Privacy By Design For Everyone

News 2015

Human Rights Day: Please Support The Calyx Institute's Work

A message and an appeal from Calyx's Executive Director, Nicholas Merrill
Human Rights Day
December 10, 2015

"No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence..."
-The Universal Declaration of Human Rights

Now, for the first time in over eleven years - more than a quarter of my life - I can finally speak freely about my experience being conscripted into the FBI’s surveillance machine.

You may have seen coverage of the revelations in the news last week:

But before I dive into the topic of National Security Letters - one of the big lessons I have learned is that there are essentially three approaches to how we can grapple with the problem of our privacy rights being taken away.

1) Litigation in the courts. I have been working on that approach for a long time and I have learned a lot about procedural stalling, and how the system is unfairly stacked in favor of the government.
2) Legislative reform, despite that I was prevented from testifying before congress during the years of my gag order, my legal case resulted in some legislative reform anyway due to the publicity, but it the steps Congress has taken have been far less effective than I would have hoped. Which brings me to the third way:
3) Technical solutions to prevent the collection of communications content and metadata in the first place, and that is what we do at The Calyx Institute.

What Calyx Does

Calyx runs a significant portion of the Tor network. We run mostly Tor exit nodes, which are the most risky to run because that is where the Tor traffic appears to come from. This costs the organization a lot of money for the internet bandwidth, servers, and hosting bills. However it is important work that means a lot because we are helping people at risk to remain anonymous when accessing the Internet.

We also run an innovative Instant messaging service - currently servicing over 65,000 accounts - which you may have read about in The Intercept or if you use the ChatSecure client software on Android or Iphone, they default to using our server.

At we provide free anonymized VPN access to anyone - for free - using the open-source LEAP project's software. We also will be providing free encrypted cloud-hosted email there as well when LEAP gets that part of its project working which should be very soon. But again, this will require funding to pay for the storage.

We have a number of other projects we would really love to have the time and resources to do more on including our work with DNSSEC and DANE, as well as our Encrypted Internet Exchange. But the organization has been chronically underfunded. Calyx is funded entirely by donations, with the occasional grant here and there. And that is why I would like to ask for your support.

Telling my story

It started on Tuesday, February 10, 2004. I was working as the president of Calyx Internet Access, a small Internet hosting and security business. That day, an FBI agent knocked on my door and handed me a National Security Letter. The letter demanded numerous categories of sensitive information about one of my clients and - like nearly all of the tens of thousands of National Security Letters, or NSLs, that the FBI issues unilaterally each year - the FBI forbade me from saying anything about it. I was gagged from disclosing the mere fact the letter existed, let alone its contents.

The moment I saw the letter, I knew something was terribly wrong. As a computer scientist, I knew that the categories of records the FBI was seeking to collect would violate individual privacy, freedom of speech, and freedom of association. As a communications service provider committed to user privacy, I was acutely aware of my ethical obligation to protect other peoples’ data. So I refused to hand over the data and fought for nearly seven years, with the help of the ACLU, to challenge the unconstitutional data demand and my gag order. The case resulted in landmark rulings finding aspects of the NSL regime unconstitutional. It also resulted in the Department of Justice's Inspector General being forced to audit the FBI's use of NSL's which proved massive abuse of the NSL powers. And it resulted in the NSL provision of the law being amended to ( insufficiently ) address some of the constitutional problems. But when the lawsuit ended in 2010, I still could not disclose what the FBI had commanded me to turn over. Now, in a case where I am represented by the Yale Media Freedom and Information Access Clinic, a federal district judge has ordered that I finally be permitted to speak without restraint.

Over the course of the lawsuit, with win after win in court, we slowly chipped away at the restrictions on my speech, until the government finally gave up and stopped appealing. You can see a visual representation of the progression in this graphic of the attachment to the NSL below:

I can now reveal that the FBI believes it has the authority to demand a variety of sensitive information merely by issuing an NSL, without a warrant and without any prior judicial oversight at all. This information includes your entire web browsing history; your contact list - every person you correspond with via telephone, Skype, Facebook, instant messaging or email; and anything you have ever purchased online. Most alarmingly, the FBI believes it could use an NSL to monitor your physical location by collecting cell-site location information, which effectively turns your mobile phone into a location-tracking device.

That the FBI believes it can obtain - and has actually been collecting - this information just by issuing an NSL raise serious concerns about privacy and free speech. Because NSLs are so easy for the FBI to use and don’t require oversight by a judge, they have few safeguards against abuse. Indeed, we know that NSLs have been abused in the past. To compensate, Congress explicitly limited the FBI to collecting “non-content” metadata in the text of the NSL law.

