The tech companies won't be able to state the precise number of requests, but will be able to disclose broad ranges of numbers. If companies divulge the number of National Security Letters received, they must do so within bands of 1,000. For instance, companies will be able to say that they received between 0 and 999 National Security Letters within a six-month time period.
Companies that want to release combined information about National Security Letters and orders issued pursuant to the Foreign Intelligence Surveillance Act can use bands of 250. In other words, they can say they received between 0 and 249 combined letters and FISA orders for a six-month period.
DOJ's move could resolve a lawsuit by Apple, Google, Microsoft, Yahoo, Facebook and LinkedIn. Those companies went to court last year shortly after former NSA contractor Edward Snowden began revealing information about the extent to which the agency snooped on Web users. The tech companies argued that they had a free speech right to publish data about the National Security Agency's request for user information.
The government's decision comes around one week after President Barack Obama called to loosen the secrecy rules surrounding the NSA's data gathering.
While the move seems to mark a step forward for transparency, it's worth nothing that National Security Letters and court orders to Web companies are only one small component of the NSA's surveillance efforts. The agency also reportedly is able to intercept messages, crack encryption and otherwise capture data that travels the Web. In fact, earlier today reports surfaced that the NSA captures data that's “leaked” by apps like Angry Birds and Google Maps. In other words, we'll probably never know the full extent of surveillance conducted by the agency, despite the new rules announced today by the Justice Department.