3? I aggregat?e'numbers of requestsfor account information received 'fromItheIUS. I7 I government and from other'governments around the world. However, our reporting I has not included US. national security requests such as National Security Letters It. I court orde?rs'issued'pursuant to the Foreign intelligence S'urVeillance Act The. truth is that from January 1. 2012. to December 31, 2013. the 1 government issued a ofnational security re'que'Sts to Twitter for information concerning its users and their communications. during this period. The primary'reason for this I. I- II volume is'that Twitter's platform is inherently open, and almost all communicatiOns .I- 6 are broadcast publicly for everyone to see. (in fact, only a small number of I . "protected" Tweets and direct messages are not publicly available'for Ian?to .r .I this way, Twitter?s'situation is quite different fromthat of other'communications gr I providers; such as Web-based email services, where most communications are I-Z I p?rivatef I I Recently, in order to settle a lawsuit-brought before the secret court-the government agreed that companies could disclosetheirreceipt and I II . orders separately. for six?month periods. in nonsensical ranges NSle are lumped together with orders, in ranges of 0?249: thably, this agreement". I does not even permit a company to state truthfully'thatit has not received any I national security feqLJests; or any ofa particular kind of national security'request} .: when none have been issued Case Document 145-1 Filed gage-.35 Given thejrecentdisclosures regarding U._S.government surveillance'aswelliasloun: I'governiment's related'statements and selective declassifications. Tw.itter needs tone. in a position to dispel our users' fears .and provide meaningfulinformationabo?ut the: 1 ?ll-mittatscope of US. surveillance on its platform. The current governmentpoticy forbids us from responding toone-sided governmentspeech andiforce_s:US' _35 our users by reporting overly broad ranges of requests. Forcing Twitter louse only government?sanctioned speech is wrong and. unlawful.. lt is harmfulto the pumice}; trust'i'n Twitter._ and it violates Twitter's First Amendment rightto-free speech; -- I We want everyone-to know that the US. government's surveillancetofiTwitteriusers - through NSLs and FISA orders is (WAG mutt-Qt. The?nur'nbfer of national security. j- fl.- requests Twitter receives has ruzsg? I over-timeT but even dUri'ng the last six months 'of 2013, the combined number-of and FISA. the 249 combined requests-that the government 3-. lf Twitter decided .to report its receipt of national. se'cUrity reguests'in . 'f the scale that the other providers are using?and?report . and FISAgorders receiVed in that period (Joly ?l December?at. 2013); that. is; . orders. More precisely, Twitter receivedJalcgt 'y I FISAorders over this 'six-month period. These-requests affected a total of users, out Of approximately 240 million active user accounts.? That's 'ust of we new-r.er of our usersl In addition. These are Sitar. t\ numbers. whether considered individually. the'aggreg?ate, ores A a percentage of Twitter's total number of active users. Therefore; it is imvport'antithatj} i. we be able to share our version of the surveillance story that so mahy?others are .j ranges, We would use-ranges that are more proportional to what we receive?ie?ga? 5 .t'ryingto'tell now. We intend to make this kind of report on alregular?basis andhop?eil 7' - that. in'dojingso. we can continue to give our-users vaanble? information that'willhelp' ?them trUSt-in the safety of their communicationsas they Use Twitter tovo'ice their} _j i opinions, views. and ideas. -- A, - - Case Document 145-1 Filed 11/22/16 Page 36 of 38 (U) Exhibit 4 if ?Crag-e Docum?-ht1-45Li. . - - ng??r'al17.0.01 13?? Sll??cl,- Niw; astute-600i 20005 - '1 'l'i1ank ymi for you? IC?I?Cl?d?tUd?Api?i] 0 5 transparc?cy report. "Wielthbu'ghl. oyir dis?g?oh?yit? 212,20"! ..'vclz5y prod'uzc?tivc ?nd'Wc M10110 a'ndh?cr l?am 3: h??lye?ccn??ludedmay. .- - - - ?A?s?ydu kho?w; ,o'n l?n?ary 27,- 20?! Department r?ulliplc I 2? situ?awd tp?rr?p?mia?ggir?gated -da1asunderitih?:i l- . bande fl?wiitcr's pmposcd transparency/report seeks 16 ?publ'islii'dal?itcgardin'g . i. .a?thef?sutv'cill?i?Cg Beyond gowr?m?m i'b'porl'; 'Mtitfc s'ppci??eal'ly: it would numbers fracliith'or 'c'ju?t?par'li?c?ul?if'typgis ,proc?SS' rec-civc'd. ""1?11i3 is.inc0115istcn13LWitlu I?rahie?ro?rkfahdVdisqlos?s- perefly 1' .39 iri'fdrr'nation? r?pq'ri inb?and?sg? I . o?n' brbak-ihg omnth?cnujn'ibe'r?s by ways'the I . As'ivcihaVC'diSCusscd; Wc-bciieV? ihc're iS?Signi?'cam the. can explain that i? .31 I tidal], i? 3 . combined na'tiOnal security legal pljgiticss .-- to non-- - - U..S. persons as: w_c1?] Eas' Docum?ht: 145:1 - 1- Pagc-z? - -'aILnat'ionaLSammyl?gal- prC??S Inegspiived I. 0.0000919. by dividing 249 \by'27.1fmiuign) b?lv?witjt?r'S ?tmal? usjefs; ilh'piilierf I. dft'h'c total '31- I 'Iialli national security -it.lias' feccivcdibut i1 Wit'117'thg-f_ ?3 ?Sp?'cilie- detail that goes wellibeyo?d What aillfowcd 27thIQWOrkWithtu?s its pub'l?ic ind-manner th?aiiaj?io?lplio?jeciis" Withiapplibabl? I'aw.? Sincerely; "anws A: Baker." f-i