But the secret list shows that the distinction between metadata and data is specious. Many privacy experts have explained over the past couple of years that metadata is actually much more revealing than communications content. Through automated mass dragnet surveillance of metadata from ISPs, mobile phone providers, EZ-Pass on or off tollways, and credit card transactions, the government can easily monitor the communications of and track the movements of The Tea Party, Associated Press reporters, or any other group or organization. Metadata can be used to track political opposition: who is meeting, where they are meeting and for how long. It can even reveal who is sleeping together by tracking the locations of mobile phones at night. Records of IP addresses can identify an otherwise anonymous individual communicating on the Internet, the other individuals with whom he or she communicates, and the websites or other online materials that an individual has accessed. In other words, if you try to speak anonymously on the Internet—a right protected by the First Amendment—the FBI can use your IP address to unmask you without even having to justify its actions to a court. This is precisely what the founding fathers wanted to prohibit when they crafted the 4th amendment.

It is especially troubling that the FBI believes it can use an NSL to collect cell-site location information, giving the Bureau the power to track your historical movements by plotting the location of your cell phone. Courts across the country have considered what safeguards the Fourth Amendment requires before the government can obtain exactly this information. Many have held that a full-blown warrant - or at least a court order - is required. But all the while, the FBI has secretly maintained that it can get the same records without going to court at all. In the course of my litigation against the FBI, the government said that it stopped collecting cell-site location information for the moment as a matter of policy, but it also could start doing so again without telling anyone.

Personally, what has been most challenging was being forced into an FBI scheme to keep this information secret from courts across the country, from Congress, and from the American people. I had to watch in silence as the public debated limits on the government’s ability to collect cell-cite location records, knowing full well that it was missing key information but unable to speak for fear of violating my gag. This summer, I had to watch in silence as Congress passed the USA FREEDOM Act restricting government access to this same material. Because nobody knew that the FBI felt it could get the information at the stroke of a pen if it so chose, the problem was left out of the legislative reform. I had to watch in silence. Until now.

I have written previously about how surreal and painful it was to live under a gag order that went on for far too long. But it is the American people who are harmed the most by FBI secrecy and the many thousands of NSL gag orders still in effect. At this moment in particular, with intelligence agencies again pressing for expanded surveillance powers, it is worth pausing to insist that we should know what powers they already have, how these powers are being used, and what happens to the data they collect. The public now knows some of what the FBI believed it could obtain just by issuing an NSL. What other surveillance authorities does the government claim in secret?

Federal Court Invalidates 11-Year-old FBI gag order on National Security Letter recipient Nicholas Merrill

FOR IMMEDIATE RELEASE: September 14, 2015
CONTACT: Debra Kroszner
(203) 432-1053


Court Rules There Is “No Good Reason” To Prohibit Merrill from Describing the Array of Private Information that the FBI Sweeps Up Using NSLs

NEW HAVEN, CT – A federal district court has ordered the FBI to lift an eleven-year- old gag order imposed on Nicholas Merrill forbidding him from speaking about a National Security Letter (“NSL”) that the FBI served on him in 2004. The ruling marks the first time that an NSL gag order has been lifted in full since the PATRIOT Act vastly expanded the scope of the FBI’s NSL authority in 2001. Mr. Merrill, the executive director of the Calyx Institute, is represented by law students and supervising attorneys of the Media Freedom and Information Access Clinic, a program of Yale Law School’s Abrams Institute for Freedom of Expression and Information Society Project.

For more than a decade, the government has refused to allow Mr. Merrill and other NSL recipients to tell the public just how broadly the FBI has interpreted its authority to surveil individuals’ digital lives in secret using NSLs. Tens of thousands of NSLs are issued by FBI officers every year without a warrant or judicial oversight of any kind.

The letters demand disclosure of user information and are almost always accompanied by complete gag orders. Today’s decision will finally allow Mr. Merrill to speak about all aspects of the NSL and, specifically, to inform the public about the categories of personal information that the FBI believes it can obtain using an NSL.

“For more than a decade, the FBI has fought tooth and nail in order to prevent me from speaking freely about the NSL I received,” said Mr. Merrill. “Judge Marrero’s decision vindicates the public’s right to know how the FBI uses warrantless surveillance to peer into our digital lives. I hope today’s victory will finally allow Americans to engage in an informed debate about proper the scope of the government’s warrantless surveillance powers.”

U.S. District Judge Victor Marrero’s decision invalidated the gag order in full, finding no “good reason” to prevent Merrill from speaking about any aspect of the NSL, particularly an attachment to the NSL that lists the specific types of “electronic communication transactional records” (“ECTR”) that the FBI believed it was authorized to demand. The FBI has long refused to clarify what kinds of information it sweeps up under the rubric of ECTR, a phrase that appears in the NSL statute but is not publicly defined anywhere.

