There has been a lot of news coverage about the “subpoenas” served on Twitter for information about certain users relating to WikiLeaks. I gave an interview on the legal issues raised by investigation here to NPR’s Marketplace Tech Report (start around 1:45), and I wanted to offer a few more thoughts.
The “subpoenas” used in this case are actuallly 2703(d) orders, issued under 18 U.S.C. 2703(d), part of the Stored Communications Act. Section 2703(d) was enacted in 1994, and the idea was to add extra privacy protection to Internet account records beyond the usual subpoena protection afforded in criminal investigations. Under 2703(d), the government has to apply for the court order and prove “specific and articulable facts” that the information is relevant and material to a criminal investigation. This is less than a search warrant and more than a subpoena: It’s essentially the “Terry” standard, for those familiar with Fourth Amendment law. You can read all about the 2703(d) standard, and about the Stored Communications Act more generally, in A User’s Guide to the Stored Communications Act.
The interesting thing about the Twitter 2703(d) orders — as compared to 2703(d) orders in every other routine case — is that the orders in this case were made public after Twitter went to court to get them unsealed. Other than that, they’re standard orders that simply copy the model language used in DOJ’s computer search and seizure manual. Given that the orders used the model language, rather than tailor it to the specific information that Twitter has, there is likely to be some negotiation between Twitter and DOJ as to exactly what the lanuage means and what Twitter has to turn over. But based on the orders themselves, what is interesting is how standard this is. From what we know so far, it looks like these are the usual orders obtained in the usual way, much like any other computer crime case.