Judge Marrero’s decision describes the FBI’s position as “extreme and overly broad,” affirming that “Courts cannot, consistent with the First Amendment, simply accept the Government’s assertions that disclosure would implicate and create a risk.” The Court observed that, according to the government, Mr. Merrill would only be allowed to discuss the kinds of records the FBI demanded in “a world in which no threat of terrorism exists, or a world in which the FBI, acting on its own accord and its own time, decides to disclose the contents of the Attachment.” The Court decisively rejected this position: “Such a result implicates serious issues, both with respect to the First Amendment and accountability of the government to the people.”

Merrill first challenged the NSL statute in 2004 in a landmark ACLU lawsuit that resulted in significant changes to the law but ended in 2010 with much of the gag order still intact. “Mr. Merrill has fought tirelessly for years to expose the government’s excessive use of gag orders that prevent the American public from having an informed conversation about NSL surveillance. Time and again he has been vindicated in court,” said Amanda Lynch, student director of the Media Freedom and Information Access Clinic. “This decision has once again affirmed the crucial role courts play in serving as an important check on intelligence agencies, defending the Constitution, and protecting the civil liberties of all,” Lynch added.

“Today’s decision will finally allow Mr. Merrill to shed light on the scope of the FBI’s claimed authority under the NSL statute, and to explain how the FBI’s interpretation is deeply problematic and potentially unlawful,” stated Jonathan Manes, supervising attorney in the Media Freedom and Information Access Clinic. “If the recent revelations and debates over mass surveillance have taught us anything, it is that there can be no meaningful democratic oversight if the public does not know how the law has been interpreted behind closed doors,” Manes added.

The Court’s order will go into effect in 90 days. Mr. Merrill will remain gagged for that period, in order to allow the government time to decide whether to appeal the decision.

“Judge Marrero’s careful and comprehensive decision confirms that there is no longer any reason to prevent Mr. Merrill from telling the public what he knows about NSL surveillance,” observed Lulu Pantin The FBI has conceded that the investigation that prompted the 2004 NSL is now closed. Pantin continued, “We hope the government will not appeal, so that a crucial public conversation about warrantless surveillance is not further delayed.”

Mr. Merrill is represented by law student interns Amanda Lynch, Lulu Pantin, and Rebecca Wexler and supervising attorneys Jonathan Manes and David Schulz. Former clinic students Benjamin Graham (’15), Matthew Halgren (’15), and Nicholas Handler (’15) previously worked on the case.



Our new project: Canary Watch - a site to track warrant canaries

Canary Watch logo

Canarywatch is a coalition of organizations including the Electronic Frontier Foundation, Harvard Law School's  Berkman Center for Internet and SocietyNYU's Technology Law & Policy Clinic, and the Calyx Institute. The Calyx Institute runs and hosts
"Warrant canary" is a colloquial term for a regularly published statement that a service provider has not received legal process that it would be prohibited from saying it had received, such as a national security letter. Canarywatch tracks and documents these statements.

The term "warrant canary" is a reference to the canaries used to provide warnings in coal mines, which would become visibly sick from carbon monoxide poisoning, warning of the otherwise-invisible danger.

Just like canaries in a coal mine, the canaries on web pages “die” when they are exposed to something toxic—like a secret FISA court order. Warrant canaries rely upon the legal theory of compelled speech. Compelled speech happens when a person is forced by the government to make expressive statements they do not want to make.

Fortunately, the First Amendment protects against compelled speech in most circumstances. In fact, we’re not aware of any case where a court has upheld compelled false speech. Thus, a service provider could argue that, when its statement about the legal process received is no longer true, it cannot be compelled to reissue the now false statement, and can, instead, remain silent.

So far, no court has addressed this issue. But if you’re not paying attention to a specific canary, you may never know when it changes. Plenty of providers don’t have warrant canaries. Those that do may not make them obvious. And when warrant canaries do change, it’s not always immediately obvious what that change means.

That’s why The Calyx Institute has joined with a coalition of organizations, including the Berkman Center for Internet and Society, New York University’s Technology Law & Policy Clinic, and the Electronic Frontier Foundation to launch

More at

It's Almost Our 5th Birthday -- Support The Calyx Institute Fund Drive

"The Calyx Institute is a fantastic non-profit organization that puts the privacy of its users first.  Their work has been so valuable to us at the Freedom of the Press Foundation, and we use their tools often.  They are one of the few organizations that I can unequivocally say are both worthy and in need of support"

-Trevor Timm, Executive Director, Freedom of the Press Foundation

The Calyx Institute has been operating for five years on a shoe-string budget.   Unlike some other projects, we don't have large government or foundation grants - we rely primarily on the donations of people like you to keep the organization afloat.

We have a lot of interesting projects lined up that need funding in order to be realized, and we also want to do more of what we have been doing for the past several years.  For instance we recently received a donation of dozens of servers and some very expensive network switches that we want to use but we don't have the funds to expand our data center space to house them.

This is why we have launched a fundraiser & membership drive to raise money for our upcoming fiscal year.